CVE-2024-43644

Windows Client-Side Caching Elevation of Privilege Vulnerability

CVE-2025-21373

Windows Installer Elevation of Privilege Vulnerability

CVE-2025-27478

Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

CVE-2025-27727

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

CVE-2018-8222

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVE-2019-0983

An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.To exploit the vulnerability, an attacker would first have to gain execution on t...

CVE-2019-1198

An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerabi...

CVE-2019-1384

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'Microsoft Windows Security Feature Bypass Vulnerability'.

CVE-2019-1474

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1472.

CVE-2020-0744

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'.

CVE-2020-0769

An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-20...

CVE-2020-0955

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure in CPU Memory Access'.

CVE-2020-1071

An elevation of privilege vulnerability exists when Windows improperly handles errors tied to Remote Access Common Dialog, aka 'Windows Remote Access Common Dialog Elevation of Privilege Vulnerability'.

CVE-2020-1212

An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'OLE Automation Elevation of Privilege Vulnerability'.

CVE-2020-1231

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306, CVE-2020-133...

CVE-2020-1271

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'.

CVE-2020-1400

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1401, CVE-2020-1407.

CVE-2020-1404

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1353, CVE-2020-1370, CVE-2020-1399, CVE-2020-1413, CVE-2020-1414, CVE-2020-141...

CVE-2020-1428

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1427, CVE-2020-1438.

CVE-2020-16905

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to ...

CVE-2020-17004

Windows Graphics Component Information Disclosure Vulnerability

CVE-2020-17033

Windows Remote Access Elevation of Privilege Vulnerability

CVE-2020-17041

Windows Print Configuration Elevation of Privilege Vulnerability

CVE-2020-17068

Windows GDI+ Remote Code Execution Vulnerability

CVE-2020-17099

Windows Lock Screen Security Feature Bypass Vulnerability

CVE-2020-17162

Microsoft Windows Security Feature Bypass Vulnerability

CVE-2021-28351

Windows Speech Runtime Elevation of Privilege Vulnerability

CVE-2021-43233

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2022-35753

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

CVE-2022-44670

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

CVE-2023-32042

OLE Automation Information Disclosure Vulnerability

CVE-2023-35318

Remote Procedure Call Runtime Denial of Service Vulnerability

CVE-2023-35324

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-36871

Azure Active Directory Security Feature Bypass Vulnerability

CVE-2024-38019

Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability

CVE-2024-38043

PowerShell Elevation of Privilege Vulnerability

CVE-2024-38051

Windows Graphics Component Remote Code Execution Vulnerability

CVE-2024-43626

Windows Telephony Service Elevation of Privilege Vulnerability

CVE-2024-49104

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-21261

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21285

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21375

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2025-21409

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2018-1009

An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Wind...

CVE-2018-8212

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. T...

CVE-2018-8231

A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVE-2018-8347

An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVE-2019-1186

An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted...

CVE-2019-1272

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulne...

CVE-2019-1358

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1359.