268 matches found
CVE-2020-0886
An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. ...
CVE-2020-1080
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.This vulnerability by itself does not allow arbit...
CVE-2020-1485
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, an aut...
CVE-2020-1486
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new ...
CVE-2020-1508
A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.There are multiple ways an attacker could exploit the vulnerability, such as by convincing a us...
CVE-2020-1513
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security upd...
CVE-2020-16962
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-16997
Remote Desktop Protocol Server Information Disclosure Vulnerability
CVE-2020-17014
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2020-17134
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2020-0997
A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user right...
CVE-2020-16877
An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions.To exploit this vulnerability, an attacker wo...
CVE-2020-17040
Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2020-17097
Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2020-0648
An elevation of privilege vulnerability exists when the Windows RSoP Service Application improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The...
CVE-2020-16974
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-17038
Win32k Elevation of Privilege Vulnerability
CVE-2020-17055
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17139
Windows Overlay Filter Security Feature Bypass Vulnerability
CVE-2020-1091
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...
CVE-2020-16895
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to...
CVE-2020-16964
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-0761
A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System AccountTo exploit the vulnerability, an authent...
CVE-2020-1592
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to f...
CVE-2020-16935
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An atta...
CVE-2020-16961
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-17025
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17036
Windows Function Discovery SSDP Provider Information Disclosure Vulnerability
CVE-2020-0911
An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted a...
CVE-2020-1115
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have ...
CVE-2020-17010
Win32k Elevation of Privilege Vulnerability
CVE-2020-17011
Windows Port Class Library Elevation of Privilege Vulnerability
CVE-2020-17047
Windows Network File System Denial of Service Vulnerability
CVE-2020-17069
Windows NDIS Information Disclosure Vulnerability
CVE-2020-0782
An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.To exploit this vulnerability, an attacker would first have to log on ...
CVE-2020-17032
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-0838
An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafte...
CVE-2020-0890
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtua...
CVE-2020-1122
An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafte...
CVE-2020-1598
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v...
CVE-2020-16876
An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code e...
CVE-2020-17034
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-16905
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to ...
CVE-2020-17004
Windows Graphics Component Information Disclosure Vulnerability
CVE-2020-17033
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17041
Windows Print Configuration Elevation of Privilege Vulnerability
CVE-2020-17068
Windows GDI+ Remote Code Execution Vulnerability
CVE-2020-0904
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtua...
CVE-2020-0922
A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted file...
CVE-2020-1053
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ful...