915 matches found
CVE-2021-41347
Windows AppX Deployment Service Elevation of Privilege Vulnerability
CVE-2020-1478
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacke...
CVE-2020-1511
An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a spe...
CVE-2020-1536
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u...
CVE-2020-16885
An elevation of privilege vulnerability exists when the Windows Storage VSP Driver improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim syste...
CVE-2020-16892
An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a speciall...
CVE-2021-1656
TPM Device Driver Information Disclosure Vulnerability
CVE-2021-26867
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2021-27089
Microsoft Internet Messaging API Remote Code Execution Vulnerability
CVE-2021-33774
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-33782
Windows Authenticode Spoofing Vulnerability
CVE-2021-36972
Windows SMB Information Disclosure Vulnerability
CVE-2021-40478
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2020-1201
An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory, aka 'Windows Now Playing Session Manager Elevation of Privilege Vulnerability'.
CVE-2020-1384
An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory, aka 'Windows CNG Key Isolation Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1359.
CVE-2020-1550
An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handle memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The secur...
CVE-2020-1552
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap...
CVE-2020-16919
An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files.An attacker with unprivileged access to a vulnerable system could exploi...
CVE-2021-26891
Windows Container Execution Agent Elevation of Privilege Vulnerability
CVE-2021-31954
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-33744
Windows Secure Kernel Mode Security Feature Bypass Vulnerability
CVE-2021-33788
Windows LSA Denial of Service Vulnerability
CVE-2021-34491
Win32k Information Disclosure Vulnerability
CVE-2021-34513
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-38630
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-40475
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2020-1152
An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.To exploit the vulnerability, an attacker would have to log on to an affected system and r...
CVE-2020-1308
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ful...
CVE-2020-1382
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1381.
CVE-2020-1393
An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418.
CVE-2020-1473
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2020-1544
An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u...
CVE-2020-1553
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applica...
CVE-2020-1578
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a ker...
CVE-2020-1593
A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.There are multiple ways an attacker could exploit the vulnerability, such as by convincing a us...
CVE-2020-17057
Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-1667
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-1726
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-33759
Windows Desktop Bridge Elevation of Privilege Vulnerability
CVE-2020-1233
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306, CVE-2020-133...
CVE-2020-1251
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1253, CVE-2020-1310.
CVE-2020-1270
An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory, aka 'Windows WLAN Service Elevation of Privilege Vulnerability'.
CVE-2020-1534
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-16889
An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log ...
CVE-2020-16960
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2021-1671
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-1682
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-24080
Windows Trust Verification API Denial of Service Vulnerability
CVE-2021-25195
Windows PKU2U Elevation of Privilege Vulnerability
CVE-2021-34510
Storage Spaces Controller Elevation of Privilege Vulnerability