3039 matches found
CVE-2025-21349
Windows Remote Desktop Configuration Service Tampering Vulnerability
CVE-2025-26644
Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.
CVE-2018-8484
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, W...
CVE-2018-8492
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, ...
CVE-2018-8592
An elevation of privilege vulnerability exists in Windows 10 version 1809 when installed from physical media (USB, DVD, etc, aka "Windows Elevation Of Privilege Vulnerability." This affects Windows 10, Windows Server 2019.
CVE-2019-1121
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-112...
CVE-2019-1391
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2018-12207.
CVE-2019-1483
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-...
CVE-2019-1488
A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers, aka 'Microsoft Defender Security Feature Bypass Vulnerability'.
CVE-2020-0613
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628...
CVE-2020-0704
An elevation of privilege vulnerability exists when the Windows Wireless Network Manager improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Wireless Network Manager Elevation of Privilege Vulnerability'.
CVE-2020-0739
An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0737.
CVE-2020-0858
An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CV...
CVE-2020-0960
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994,...
CVE-2020-0964
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.
CVE-2020-1160
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.
CVE-2020-1162
An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from...
CVE-2020-1282
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1304, CVE-2020-1306, CVE-2020-133...
CVE-2021-34511
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-38637
Windows Storage Information Disclosure Vulnerability
CVE-2022-26797
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-34726
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-35833
Windows Secure Channel Denial of Service Vulnerability
CVE-2022-37989
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2022-44683
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21697
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
CVE-2023-28276
Windows Group Policy Security Feature Bypass Vulnerability
CVE-2023-32056
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
CVE-2023-35312
Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability
CVE-2023-35328
Windows Transaction Manager Elevation of Privilege Vulnerability
CVE-2023-36913
Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2024-30003
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-30005
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-30039
Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-30089
Microsoft Streaming Service Elevation of Privilege Vulnerability
CVE-2024-38049
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
CVE-2024-38062
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-38064
Windows TCP/IP Information Disclosure Vulnerability
CVE-2024-38143
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
CVE-2024-43627
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2024-43629
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2024-43636
Win32k Elevation of Privilege Vulnerability
CVE-2025-21368
Microsoft Digest Authentication Remote Code Execution Vulnerability
CVE-2025-21419
Windows Setup Files Cleanup Elevation of Privilege Vulnerability
CVE-2025-24035
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVE-2025-24058
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2019-1060
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'.
CVE-2019-1097
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1093.
CVE-2019-1286
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1252.
CVE-2019-1321
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List (DACL), aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'.