487 matches found
CVE-2020-1509
An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the targ...
CVE-2021-24094
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2020-1577
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit the vulnerabil...
CVE-2021-26865
Windows Container Execution Agent Elevation of Privilege Vulnerability
CVE-2020-16911
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or dele...
CVE-2020-16927
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.To e...
CVE-2020-1470
An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The sec...
CVE-2020-1561
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted f...
CVE-2020-1243
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtua...
CVE-2020-1518
An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate...
CVE-2020-16887
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker coul...
CVE-2020-16924
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2020-17136
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2021-31193
Windows SSDP Service Elevation of Privilege Vulnerability
CVE-2019-1225
An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.To exploit this vulnerability, an attacker would have to co...
CVE-2020-16940
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.To exploit this vulnerability, an attacker would first h...
CVE-2021-28353
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2020-1034
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially cra...
CVE-2020-17140
Windows SMB Information Disclosure Vulnerability
CVE-2020-1417
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new ...
CVE-2020-1519
An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The securit...
CVE-2021-31182
Microsoft Bluetooth Driver Spoofing Vulnerability
CVE-2021-28434
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-31191
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
CVE-2020-17001
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-27072
Win32k Elevation of Privilege Vulnerability
CVE-2020-1516
An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The sec...
CVE-2021-1669
Windows Remote Desktop Security Feature Bypass Vulnerability
CVE-2020-1564
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2021-24078
Windows DNS Server Remote Code Execution Vulnerability
CVE-2020-16907
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or dele...
CVE-2021-1666
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2020-1474
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit the vulnerability, an aut...
CVE-2020-1477
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacke...
CVE-2020-1525
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacke...
CVE-2021-28335
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28340
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28341
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28354
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2020-1383
An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s systemTo exploit this vulnerability, an attacker would need to run a special...
CVE-2020-16939
An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a speciall...
CVE-2021-1674
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
CVE-2021-28329
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28337
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-28345
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-31170
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-1488
An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.T...
CVE-2020-1558
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2020-1587
An elevation of privilege vulnerability exists when the Windows Ancillary Function Driver for WinSock improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate p...
CVE-2021-28355
Remote Procedure Call Runtime Remote Code Execution Vulnerability