Lucene search

K

1775 matches found

CVE
CVE
added 2020/05/21 11:15 p.m.118 views

CVE-2020-1070

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1048.

7.8CVSS7.7AI score0.76161EPSS
In wild
CVE
CVE
added 2020/08/17 7:15 p.m.118 views

CVE-2020-1379

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacke...

7.8CVSS7.3AI score0.20332EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.118 views

CVE-2020-1467

An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to log on to the system. An ...

10CVSS9.1AI score0.01908EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.118 views

CVE-2020-1487

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log onto an ...

7.8CVSS7.5AI score0.2103EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.118 views

CVE-2020-1554

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacke...

7.8CVSS8.6AI score0.13831EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.118 views

CVE-2020-1584

An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craft...

7.8CVSS8.1AI score0.0073EPSS
CVE
CVE
added 2021/01/12 8:15 p.m.118 views

CVE-2021-1649

Active Template Library Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00313EPSS
CVE
CVE
added 2021/04/13 8:15 p.m.118 views

CVE-2021-28357

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.12162EPSS
CVE
CVE
added 2021/07/14 6:15 p.m.118 views

CVE-2021-34498

Windows GDI Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00273EPSS
CVE
CVE
added 2021/10/13 1:15 a.m.118 views

CVE-2021-40467

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.00584EPSS
CVE
CVE
added 2021/10/13 1:15 a.m.118 views

CVE-2021-41340

Windows Graphics Component Remote Code Execution Vulnerability

7.8CVSS8.2AI score0.02168EPSS
CVE
CVE
added 2021/11/10 1:19 a.m.118 views

CVE-2021-41377

Windows Fast FAT File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.0033EPSS
CVE
CVE
added 2022/04/15 7:15 p.m.118 views

CVE-2022-26790

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00367EPSS
CVE
CVE
added 2022/08/09 8:15 p.m.118 views

CVE-2022-34690

Windows Fax Service Elevation of Privilege Vulnerability

7.1CVSS8.1AI score0.01139EPSS
CVE
CVE
added 2022/11/09 10:15 p.m.118 views

CVE-2022-41045

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00086EPSS
CVE
CVE
added 2018/02/15 2:29 a.m.117 views

CVE-2018-0833

The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests are handled, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability".

6.3CVSS5.1AI score0.74526EPSS
CVE
CVE
added 2018/08/15 5:29 p.m.117 views

CVE-2018-8394

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8....

6.5CVSS5.7AI score0.19761EPSS
CVE
CVE
added 2018/09/13 12:29 a.m.117 views

CVE-2018-8410

An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory, aka "Windows Registry Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 201...

7.8CVSS7.5AI score0.25593EPSS
CVE
CVE
added 2018/09/13 12:29 a.m.117 views

CVE-2018-8455

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

7.8CVSS7.5AI score0.003EPSS
CVE
CVE
added 2018/12/12 12:29 a.m.117 views

CVE-2018-8477

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Wind...

5.5CVSS6.5AI score0.01202EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.117 views

CVE-2019-0899

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895,...

9.3CVSS8.1AI score0.29592EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.117 views

CVE-2019-0909

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8AI score0.07186EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.117 views

CVE-2019-0974

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8AI score0.13023EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.117 views

CVE-2019-1010

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

6.5CVSS5.6AI score0.07622EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.117 views

CVE-2019-1157

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS7.9AI score0.04974EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.117 views

CVE-2020-0941

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, an attacker would have to either l...

5.5CVSS6.4AI score0.01063EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.117 views

CVE-2020-0953

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994,...

9.3CVSS8AI score0.33652EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.117 views

CVE-2020-1346

An elevation of privilege vulnerability exists when the Windows Modules Installer improperly handles file operations, aka 'Windows Modules Installer Elevation of Privilege Vulnerability'.

7.8CVSS7.6AI score0.003EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.117 views

CVE-2020-1378

An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.A locally authenticated attacker could exploit this vulnerability by...

7.8CVSS8.2AI score0.03388EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.117 views

CVE-2020-1520

A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by correcting how the Windows Font Driver Host ha...

7.8CVSS8.7AI score0.00505EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.117 views

CVE-2020-1539

An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u...

7.8CVSS8.1AI score0.00387EPSS
CVE
CVE
added 2021/04/13 8:15 p.m.117 views

CVE-2021-28356

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.09536EPSS
CVE
CVE
added 2021/04/13 8:15 p.m.117 views

CVE-2021-28358

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.11968EPSS
CVE
CVE
added 2021/05/11 7:15 p.m.117 views

CVE-2021-31188

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS7.2AI score0.01715EPSS
CVE
CVE
added 2022/10/11 7:15 p.m.117 views

CVE-2022-22035

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.00263EPSS
CVE
CVE
added 2022/04/15 7:15 p.m.117 views

CVE-2022-24485

Win32 File Enumeration Remote Code Execution Vulnerability

7.5CVSS8.7AI score0.03631EPSS
CVE
CVE
added 2022/04/15 7:15 p.m.117 views

CVE-2022-26915

Windows Secure Channel Denial of Service Vulnerability

7.5CVSS8.4AI score0.14413EPSS
CVE
CVE
added 2022/07/12 11:15 p.m.117 views

CVE-2022-30213

Windows GDI+ Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00657EPSS
CVE
CVE
added 2022/10/11 7:15 p.m.117 views

CVE-2022-37984

Windows WLAN Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00272EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.116 views

CVE-2018-0898

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memo...

4.7CVSS4.7AI score0.11699EPSS
CVE
CVE
added 2018/06/14 12:29 p.m.116 views

CVE-2018-1036

An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Win...

7CVSS7.6AI score0.0086EPSS
CVE
CVE
added 2018/08/15 5:29 p.m.116 views

CVE-2018-8343

An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT ...

7.8CVSS6.8AI score0.00445EPSS
CVE
CVE
added 2018/12/12 12:29 a.m.116 views

CVE-2018-8596

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Se...

6.5CVSS7.1AI score0.27405EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.116 views

CVE-2019-0905

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8.1AI score0.10107EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.116 views

CVE-2019-1057

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system.To exploit the vulnerability, an attacker could host a...

9.3CVSS8.6AI score0.04431EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.116 views

CVE-2019-1159

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new ...

7.8CVSS8.6AI score0.01533EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.116 views

CVE-2020-0620

An elevation of privilege vulnerability exists when Microsoft Cryptographic Services improperly handles files, aka 'Microsoft Cryptographic Services Elevation of Privilege Vulnerability'.

7.8CVSS8.4AI score0.00377EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.116 views

CVE-2020-0959

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994,...

9.3CVSS8AI score0.33652EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.116 views

CVE-2020-1475

An elevation of privilege vulnerability exists in the way that the srmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted...

7.8CVSS8.6AI score0.00914EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.116 views

CVE-2020-1489

An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security upd...

7.8CVSS8.5AI score0.00387EPSS
Total number of security vulnerabilities1775