2110 matches found
CVE-2020-17087
Windows Kernel Local Elevation of Privilege Vulnerability
CVE-2021-31956
Windows NTFS Elevation of Privilege Vulnerability
CVE-2021-31979
Windows Kernel Elevation of Privilege Vulnerability
CVE-2019-0803
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.
CVE-2022-21907
HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2018-3639
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store ...
CVE-2022-26809
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2019-1125
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an a...
CVE-2022-29130
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30209
Windows IIS Server Elevation of Privilege Vulnerability
CVE-2020-24588
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802...
CVE-2023-21752
Windows Backup Service Elevation of Privilege Vulnerability
CVE-2022-32230
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most ...
CVE-2019-1181
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. A...
CVE-2022-22012
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-21990
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0645
A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.
CVE-2022-24503
Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2019-1365
An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability can allow an unprivileged function ran by the user to execute code in the context of NT AUTHORITY\sy...
CVE-2022-23288
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-22048
BitLocker Security Feature Bypass Vulnerability
CVE-2022-24481
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-34481
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or...
CVE-2019-0836
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0841.
CVE-2020-15707
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extrem...
CVE-2022-21894
Secure Boot Security Feature Bypass Vulnerability
CVE-2021-26414
Windows DCOM Server Security Feature Bypass
CVE-2022-26928
Windows Photo Import API Elevation of Privilege Vulnerability
CVE-2022-30133
Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
CVE-2021-1648
Microsoft splwow64 Elevation of Privilege Vulnerability
CVE-2020-1269
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...
CVE-2019-1182
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. A...
CVE-2020-15706
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 ...
CVE-2022-24505
Windows ALPC Elevation of Privilege Vulnerability
CVE-2020-15705
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. Thi...
CVE-2022-34721
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
CVE-2021-34514
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-24491
Windows Network File System Remote Code Execution Vulnerability
CVE-2019-1006
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
CVE-2020-0611
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
CVE-2022-24528
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2022-24500
Windows SMB Remote Code Execution Vulnerability
CVE-2022-21977
Media Foundation Information Disclosure Vulnerability
CVE-2018-8641
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Wind...
CVE-2022-22049
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2022-24547
Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2022-21972
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2020-1048
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.
CVE-2022-24545
Windows Kerberos Remote Code Execution Vulnerability
CVE-2021-26424
Windows TCP/IP Remote Code Execution Vulnerability