487 matches found
CVE-2020-0908
A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system.An attacker could host a specially crafted website that is designed to exploit the vulnerabil...
CVE-2020-0921
Microsoft Graphics Component Denial of Service Vulnerability
CVE-2020-0928
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...
CVE-2020-1129
A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or cre...
CVE-2020-16973
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-17030
Windows MSCTF Server Information Disclosure Vulnerability
CVE-2020-17056
Windows Network File System Information Disclosure Vulnerability
CVE-2021-28311
Windows Application Compatibility Cache Denial of Service Vulnerability
CVE-2021-28316
Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
CVE-2021-28436
Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2020-0718
A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System AccountTo exploit the vulnerability, an authent...
CVE-2020-0839
An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craft...
CVE-2020-1336
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially cra...
CVE-2020-16912
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-17012
Windows Bind Filter Driver Elevation of Privilege Vulnerability
CVE-2020-17077
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2021-1684
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the rem...
CVE-2021-26417
Windows Overlay Filter Information Disclosure Vulnerability
CVE-2021-27093
Windows Kernel Information Disclosure Vulnerability
CVE-2020-0790
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.This vulnerability by itself does not allow arbitrary code ex...
CVE-2020-17007
Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2020-17013
Win32k Information Disclosure Vulnerability
CVE-2020-17028
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2021-1691
Windows Hyper-V Denial of Service Vulnerability
CVE-2021-28317
Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2020-0766
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security...
CVE-2020-1030
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...
CVE-2020-1052
An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafte...
CVE-2020-16976
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...
CVE-2020-17024
Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability
CVE-2021-24091
Windows Camera Codec Pack Remote Code Execution Vulnerability
CVE-2021-26900
Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-28444
Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2020-0989
An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to read files.To exploit this vulnerability, an attacker would first have t...
CVE-2020-16980
An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim sys...
CVE-2021-24098
Windows Console Driver Denial of Service Vulnerability
CVE-2021-26898
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-28320
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
CVE-2020-1097
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...
CVE-2020-1589
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...
CVE-2020-17071
Windows Delivery Optimization Information Disclosure Vulnerability
CVE-2021-24106
Windows DirectX Information Disclosure Vulnerability
CVE-2021-24107
Windows Event Tracing Information Disclosure Vulnerability
CVE-2021-26882
Remote Access API Elevation of Privilege Vulnerability
CVE-2021-26896
Windows DNS Server Denial of Service Vulnerability
CVE-2020-0836
A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive.To exploit the vulnerability, an authenticated attacker could send malicious DNS queries to...
CVE-2020-0998
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.In a local attack scenario, an attacker could exploit this vulnerability by r...
CVE-2020-1169
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applica...
CVE-2020-17031
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17074
Windows Update Orchestrator Service Elevation of Privilege Vulnerability