3565 matches found
CVE-2024-49072
Windows Task Scheduler Elevation of Privilege Vulnerability
CVE-2024-49124
Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability
CVE-2025-21226
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21242
Windows Kerberos Information Disclosure Vulnerability
CVE-2025-27483
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
CVE-2019-0788
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-1290, CVE-2019-1291.
CVE-2019-1046
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...
CVE-2019-1074
An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vul...
CVE-2019-1143
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...
CVE-2019-1180
An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted...
CVE-2019-1212
A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding.To exploit the vulnerability, a remote unauthenticated attacker coul...
CVE-2019-1248
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1246, CVE-2019-1247,...
CVE-2019-1456
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts, aka 'OpenType Font Parsing Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1419.
CVE-2020-0648
An elevation of privilege vulnerability exists when the Windows RSoP Service Application improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The...
CVE-2020-0684
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.
CVE-2020-0708
A remote code execution vulnerability exists when the Windows Imaging Library improperly handles memory.To exploit this vulnerability, an attacker would first have to coerce a victim to open a specially crafted file.The security update addresses the vulnerability by correcting how the Windows Imagi...
CVE-2020-0840
An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0841, CVE-2020-0849, CVE-2020-0896.
CVE-2020-0965
A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'.
CVE-2020-1085
An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'.
CVE-2020-1208
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1236.
CVE-2020-1235
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306, CVE-2020-133...
CVE-2020-1333
An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points, aka 'Group Policy Services Policy Processing Elevation of Privilege Vulnerability'.
CVE-2020-1398
An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly handle Ease of Access dialog.An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.The security update addresses the vulnerability by ensuring that the Ease o...
CVE-2020-16974
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-17038
Win32k Elevation of Privilege Vulnerability
CVE-2020-17055
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17139
Windows Overlay Filter Security Feature Bypass Vulnerability
CVE-2021-1650
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2021-1654
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1694
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2021-1695
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1696
Windows Graphics Component Information Disclosure Vulnerability
CVE-2021-24079
Windows Backup Engine Information Disclosure Vulnerability
CVE-2021-28349
Windows GDI+ Remote Code Execution Vulnerability
CVE-2022-23290
Windows Inking COM Elevation of Privilege Vulnerability
CVE-2022-38039
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-41094
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2023-21691
Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability
CVE-2023-32044
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-35297
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-35332
Windows Remote Desktop Protocol Security Feature Bypass
CVE-2023-36905
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
CVE-2024-30035
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2024-30066
Winlogon Elevation of Privilege Vulnerability
CVE-2024-49079
Input Method Editor (IME) Remote Code Execution Vulnerability
CVE-2025-21191
Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.
CVE-2025-21241
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21295
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
CVE-2025-21349
Windows Remote Desktop Configuration Service Tampering Vulnerability
CVE-2025-27731
Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.