Windows Server 1909 Security Vulnerabilities and Issues — Page 9 of Windows Server 1909 CVE List

A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System AccountTo exploit the vulnerability, an authent...

8.8CVSS8.7AI score0.10549EPSS

CVE•added 2020/09/11 5:15 p.m.•86 views

CVE-2020-0837

An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication factors.To exploit this vulnerabil...

5.3CVSS6.7AI score0.0137EPSS

CVE•added 2020/09/11 5:15 p.m.•86 views

CVE-2020-0839

An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craft...

7.8CVSS8.1AI score0.00502EPSS

CVE•added 2020/09/11 5:15 p.m.•86 views

CVE-2020-0921

Microsoft Graphics Component Denial of Service Vulnerability

5.5CVSS6.7AI score0.01084EPSS

CVE•added 2020/09/11 5:15 p.m.•86 views

CVE-2020-0951

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC.To exploit the vulnerabil...

7.2CVSS7.7AI score0.02554EPSS

CVE•added 2020/07/14 11:15 p.m.•86 views

CVE-2020-1336

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially cra...

7.8CVSS7.8AI score0.00387EPSS

CVE•added 2020/10/16 11:15 p.m.•86 views

CVE-2020-16912

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS8.2AI score0.00542EPSS

CVE•added 2020/11/11 7:15 a.m.•86 views

CVE-2020-17012

Windows Bind Filter Driver Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00513EPSS

CVE•added 2020/11/11 7:15 a.m.•86 views

CVE-2020-17035

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.01827EPSS

CVE•added 2020/11/11 7:15 a.m.•86 views

CVE-2020-17077

Windows Update Stack Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00505EPSS

CVE•added 2021/01/12 8:15 p.m.•86 views

CVE-2021-1684

Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the rem...

5.5CVSS6.5AI score0.03167EPSS

CVE•added 2021/04/13 8:15 p.m.•86 views

CVE-2021-26417

Windows Overlay Filter Information Disclosure Vulnerability

5.5CVSS5.5AI score0.00488EPSS

CVE•added 2020/09/11 5:15 p.m.•85 views

CVE-2020-0790

A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.This vulnerability by itself does not allow arbitrary code ex...

7.8CVSS8.4AI score0.00512EPSS

CVE•added 2020/11/11 7:15 a.m.•85 views

CVE-2020-17007

Windows Error Reporting Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00311EPSS

CVE•added 2020/11/11 7:15 a.m.•85 views

CVE-2020-17013

Win32k Information Disclosure Vulnerability

5.5CVSS5.9AI score0.00542EPSS

CVE•added 2020/11/11 7:15 a.m.•85 views

CVE-2020-17028

Windows Remote Access Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00514EPSS

CVE•added 2021/04/13 8:15 p.m.•85 views

CVE-2021-27093

Windows Kernel Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00442EPSS

CVE•added 2021/04/13 8:15 p.m.•85 views

CVE-2021-28317

Microsoft Windows Codecs Library Information Disclosure Vulnerability

5.5CVSS6.5AI score0.00448EPSS

CVE•added 2020/09/11 5:15 p.m.•84 views

CVE-2020-0766

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security...

7.8CVSS8.1AI score0.00512EPSS

CVE•added 2020/09/11 5:15 p.m.•84 views

CVE-2020-1030

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...

7.8CVSS8.1AI score0.02591EPSS

CVE•added 2020/09/11 5:15 p.m.•84 views

CVE-2020-1052

An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafte...

7.8CVSS8.1AI score0.00512EPSS

CVE•added 2020/10/16 11:15 p.m.•84 views

CVE-2020-16976

7.8CVSS8.2AI score0.00542EPSS

CVE•added 2020/11/11 7:15 a.m.•84 views

CVE-2020-17024

Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00428EPSS

CVE•added 2021/01/12 8:15 p.m.•84 views

CVE-2021-1691

Windows Hyper-V Denial of Service Vulnerability

7.7CVSS7.5AI score0.00991EPSS

CVE•added 2021/02/25 11:15 p.m.•84 views

CVE-2021-24091

Windows Camera Codec Pack Remote Code Execution Vulnerability

8.8CVSS8.6AI score0.07013EPSS

CVE•added 2021/03/11 4:15 p.m.•84 views

CVE-2021-26900

Windows Win32k Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.07071EPSS

CVE•added 2021/04/13 8:15 p.m.•84 views

CVE-2021-28444

Windows Hyper-V Security Feature Bypass Vulnerability

6.5CVSS6.9AI score0.09551EPSS

CVE•added 2020/10/16 11:15 p.m.•83 views

CVE-2020-16980

An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim sys...

7.8CVSS8.2AI score0.00524EPSS

CVE•added 2021/03/11 4:15 p.m.•83 views

CVE-2021-26898

Windows Event Tracing Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.0045EPSS

CVE•added 2021/04/13 8:15 p.m.•83 views

CVE-2021-28320

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00681EPSS

CVE•added 2020/09/11 5:15 p.m.•82 views

CVE-2020-0989

An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to read files.To exploit this vulnerability, an attacker would first have t...

5.5CVSS6.4AI score0.0093EPSS

CVE•added 2020/09/11 5:15 p.m.•82 views

CVE-2020-1097

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...

6.5CVSS6.9AI score0.18021EPSS

CVE•added 2020/09/11 5:15 p.m.•82 views

CVE-2020-1589

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...

5.5CVSS5.8AI score0.00435EPSS

CVE•added 2020/11/11 7:15 a.m.•82 views

CVE-2020-17071

Windows Delivery Optimization Information Disclosure Vulnerability

5.5CVSS6.5AI score0.00403EPSS

CVE•added 2021/03/11 4:15 p.m.•82 views

CVE-2021-24107

Windows Event Tracing Information Disclosure Vulnerability

5.5CVSS7AI score0.00488EPSS

CVE•added 2021/03/11 4:15 p.m.•82 views

CVE-2021-26896

Windows DNS Server Denial of Service Vulnerability

7.5CVSS8.4AI score0.20423EPSS

CVE•added 2020/09/11 5:15 p.m.•81 views

CVE-2020-0998

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by r...

7.8CVSS7.9AI score0.00726EPSS

CVE•added 2020/09/11 5:15 p.m.•81 views

CVE-2020-1169

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applica...

7.8CVSS8.1AI score0.08088EPSS

CVE•added 2020/11/11 7:15 a.m.•81 views

CVE-2020-17074

Windows Update Orchestrator Service Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00505EPSS

CVE•added 2021/02/25 11:15 p.m.•81 views

CVE-2021-24106

Windows DirectX Information Disclosure Vulnerability

5.5CVSS7AI score0.00285EPSS

CVE•added 2020/09/11 5:15 p.m.•80 views

CVE-2020-0875

An information disclosure vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system (low-integrity to medium-integrity).This vulnerability by itself does not allow arbitr...

5.5CVSS7.4AI score0.22378EPSS

CVE•added 2020/09/11 5:15 p.m.•80 views

CVE-2020-1119

An information disclosure vulnerability exists when StartTileData.dll improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to an...

5.5CVSS5.3AI score0.01084EPSS

CVE•added 2020/09/11 5:15 p.m.•80 views

CVE-2020-1250

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on ...

5.5CVSS6.3AI score0.0112EPSS

CVE•added 2020/11/11 7:15 a.m.•80 views

CVE-2020-17031

Windows Remote Access Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00681EPSS

Total number of security vulnerabilities487