Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftWindows 10

3000 matches found

CVE
CVEadded 2020/03/12 4:15 p.m.1384 views

CVE-2020-0787

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.59671EPSS
CVE
CVEadded 2020/01/14 11:15 p.m.1294 views

CVE-2020-0601

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, l...

8.1CVSS7.6AI score0.94044EPSS
CVE
CVEadded 2020/06/09 8:15 p.m.1247 views

CVE-2020-0986

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVEadded 2020/11/11 7:15 a.m.1242 views

CVE-2020-17087

Windows Kernel Local Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.15084EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.1204 views

CVE-2020-1020

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

8.8CVSS8.2AI score0.8787EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.1169 views

CVE-2020-0683

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.

7.8CVSS8AI score0.27418EPSS
CVE
CVEadded 2021/06/08 11:15 p.m.1161 views

CVE-2021-31956

Windows NTFS Elevation of Privilege Vulnerability

9.3CVSS8.5AI score0.85551EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.1149 views

CVE-2020-1054

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.

7.8CVSS7.8AI score0.80387EPSS
CVE
CVEadded 2019/07/15 7:15 p.m.1147 views

CVE-2019-0880

A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'.

7.8CVSS7.5AI score0.0137EPSS
CVE
CVEadded 2019/04/09 9:29 p.m.1140 views

CVE-2019-0859

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.

7.8CVSS8.2AI score0.84886EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.1135 views

CVE-2019-1405

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'.

7.8CVSS8.4AI score0.58623EPSS
CVE
CVEadded 2021/07/14 6:15 p.m.1131 views

CVE-2021-31979

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.01032EPSS
CVE
CVEadded 2019/12/10 10:15 p.m.1124 views

CVE-2019-1458

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.8CVSS8.2AI score0.92947EPSS
CVE
CVEadded 2019/04/09 9:29 p.m.1123 views

CVE-2019-0803

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.

7.8CVSS8.2AI score0.84886EPSS
CVE
CVEadded 2019/07/29 2:13 p.m.1093 views

CVE-2019-1130

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129.

7.8CVSS7.7AI score0.08868EPSS
CVE
CVEadded 2019/10/10 2:15 p.m.1070 views

CVE-2019-1315

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342.

7.8CVSS8.5AI score0.06219EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.1068 views

CVE-2020-0938

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

7.8CVSS8.2AI score0.8787EPSS
CVE
CVEadded 2019/05/16 7:29 p.m.1066 views

CVE-2019-0863

An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

7.8CVSS7.7AI score0.13544EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.1063 views

CVE-2019-1215

An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.

7.8CVSS8.1AI score0.19565EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.1062 views

CVE-2020-1027

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.

7.8CVSS8AI score0.13396EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.1061 views

CVE-2019-1214

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.11567EPSS
CVE
CVEadded 2019/04/09 12:29 a.m.1057 views

CVE-2019-0703

An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0704, CVE-2019-0821.

6.5CVSS6.8AI score0.14208EPSS
CVE
CVEadded 2019/04/09 3:29 a.m.1046 views

CVE-2019-0797

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.

7.8CVSS8.2AI score0.52291EPSS
CVE
CVEadded 2019/05/16 7:29 p.m.1016 views

CVE-2019-0903

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

9.3CVSS8AI score0.50678EPSS
CVE
CVEadded 2022/01/11 9:15 p.m.935 views

CVE-2022-21907

HTTP Protocol Stack Remote Code Execution Vulnerability

10CVSS9.7AI score0.9179EPSS
CVE
CVEadded 2015/08/15 12:59 a.m.906 views

CVE-2015-1769

Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles symlinks, which allows physically proximate attackers to execute arbitrary code by connecting ...

7.2CVSS7.3AI score0.14049EPSS
CVE
CVEadded 2015/07/20 6:59 p.m.896 views

CVE-2015-2426

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a cra...

9.3CVSS7.4AI score0.91723EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.791 views

CVE-2019-1388

An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.02925EPSS
CVE
CVEadded 2018/05/22 12:29 p.m.722 views

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store ...

5.5CVSS5.9AI score0.46737EPSS
CVE
CVEadded 2018/09/06 9:29 p.m.635 views

CVE-2018-5391

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation hav...

7.8CVSS7.7AI score0.01732EPSS
CVE
CVEadded 2022/04/15 7:15 p.m.626 views

CVE-2022-26809

Remote Procedure Call Runtime Remote Code Execution Vulnerability

10CVSS9.6AI score0.92281EPSS
CVE
CVEadded 2019/09/03 6:15 p.m.590 views

CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an a...

5.6CVSS6.8AI score0.15102EPSS
CVE
CVEadded 2022/05/10 9:15 p.m.583 views

CVE-2022-29130

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.06808EPSS
CVE
CVEadded 2022/07/12 11:15 p.m.576 views

CVE-2022-30209

Windows IIS Server Elevation of Privilege Vulnerability

7.4CVSS7.9AI score0.01421EPSS
CVE
CVEadded 2020/06/08 5:15 p.m.539 views

CVE-2020-12695

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

7.8CVSS7.6AI score0.03322EPSS
CVE
CVEadded 2021/05/11 8:15 p.m.521 views

CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802...

3.5CVSS6.4AI score0.00848EPSS
CVE
CVEadded 2018/03/14 5:29 p.m.494 views

CVE-2018-0886

The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execu...

7.6CVSS7AI score0.91013EPSS
CVE
CVEadded 2023/01/10 10:15 p.m.480 views

CVE-2023-21752

Windows Backup Service Elevation of Privilege Vulnerability

7.1CVSS7AI score0.42532EPSS
CVE
CVEadded 2022/06/14 10:15 p.m.471 views

CVE-2022-32230

Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most ...

7.8CVSS7.5AI score0.04085EPSS
CVE
CVEadded 2022/03/09 5:15 p.m.460 views

CVE-2022-24508

Win32 File Enumeration Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.02271EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.438 views

CVE-2019-1181

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. A...

10CVSS9.7AI score0.73187EPSS
CVE
CVEadded 2016/04/12 11:59 p.m.422 views

CVE-2016-0128

The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the-middle attackers ...

6.8CVSS6.4AI score0.34582EPSS
CVE
CVEadded 2022/05/10 9:15 p.m.406 views

CVE-2022-22012

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.07142EPSS
CVE
CVEadded 2023/10/10 6:15 p.m.396 views

CVE-2023-36589

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

7.3CVSS8.4AI score0.00423EPSS
CVE
CVEadded 2023/10/10 6:15 p.m.384 views

CVE-2023-36591

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

7.3CVSS8.4AI score0.00423EPSS
CVE
CVEadded 2022/03/09 5:15 p.m.380 views

CVE-2022-21990

Remote Desktop Client Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.15329EPSS
CVE
CVEadded 2023/10/10 6:15 p.m.380 views

CVE-2023-36697

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

8CVSS8.1AI score0.00144EPSS
CVE
CVEadded 2020/06/09 8:15 p.m.379 views

CVE-2020-1206

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'.

7.5CVSS7.4AI score0.47718EPSS
CVE
CVEadded 2023/10/10 6:15 p.m.375 views

CVE-2023-36581

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS8.4AI score0.00387EPSS
CVE
CVEadded 2023/10/10 6:15 p.m.375 views

CVE-2023-36593

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

7.8CVSS8.4AI score0.0065EPSS
Total number of security vulnerabilities3000