1361 matches found
CVE-2019-1282
An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.
CVE-2021-36965
Windows WLAN AutoConfig Service Remote Code Execution Vulnerability
CVE-2022-21848
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2022-21889
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2022-26827
Windows File Server Resource Management Service Elevation of Privilege Vulnerability
CVE-2022-41118
Windows Scripting Languages Remote Code Execution Vulnerability
CVE-2019-0792
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0793, CVE-2019-0795.
CVE-2019-0848
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814.
CVE-2021-31193
Windows SSDP Service Elevation of Privilege Vulnerability
CVE-2022-21897
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-29121
Windows WLAN AutoConfig Service Denial of Service Vulnerability
CVE-2022-34702
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-34727
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-41048
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-21757
Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
CVE-2012-0175
The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2) directory, aka "Command Injection Vulnerability."
CVE-2013-3918
The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote...
CVE-2016-7212
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code via a crafted image file, aka "Windows Remote Code ...
CVE-2019-0614
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0774.
CVE-2019-0690
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0695, CVE-2019-0701.
CVE-2019-0732
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Security Feature Bypass Vulnerability'.
CVE-2019-0765
A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory, aka 'Comctl32 Remote Code Execution Vulnerability'.
CVE-2022-21833
Virtual Machine IDE Drive Elevation of Privilege Vulnerability
CVE-2022-22710
Windows Common Log File System Driver Denial of Service Vulnerability
CVE-2022-38031
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-21675
Windows Kernel Elevation of Privilege Vulnerability
CVE-2013-3183
The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly perform memory allocation for inbound ICMPv6 packets, which allows remote attackers to cause a denial of service (system hang...
CVE-2019-0885
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.
CVE-2021-38631
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2021-42283
NTFS Elevation of Privilege Vulnerability
CVE-2022-30205
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-30225
Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability
CVE-2023-21678
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2012-4774
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted (1) file name or (2) subfolder name that triggers use of unallocated memory as the destina...
CVE-2019-0618
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0662.
CVE-2019-0623
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
CVE-2019-0794
A remote code execution vulnerability exists when OLE automation improperly handles objects in memory, aka 'OLE Automation Remote Code Execution Vulnerability'.
CVE-2019-0853
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.
CVE-2019-0900
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895,...
CVE-2019-1235
An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'.
CVE-2021-31182
Microsoft Bluetooth Driver Spoofing Vulnerability
CVE-2022-21843
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
CVE-2022-21883
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2022-26936
Windows Server Service Information Disclosure Vulnerability
CVE-2022-35744
Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
CVE-2023-21679
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
CVE-2019-0628
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
CVE-2019-0662
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0618.
CVE-2019-1274
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'.
CVE-2020-0607
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'.