2358 matches found
CVE-2025-21221
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
CVE-2025-21247
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-21319
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-24992
Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.
CVE-2025-26672
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-27471
Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.
CVE-2025-27473
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
CVE-2025-27732
Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2017-0250
Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to buffer overflow, aka "Microsoft JET Databa...
CVE-2020-0675
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addre...
CVE-2020-0773
An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. This ...
CVE-2020-0778
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0802, CVE-2020-0803, CVE-2020-0804, CVE-2020-0845.
CVE-2020-0845
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0804.
CVE-2020-1359
An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory, aka 'Windows CNG Key Isolation Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1384.
CVE-2020-1368
An elevation of privilege vulnerability exists in the way that the Credential Enrollment Manager service handles objects in memory, aka 'Windows Credential Enrollment Manager Service Elevation of Privilege Vulnerability'.
CVE-2020-1399
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1353, CVE-2020-1370, CVE-2020-1404, CVE-2020-1413, CVE-2020-1414, CVE-2020-141...
CVE-2020-17024
Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability
CVE-2021-43229
Windows NTFS Elevation of Privilege Vulnerability
CVE-2022-33645
Windows TCP/IP Driver Denial of Service Vulnerability
CVE-2023-21702
Windows iSCSI Service Denial of Service Vulnerability
CVE-2023-32043
Windows Remote Desktop Security Feature Bypass Vulnerability
CVE-2023-35314
Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-35341
Microsoft DirectMusic Information Disclosure Vulnerability
CVE-2024-30062
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
CVE-2024-37970
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37988
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38048
Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability
CVE-2024-38236
DHCP Server Service Denial of Service Vulnerability
CVE-2024-38258
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
CVE-2025-21233
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21309
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2025-21316
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21338
GDI+ Remote Code Execution Vulnerability
CVE-2025-21371
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-32710
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVE-2016-7218
Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information via a cr...
CVE-2020-0680
An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0682.
CVE-2020-0781
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0783.
CVE-2020-0909
A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolv...
CVE-2020-0993
A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka 'Windows DNS Denial of Service Vulnerability'.
CVE-2020-1005
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-0987.
CVE-2020-1014
An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'.
CVE-2020-1116
An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure Vulnerability'.
CVE-2020-1385
An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory, aka 'Windows Credential Picker Elevation of Privilege Vulnerability'.
CVE-2020-1397
An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.
CVE-2021-43216
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
CVE-2021-43238
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2023-32033
Microsoft Failover Cluster Remote Code Execution Vulnerability
CVE-2023-32035
Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-35309
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability