563 matches found
CVE-2020-1553
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applica...
CVE-2020-1578
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a ker...
CVE-2020-1593
<p>A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.</p><p>There are multiple ways an attacker could exploit the vulnerability, such as by convi...
CVE-2021-1656
TPM Device Driver Information Disclosure Vulnerability
CVE-2021-1667
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-26891
Windows Container Execution Agent Elevation of Privilege Vulnerability
CVE-2020-1534
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-16889
<p>An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p><p>To exploit this vulnerability, an attacker would ha...
CVE-2020-16960
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2021-1671
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-1682
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-24080
Windows Trust Verification API Denial of Service Vulnerability
CVE-2021-25195
Windows PKU2U Elevation of Privilege Vulnerability
CVE-2019-1018
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ful...
CVE-2019-1028
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulner...
CVE-2020-1542
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u...
CVE-2020-1545
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u...
CVE-2020-1546
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u...
CVE-2020-1548
An information disclosure vulnerability exists when the Windows WaasMedic Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to improperly disclose memory.Th...
CVE-2020-1556
An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia...
CVE-2020-16902
<p>An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.</p><p>A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could ...
CVE-2020-16998
DirectX Elevation of Privilege Vulnerability
CVE-2020-17043
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17057
Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-1637
Windows DNS Query Information Disclosure Vulnerability
CVE-2021-1668
Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability
CVE-2021-1673
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28350
Windows GDI+ Remote Code Execution Vulnerability
CVE-2019-1174
An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia...
CVE-2020-1521
An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ...
CVE-2020-1522
An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security ...
CVE-2020-1551
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u...
CVE-2020-17090
Microsoft Defender for Endpoint Security Feature Bypass Vulnerability
CVE-2021-1680
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-28313
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2019-0710
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual mach...
CVE-2019-0723
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabi...
CVE-2019-1017
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; o...
CVE-2019-1050
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...
CVE-2020-16890
<p>An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create n...
CVE-2020-16921
<p>An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow ...
CVE-2021-1653
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1660
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-1676
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
CVE-2021-28325
Windows SMB Information Disclosure Vulnerability
CVE-2021-28447
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
CVE-2019-0984
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have ...
CVE-2019-1153
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker wou...
CVE-2020-1524
An elevation of privilege vulnerability exists when the Windows Speech Shell Components improperly handle memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s...
CVE-2020-1526
An elevation of privilege vulnerability exists when the Windows Network Connection Broker improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.Th...