Lucene search

K
MicrosoftWindows 10 2004

49 matches found

CVE
CVE
added 2020/10/16 11:15 p.m.225 views

CVE-2020-16916

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An atta...

7.8CVSS8.2AI score0.00744EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.207 views

CVE-2020-16938

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...

5.5CVSS5.5AI score0.10627EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.204 views

CVE-2020-16891

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could caus...

8.8CVSS8.7AI score0.00539EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.183 views

CVE-2020-16898

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.To exploit this vulnerability, an attack...

8.8CVSS8.7AI score0.32378EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.169 views

CVE-2020-16923

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted f...

7.8CVSS8.3AI score0.08517EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.165 views

CVE-2020-16896

An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.T...

7.5CVSS7.6AI score0.1565EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.161 views

CVE-2020-1167

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted f...

9.3CVSS7.8AI score0.09107EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.157 views

CVE-2020-16913

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or dele...

7.8CVSS7.8AI score0.00744EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.149 views

CVE-2020-0764

An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. ...

7.8CVSS8.2AI score0.00542EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.148 views

CVE-2020-16910

A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location.To exploit this vulnerability, an attacker could run a specially crafte...

6.2CVSS7AI score0.02409EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.143 views

CVE-2020-16911

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or dele...

9.3CVSS8.7AI score0.15789EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.143 views

CVE-2020-16927

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.To e...

7.8CVSS7.7AI score0.20923EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.137 views

CVE-2020-1243

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtua...

7.8CVSS7.7AI score0.00524EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.136 views

CVE-2020-16887

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker coul...

7.8CVSS8.1AI score0.00717EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.136 views

CVE-2020-16924

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8.3AI score0.10395EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.135 views

CVE-2020-16940

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.To exploit this vulnerability, an attacker would first h...

7.8CVSS8AI score0.00507EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.127 views

CVE-2020-16907

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or dele...

7.8CVSS7.8AI score0.00744EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.127 views

CVE-2020-16967

A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user right...

9.3CVSS8.3AI score0.10395EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.125 views

CVE-2020-16939

An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a speciall...

7.8CVSS8AI score0.23226EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.123 views

CVE-2020-16922

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.In an attack scenario, an attacker could bypass security features intended to prevent imprope...

5.5CVSS6.6AI score0.00564EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.122 views

CVE-2020-16936

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS8.2AI score0.00542EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.121 views

CVE-2020-16897

An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker wo...

5.5CVSS6.6AI score0.00455EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.119 views

CVE-2020-16920

An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code e...

7.8CVSS8.2AI score0.10918EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.118 views

CVE-2020-16909

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to ...

7.8CVSS8AI score0.00524EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.117 views

CVE-2020-16899

A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to send speci...

7.8CVSS7.8AI score0.4098EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.116 views

CVE-2020-16975

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS8.2AI score0.00542EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.113 views

CVE-2020-16972

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS8.2AI score0.00542EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.112 views

CVE-2020-16914

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it...

5.5CVSS6.8AI score0.00497EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.108 views

CVE-2020-16885

An elevation of privilege vulnerability exists when the Windows Storage VSP Driver improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim syste...

7.8CVSS8.2AI score0.00438EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.108 views

CVE-2020-16892

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a speciall...

7.8CVSS8AI score0.00717EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.107 views

CVE-2020-16919

An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files.An attacker with unprivileged access to a vulnerable system could exploi...

5.5CVSS6.5AI score0.00455EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.105 views

CVE-2020-16889

An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log ...

5.5CVSS6.6AI score0.01039EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.104 views

CVE-2020-16902

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then insta...

7.8CVSS8.2AI score0.0066EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.102 views

CVE-2020-16890

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new ...

7.8CVSS8.1AI score0.00744EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.102 views

CVE-2020-16921

An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an ...

5.5CVSS6.6AI score0.00551EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.100 views

CVE-2020-1080

An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.This vulnerability by itself does not allow arbit...

8.8CVSS8.6AI score0.00744EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.99 views

CVE-2020-16877

An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions.To exploit this vulnerability, an attacker wo...

7.1CVSS6.8AI score0.00503EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.98 views

CVE-2020-16974

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS8.2AI score0.00542EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.97 views

CVE-2020-16895

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to...

7.8CVSS8.1AI score0.00744EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.96 views

CVE-2020-16935

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An atta...

7.8CVSS8.2AI score0.00993EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.95 views

CVE-2020-16968

A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user right...

9.3CVSS8.3AI score0.09107EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.92 views

CVE-2020-16876

An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code e...

7.8CVSS7.8AI score0.00524EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.91 views

CVE-2020-16905

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to ...

7.8CVSS7.3AI score0.00838EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.89 views

CVE-2020-1047

An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.This vulnerability by itself does not allow arbit...

7.8CVSS8.6AI score0.00744EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.88 views

CVE-2020-16900

An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS7.7AI score0.00254EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.88 views

CVE-2020-16915

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacke...

8.8CVSS8.1AI score0.11473EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.87 views

CVE-2020-16973

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS8.2AI score0.00524EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.86 views

CVE-2020-16912

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS8.2AI score0.00542EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.84 views

CVE-2020-16976

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS8.2AI score0.00542EPSS