359 matches found
CVE-2019-1172
An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account.To exploit the vulnerability, an attacker would have to trick a user int...
CVE-2019-1179
An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craft...
CVE-2020-0911
<p>An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.</p><p>An attacker could exploit this vulnerability by running a specially...
CVE-2020-1115
<p>An elevation of privilege vulnerability exists when the <a href="https://technet.microsoft.com/library/security/dn848375.aspx#CLFS">Windows Common Log File System (CLFS)</a> driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes...
CVE-2020-17010
Win32k Elevation of Privilege Vulnerability
CVE-2020-17011
Windows Port Class Library Elevation of Privilege Vulnerability
CVE-2020-17047
Windows Network File System Denial of Service Vulnerability
CVE-2020-17069
Windows NDIS Information Disclosure Vulnerability
CVE-2019-1007
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulner...
CVE-2019-1187
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application.A remote unauthenticated attacker could exploit this vulnerability by iss...
CVE-2020-0782
<p>An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.</p><p>To exploit this vulnerability, an attacker would first have ...
CVE-2020-17032
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-0838
<p>An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p><p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specia...
CVE-2020-0890
<p>A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.</p><p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running a...
CVE-2020-1122
<p>An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p><p>An attacker could exploit this vulnerability by running a specia...
CVE-2020-1598
<p>An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs...
CVE-2020-16876
<p>An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p><p>To exploit the vulnerability, an attacker would first n...
CVE-2020-17034
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2019-0983
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.To exploit the vulnerability, an attacker would first have to gain execution on t...
CVE-2019-1041
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new ...
CVE-2019-1198
An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerabi...
CVE-2020-16905
<p>An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.</p><p>An attacker who successfully exploited the vulnerability could gain greater ...
CVE-2020-17004
Windows Graphics Component Information Disclosure Vulnerability
CVE-2020-17033
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17041
Windows Print Configuration Elevation of Privilege Vulnerability
CVE-2020-17068
Windows GDI+ Remote Code Execution Vulnerability
CVE-2020-17162
Microsoft Windows Security Feature Bypass Vulnerability
CVE-2019-1186
An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted...
CVE-2019-1188
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user ri...
CVE-2020-0904
<p>A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.</p><p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running a...
CVE-2020-0922
<p>A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.</p><p>To exploit the vulnerability, a user would have to open a specially cr...
CVE-2020-1053
<p>An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ...
CVE-2020-1146
<p>An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.</p><p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.</...
CVE-2020-1159
<p>An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p><p>To exploit the vulnerability, a locally authenticated at...
CVE-2020-17045
Windows KernelStream Information Disclosure Vulnerability
CVE-2019-1171
An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to an affected syst...
CVE-2019-1185
An elevation of privilege vulnerability exists due to a stack corruption in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted...
CVE-2019-1206
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive.To exploit the vulnerability, an atta...
CVE-2020-0912
<p>An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory.</p><p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elev...
CVE-2020-1047
<p>An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.</p><p>This vulnerability by itself does not a...
CVE-2020-17027
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17046
Windows Error Reporting Denial of Service Vulnerability
CVE-2020-17094
Windows Error Reporting Information Disclosure Vulnerability
CVE-2020-0856
<p>An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system.</p><p>To exploit this condition,...
CVE-2020-1038
<p>A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.</p><p>To exploit this vulnerability, an attacker would have to log on to an affec...
CVE-2020-1074
<p>A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.</p><p>An attacker could exploit this vulnerability by enticing a vict...
CVE-2020-1245
<p>An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data...
CVE-2020-16900
<p>An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory.</p><p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privi...
CVE-2020-16915
<p>A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.</p><p>There are multiple ways ...
CVE-2020-17029
Windows Canonical Display Driver Information Disclosure Vulnerability