207 matches found
CVE-2020-0911
An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted a...
CVE-2020-1115
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have ...
CVE-2020-17011
Windows Port Class Library Elevation of Privilege Vulnerability
CVE-2020-17047
Windows Network File System Denial of Service Vulnerability
CVE-2020-17069
Windows NDIS Information Disclosure Vulnerability
CVE-2020-0782
An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.To exploit this vulnerability, an attacker would first have to log on ...
CVE-2020-17032
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17037
Windows WalletService Elevation of Privilege Vulnerability
CVE-2020-0838
An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafte...
CVE-2020-1598
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v...
CVE-2020-16876
An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code e...
CVE-2020-17034
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-16905
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to ...
CVE-2020-17004
Windows Graphics Component Information Disclosure Vulnerability
CVE-2020-17033
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17041
Windows Print Configuration Elevation of Privilege Vulnerability
CVE-2020-17068
Windows GDI+ Remote Code Execution Vulnerability
CVE-2020-17099
Windows Lock Screen Security Feature Bypass Vulnerability
CVE-2020-0922
A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted file...
CVE-2020-1053
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ful...
CVE-2020-17045
Windows KernelStream Information Disclosure Vulnerability
CVE-2020-0912
An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privil...
CVE-2020-16900
An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-17027
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17046
Windows Error Reporting Denial of Service Vulnerability
CVE-2020-1038
A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system...
CVE-2020-1074
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2020-1245
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; o...
CVE-2020-17029
Windows Canonical Display Driver Information Disclosure Vulnerability
CVE-2020-0921
Microsoft Graphics Component Denial of Service Vulnerability
CVE-2020-1491
An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could...
CVE-2020-16973
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-17056
Windows Network File System Information Disclosure Vulnerability
CVE-2020-0839
An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craft...
CVE-2020-1256
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...
CVE-2020-1471
An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.To exploit the vulnerability, an attacker would have to log on to an aff...
CVE-2020-16912
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-0790
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.This vulnerability by itself does not allow arbitrary code ex...
CVE-2020-17007
Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2020-17028
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-1030
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...
CVE-2020-1052
An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafte...
CVE-2020-16976
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-17024
Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability
CVE-2020-17113
Windows Camera Codec Information Disclosure Vulnerability
CVE-2020-1097
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...
CVE-2020-1589
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...
CVE-2020-17071
Windows Delivery Optimization Information Disclosure Vulnerability
CVE-2020-16999
Windows WalletService Information Disclosure Vulnerability
CVE-2020-0875
An information disclosure vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system (low-integrity to medium-integrity).This vulnerability by itself does not allow arbitr...