2372 matches found
CVE-2017-8582
HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in memor...
CVE-2019-1151
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ...
CVE-2020-0642
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0624.
CVE-2021-31962
Kerberos AppContainer Security Feature Bypass Vulnerability
CVE-2022-21836
Windows Certificate Spoofing Vulnerability
CVE-2022-29139
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30135
Windows Media Center Elevation of Privilege Vulnerability
CVE-2023-21552
Windows GDI Elevation of Privilege Vulnerability
CVE-2019-1094
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116.
CVE-2020-1530
An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security updat...
CVE-2021-38666
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2022-21983
Win32 Stream Enumeration Remote Code Execution Vulnerability
CVE-2022-22042
Windows Hyper-V Information Disclosure Vulnerability
CVE-2019-0538
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Se...
CVE-2022-26801
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-41081
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-21920
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2023-21726
Windows Credential Manager User Interface Elevation of Privilege Vulnerability
CVE-2010-0270
The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted (1) SM...
CVE-2019-1096
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
CVE-2021-26899
Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2022-24530
Windows Installer Elevation of Privilege Vulnerability
CVE-2015-2518
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption E...
CVE-2020-16933
<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file...
CVE-2022-22025
Windows Internet Information Services Cachuri Module Denial of Service Vulnerability
CVE-2015-2511
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption E...
CVE-2016-3310
The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privi...
CVE-2018-8256
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, ...
CVE-2022-21973
Windows Media Center Update Denial of Service Vulnerability
CVE-2022-37986
Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-38044
Windows CD-ROM File System Driver Remote Code Execution Vulnerability
CVE-2022-41039
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-23270
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-34729
Windows GDI Elevation of Privilege Vulnerability
CVE-2022-38043
Windows Security Support Provider Interface Information Disclosure Vulnerability
CVE-2022-24474
Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-37958
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
CVE-2017-0174
Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it improperly handles NetBIOS packets, aka "Windows NetBIOS De...
CVE-2022-24499
Windows Installer Elevation of Privilege Vulnerability
CVE-2022-38029
Windows ALPC Elevation of Privilege Vulnerability
CVE-2019-1155
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2019-1244
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1245, CVE-2019-1251.
CVE-2020-16923
<p>A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.</p><p>To exploit the vulnerability, a user would have to open a specially...
CVE-2022-22027
Windows Fax Service Remote Code Execution Vulnerability
CVE-2022-30151
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2023-21776
Windows Kernel Information Disclosure Vulnerability
CVE-2017-0272
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it ...
CVE-2022-21859
Windows Accounts Control Elevation of Privilege Vulnerability
CVE-2022-22023
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
CVE-2022-29141
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability