3407 matches found
CVE-2020-1269
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...
CVE-2019-1182
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. A...
CVE-2018-0824
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2...
CVE-2022-34721
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
CVE-2021-34514
Windows Kernel Elevation of Privilege Vulnerability
CVE-2025-21418
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-24983
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVE-2023-29324
Windows MSHTML Platform Security Feature Bypass Vulnerability
CVE-2024-20674
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2025-26633
Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
CVE-2020-17051
Windows Network File System Remote Code Execution Vulnerability
CVE-2023-36719
Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
CVE-2019-1006
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
CVE-2020-0611
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
CVE-2022-24528
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2023-36876
Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability
CVE-2018-8641
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Wind...
CVE-2022-24500
Windows SMB Remote Code Execution Vulnerability
CVE-2024-21438
Microsoft AllJoyn API Denial of Service Vulnerability
CVE-2025-33053
External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.
CVE-2022-22049
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2023-35379
Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability
CVE-2022-21972
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2024-26229
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2020-1048
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.
CVE-2023-28293
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-26424
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2021-38633
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-26931
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2018-8639
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server...
CVE-2024-20652
Windows HTML Platforms Security Feature Bypass Vulnerability
CVE-2019-1040
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features.To exploit t...
CVE-2023-28250
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2022-30170
Windows Credential Roaming Service Elevation of Privilege Vulnerability
CVE-2024-38118
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
CVE-2024-38193
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2009-2524
Integer underflow in the NTLM authentication feature in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a deni...
CVE-2020-1036
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1040,...
CVE-2021-36963
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-21437
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-21729
Remote Procedure Call Runtime Information Disclosure Vulnerability
CVE-2017-11835
Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be disclosed due to the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts, aka "Windows EOT Font E...
CVE-2018-8166
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, W...
CVE-2020-1337
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...
CVE-2022-23293
Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
CVE-2022-30138
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2018-8124
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, W...
CVE-2019-1073
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071.
CVE-2024-26166
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2019-0796
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.