Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftWindows 10 1803

1464 matches found

cve
cveadded 2020/02/11 10:15 p.m.196 views

CVE-2020-0668

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.

7.8CVSS7.7AI score0.79504EPSS
cve
cveadded 2019/10/10 2:15 p.m.195 views

CVE-2019-1320

An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1322, CVE-2019-1340.

7.8CVSS7.8AI score0.38187EPSS
cve
cveadded 2020/05/21 11:15 p.m.194 views

CVE-2020-1143

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1054.

7.8CVSS7.8AI score0.80387EPSS
cve
cveadded 2019/03/06 12:0 a.m.189 views

CVE-2019-0630

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633.

9CVSS9.3AI score0.33738EPSS
cve
cveadded 2019/07/15 7:15 p.m.188 views

CVE-2019-1088

An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1087.

7.8CVSS7.6AI score0.00278EPSS
cve
cveadded 2021/02/25 11:15 p.m.186 views

CVE-2021-24086

Windows TCP/IP Denial of Service Vulnerability

7.5CVSS8.5AI score0.37202EPSS
cve
cveadded 2019/01/08 9:29 p.m.184 views

CVE-2019-0584

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Se...

9.3CVSS8AI score0.35437EPSS
cve
cveadded 2019/07/29 2:13 p.m.183 views

CVE-2019-1127

A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-112...

9.3CVSS8.4AI score0.40075EPSS
cve
cveadded 2020/10/16 11:15 p.m.183 views

CVE-2020-16898

<p>A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.</p><p>To exploit this vulnerability,...

8.8CVSS8.7AI score0.30684EPSS
cve
cveadded 2020/02/11 10:15 p.m.182 views

CVE-2020-0662

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.

9CVSS8.4AI score0.34804EPSS
cve
cveadded 2021/05/11 7:15 p.m.182 views

CVE-2021-28455

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.09683EPSS
cve
cveadded 2019/08/14 9:15 p.m.180 views

CVE-2019-1151

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ...

9.3CVSS9.1AI score0.33915EPSS
cve
cveadded 2020/01/14 11:15 p.m.180 views

CVE-2020-0642

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0624.

7.8CVSS8.5AI score0.15527EPSS
cve
cveadded 2019/07/15 7:15 p.m.179 views

CVE-2019-1094

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116.

6.5CVSS6.1AI score0.12437EPSS
cve
cveadded 2020/08/17 7:15 p.m.179 views

CVE-2020-1530

An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security updat...

7.8CVSS8.3AI score0.00594EPSS
cve
cveadded 2020/02/11 10:15 p.m.178 views

CVE-2020-0689

A security feature bypass vulnerability exists in secure boot, aka 'Microsoft Secure Boot Security Feature Bypass Vulnerability'.

6.7CVSS6.8AI score0.00158EPSS
cve
cveadded 2021/03/11 4:15 p.m.177 views

CVE-2021-26899

Windows UPnP Device Host Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00436EPSS
cve
cveadded 2019/07/15 7:15 p.m.176 views

CVE-2019-1096

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.23126EPSS
cve
cveadded 2019/07/15 7:15 p.m.175 views

CVE-2019-1086

An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1087, CVE-2019-1088.

7.8CVSS7.6AI score0.00278EPSS
cve
cveadded 2018/11/14 1:29 a.m.174 views

CVE-2018-8256

A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, ...

9.3CVSS7.7AI score0.17753EPSS
cve
cveadded 2019/07/15 7:15 p.m.172 views

CVE-2019-1037

An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

7CVSS7.2AI score0.00268EPSS
cve
cveadded 2019/07/15 7:15 p.m.172 views

CVE-2019-1091

An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'.

5.5CVSS5.8AI score0.00933EPSS
cve
cveadded 2019/07/15 7:15 p.m.171 views

CVE-2019-0966

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'.

6.8CVSS6.5AI score0.00339EPSS
cve
cveadded 2019/08/14 9:15 p.m.169 views

CVE-2019-1155

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8.8AI score0.09677EPSS
cve
cveadded 2019/09/11 10:15 p.m.169 views

CVE-2019-1244

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1245, CVE-2019-1251.

6.5CVSS6.2AI score0.27638EPSS
cve
cveadded 2020/10/16 11:15 p.m.169 views

CVE-2020-16923

<p>A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.</p><p>To exploit the vulnerability, a user would have to open a specially...

7.8CVSS8.3AI score0.08517EPSS
cve
cveadded 2018/10/10 1:29 p.m.167 views

CVE-2018-8413

A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Serve...

9.3CVSS7.9AI score0.52893EPSS
cve
cveadded 2020/07/14 11:15 p.m.167 views

CVE-2020-1421

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

9.3CVSS9.1AI score0.47986EPSS
cve
cveadded 2018/11/14 1:29 a.m.166 views

CVE-2018-8407

An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider" driver improperly initializes objects in memory, aka "MSRPC Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Wi...

5.5CVSS6.7AI score0.00704EPSS
cve
cveadded 2021/05/11 7:15 p.m.166 views

CVE-2021-31186

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

7.4CVSS7.6AI score0.12012EPSS
cve
cveadded 2019/09/11 10:15 p.m.165 views

CVE-2019-1246

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1247, CVE-2019-1248,...

9.3CVSS8.5AI score0.35463EPSS
cve
cveadded 2020/08/17 7:15 p.m.165 views

CVE-2020-1492

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacke...

7.8CVSS8.1AI score0.14799EPSS
cve
cveadded 2020/10/16 11:15 p.m.165 views

CVE-2020-16896

<p>An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s syste...

7.5CVSS7.6AI score0.1565EPSS
cve
cveadded 2021/02/25 11:15 p.m.165 views

CVE-2021-24074

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.14391EPSS
cve
cveadded 2019/03/06 12:0 a.m.162 views

CVE-2019-0626

A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'.

9.8CVSS9.5AI score0.57246EPSS
cve
cveadded 2020/10/16 11:15 p.m.161 views

CVE-2020-1167

<p>A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.</p><p>To exploit the vulnerability, a user would have to open a specially...

9.3CVSS7.8AI score0.09107EPSS
cve
cveadded 2020/11/11 7:15 a.m.161 views

CVE-2020-17042

Windows Print Spooler Remote Code Execution Vulnerability

9.3CVSS9.3AI score0.17242EPSS
cve
cveadded 2018/11/14 1:29 a.m.160 views

CVE-2018-8566

A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption, aka "BitLocker Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

4.6CVSS4.9AI score0.00217EPSS
cve
cveadded 2019/07/15 7:15 p.m.160 views

CVE-2019-1071

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1073.

5.5CVSS5.8AI score0.00349EPSS
cve
cveadded 2018/06/14 12:29 p.m.159 views

CVE-2018-8251

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server ...

7.6CVSS8AI score0.12893EPSS
cve
cveadded 2018/11/14 1:29 a.m.159 views

CVE-2018-8544

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 201...

9.3CVSS7.7AI score0.73662EPSS
cve
cveadded 2020/06/09 8:15 p.m.159 views

CVE-2020-1281

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.

8.8CVSS8.5AI score0.27332EPSS
cve
cveadded 2018/12/12 12:29 a.m.157 views

CVE-2018-8626

A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests, aka "Windows DNS Server Heap Overflow Vulnerability." This affects Windows Server 2012 R2, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers.

10CVSS9.5AI score0.14737EPSS
cve
cveadded 2020/10/16 11:15 p.m.157 views

CVE-2020-16913

<p>An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or d...

7.8CVSS7.8AI score0.00744EPSS
cve
cveadded 2019/06/12 2:29 p.m.156 views

CVE-2019-1019

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access anothe...

8.5CVSS7.1AI score0.04674EPSS
cve
cveadded 2019/06/12 2:29 p.m.156 views

CVE-2019-1065

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new ...

7.8CVSS7.3AI score0.00767EPSS
cve
cveadded 2019/09/11 10:15 p.m.156 views

CVE-2019-1291

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-0788, CVE-2019-1290.

9.3CVSS8.8AI score0.32912EPSS
cve
cveadded 2020/08/17 7:15 p.m.156 views

CVE-2020-1537

An elevation of privilege vulnerability exists when the Windows Remote Access improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. An...

7.8CVSS8.3AI score0.00513EPSS
cve
cveadded 2021/01/12 8:15 p.m.154 views

CVE-2021-1638

Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the rem...

7.7CVSS7.8AI score0.00399EPSS
cve
cveadded 2021/01/12 8:15 p.m.154 views

CVE-2021-1658

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.3AI score0.01239EPSS
Total number of security vulnerabilities1464