Windows Server Security Vulnerabilities

CVE-2020-1293

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1278.

CVE-2020-1294

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1287.

CVE-2020-1299

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

CVE-2020-1300

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious ...

CVE-2020-1301

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.

CVE-2020-1302

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerabi...

CVE-2020-1304

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1306, CVE-2020-133...

CVE-2020-1305

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

CVE-2020-1306

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-133...

CVE-2020-1309

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Microsoft Store Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique fro...

CVE-2020-1310

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1251, CVE-2020-1253.

CVE-2020-1311

An elevation of privilege vulnerability exists when Component Object Model (COM) client uses special case IIDs, aka 'Component Object Model Elevation of Privilege Vulnerability'.

CVE-2020-1312

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerabi...

CVE-2020-1314

An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server fails to properly handle messages sent from TSF clients, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'.

CVE-2020-1316

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...

CVE-2020-1317

An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.

CVE-2020-1324

An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from...

CVE-2020-1334

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-130...

CVE-2020-1348

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

CVE-2020-1461

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.

CVE-2021-26414

Windows DCOM Server Security Feature Bypass

CVE-2021-26441

Storage Spaces Controller Elevation of Privilege Vulnerability

CVE-2021-36953

Windows TCP/IP Denial of Service Vulnerability

CVE-2021-36970

Windows Print Spooler Spoofing Vulnerability

CVE-2021-38662

Windows Fast FAT File System Driver Information Disclosure Vulnerability

CVE-2021-38663

Windows exFAT File System Information Disclosure Vulnerability

CVE-2021-40443

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-40454

Rich Text Edit Control Information Disclosure Vulnerability

CVE-2021-40455

Windows Installer Spoofing Vulnerability

CVE-2021-40456

Windows AD FS Security Feature Bypass Vulnerability

CVE-2021-40460

Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability

CVE-2021-40461

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2021-40462

Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability

CVE-2021-40464

Windows Nearby Sharing Elevation of Privilege Vulnerability

CVE-2021-40465

Windows Text Shaping Remote Code Execution Vulnerability

CVE-2021-42282

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2021-42283

NTFS Elevation of Privilege Vulnerability

CVE-2021-42284

Windows Hyper-V Denial of Service Vulnerability

CVE-2021-42285

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-42286

Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability

CVE-2021-42291

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2021-43207

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-43215

iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution

CVE-2021-43216

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

CVE-2021-43217

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability

CVE-2021-43219

DirectX Graphics Kernel File Denial of Service Vulnerability

CVE-2021-43222

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2021-43223

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2021-43224

Windows Common Log File System Driver Information Disclosure Vulnerability

CVE-2021-43226

Windows Common Log File System Driver Elevation of Privilege Vulnerability