972 matches found
CVE-2013-3900
Why is Microsoft republishing a CVE from 2013?We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the format i...
CVE-2021-1675
Windows Print Spooler Remote Code Execution Vulnerability
CVE-2020-0796
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
CVE-2021-40444
<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p><p>An attacker could craft a malicious...
CVE-2020-0787
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
CVE-2021-40449
Win32k Elevation of Privilege Vulnerability
CVE-2021-1732
Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-24521
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2020-0601
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, l...
CVE-2022-21882
Win32k Elevation of Privilege Vulnerability
CVE-2020-0986
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...
CVE-2020-17087
Windows Kernel Local Elevation of Privilege Vulnerability
CVE-2022-21971
Windows Runtime Remote Code Execution Vulnerability
CVE-2020-1020
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...
CVE-2021-36934
<p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An ...
CVE-2022-22718
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2020-0683
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.
CVE-2021-41379
Windows Installer Elevation of Privilege Vulnerability
CVE-2022-21999
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-31956
Windows NTFS Elevation of Privilege Vulnerability
CVE-2020-1054
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.
CVE-2022-26925
Windows LSA Spoofing Vulnerability
CVE-2021-36948
Windows Update Medic Service Elevation of Privilege Vulnerability
CVE-2021-34484
Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2021-33742
Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2021-34448
Scripting Engine Memory Corruption Vulnerability
CVE-2021-31199
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
CVE-2021-31979
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-31201
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
CVE-2021-31955
Windows Kernel Information Disclosure Vulnerability
CVE-2021-33739
Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2021-33771
Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-1464
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.In an attack scenario, an attacker could bypass security features intended to prevent imprope...
CVE-2022-21919
Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2021-28310
Win32k Elevation of Privilege Vulnerability
CVE-2021-36955
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-26904
Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2020-0938
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...
CVE-2020-1027
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.
CVE-2021-40450
Win32k Elevation of Privilege Vulnerability
CVE-2021-34486
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2022-26923
Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2020-0638
An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.
CVE-2022-26809
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2022-29130
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-22012
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-21990
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2022-24503
Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2022-23288
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-24481
Windows Common Log File System Driver Elevation of Privilege Vulnerability