Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftWindows Server 20126.3.0

328 matches found

CVE
CVEadded 2020/08/17 7:15 p.m.3628 views

CVE-2020-1472

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a d...

10CVSS8.2AI score0.94448EPSS
CVE
CVEadded 2020/11/11 7:15 a.m.1242 views

CVE-2020-17087

Windows Kernel Local Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.15084EPSS
CVE
CVEadded 2020/08/17 7:15 p.m.1099 views

CVE-2020-1464

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.In an attack scenario, an attacker could bypass security features intended to prevent imprope...

7.8CVSS7.3AI score0.05831EPSS
CVE
CVEadded 2019/09/03 6:15 p.m.590 views

CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an a...

5.6CVSS6.8AI score0.15102EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.438 views

CVE-2019-1181

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. A...

10CVSS9.7AI score0.73187EPSS
CVE
CVEadded 2021/01/12 8:15 p.m.290 views

CVE-2021-1648

Microsoft splwow64 Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00979EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.285 views

CVE-2019-1182

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. A...

10CVSS9.7AI score0.09354EPSS
CVE
CVEadded 2020/11/11 7:15 a.m.273 views

CVE-2020-17051

Windows Network File System Remote Code Execution Vulnerability

10CVSS9.6AI score0.14901EPSS
CVE
CVEadded 2020/08/17 7:15 p.m.243 views

CVE-2020-1337

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...

7.8CVSS7.8AI score0.53476EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.236 views

CVE-2020-1013

<p>An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.</p><p>To exploit this vulnerabili...

9.3CVSS8.1AI score0.15904EPSS
CVE
CVEadded 2020/11/11 7:15 a.m.226 views

CVE-2020-1599

Windows Spoofing Vulnerability

5.5CVSS7.2AI score0.05733EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.212 views

CVE-2020-16916

<p>An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.</p><p>To exploit this vulnerability, an attacker would first have to log on to the syste...

7.8CVSS8.2AI score0.00744EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.204 views

CVE-2020-16891

<p>A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could c...

8.8CVSS8.7AI score0.00539EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.200 views

CVE-2021-26868

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.12212EPSS
CVE
CVEadded 2020/12/10 12:15 a.m.197 views

CVE-2020-17096

Windows NTFS Remote Code Execution Vulnerability

9CVSS8AI score0.08663EPSS
CVE
CVEadded 2021/02/25 11:15 p.m.186 views

CVE-2021-24086

Windows TCP/IP Denial of Service Vulnerability

7.5CVSS8.5AI score0.37202EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.184 views

CVE-2021-26897

Windows DNS Server Remote Code Execution Vulnerability

10CVSS9.7AI score0.10792EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.180 views

CVE-2019-1151

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ...

9.3CVSS9.1AI score0.33915EPSS
CVE
CVEadded 2020/08/17 7:15 p.m.179 views

CVE-2020-1530

An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security updat...

7.8CVSS8.3AI score0.00594EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.176 views

CVE-2021-26899

Windows UPnP Device Host Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00436EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.169 views

CVE-2019-1155

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8.8AI score0.09677EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.169 views

CVE-2020-16923

<p>A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.</p><p>To exploit the vulnerability, a user would have to open a specially...

7.8CVSS8.3AI score0.08517EPSS
CVE
CVEadded 2020/08/17 7:15 p.m.165 views

CVE-2020-1492

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacke...

7.8CVSS8.1AI score0.14799EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.165 views

CVE-2020-16896

<p>An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s syste...

7.5CVSS7.6AI score0.1565EPSS
CVE
CVEadded 2021/02/25 11:15 p.m.165 views

CVE-2021-24074

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.14391EPSS
CVE
CVEadded 2020/11/11 7:15 a.m.161 views

CVE-2020-17042

Windows Print Spooler Remote Code Execution Vulnerability

9.3CVSS9.3AI score0.17242EPSS
CVE
CVEadded 2020/08/17 7:15 p.m.156 views

CVE-2020-1537

An elevation of privilege vulnerability exists when the Windows Remote Access improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. An...

7.8CVSS8.3AI score0.00513EPSS
CVE
CVEadded 2020/12/10 12:15 a.m.156 views

CVE-2020-16996

Kerberos Security Feature Bypass Vulnerability

6.5CVSS7AI score0.10507EPSS
CVE
CVEadded 2021/01/12 8:15 p.m.154 views

CVE-2021-1658

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.3AI score0.01239EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.150 views

CVE-2019-1162

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view,...

7.8CVSS8.6AI score0.0047EPSS
CVE
CVEadded 2020/08/17 7:15 p.m.147 views

CVE-2020-1509

An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the targ...

8.8CVSS8.1AI score0.06869EPSS
CVE
CVEadded 2021/02/25 11:15 p.m.145 views

CVE-2021-24094

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.14023EPSS
CVE
CVEadded 2020/08/17 7:15 p.m.144 views

CVE-2020-1577

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit the vulnerabil...

7.8CVSS6.9AI score0.17285EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.143 views

CVE-2020-16911

<p>A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or d...

9.3CVSS8.7AI score0.15789EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.143 views

CVE-2020-16927

<p>A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.<...

7.8CVSS7.7AI score0.20923EPSS
CVE
CVEadded 2020/08/17 7:15 p.m.140 views

CVE-2020-1470

An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The sec...

7.8CVSS8.1AI score0.00936EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.139 views

CVE-2019-0736

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine.To exploit the vulnerability, an attacker could send speci...

9.8CVSS9.2AI score0.1289EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.137 views

CVE-2019-1149

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ...

9.3CVSS9.3AI score0.37629EPSS
CVE
CVEadded 2020/08/17 7:15 p.m.137 views

CVE-2020-1518

An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate...

7.8CVSS8.6AI score0.00514EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.136 views

CVE-2020-16887

<p>An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p><p>To exploit the vulnerability, a locally authenticated att...

7.8CVSS8.1AI score0.00717EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.136 views

CVE-2020-16924

<p>A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.</p><p>An attacker could exploit this vulnerability by enticing a vict...

9.3CVSS8.3AI score0.10395EPSS
CVE
CVEadded 2020/10/16 11:15 p.m.135 views

CVE-2020-16940

<p>An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.</p><p>To exploit this vulnerability, an attacker wou...

7.8CVSS8AI score0.00507EPSS
CVE
CVEadded 2021/04/13 8:15 p.m.135 views

CVE-2021-28353

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.12162EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.134 views

CVE-2020-1034

<p>An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p><p>To exploit the vulnerability, a locally authenticated attacker could run a spe...

7.8CVSS7.5AI score0.25825EPSS
CVE
CVEadded 2020/12/10 12:15 a.m.134 views

CVE-2020-17140

Windows SMB Information Disclosure Vulnerability

8.1CVSS6.8AI score0.19706EPSS
CVE
CVEadded 2020/08/17 7:15 p.m.133 views

CVE-2020-1519

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The securit...

7.8CVSS8.6AI score0.00514EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.132 views

CVE-2019-1150

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ...

9.3CVSS8.7AI score0.27004EPSS
CVE
CVEadded 2021/04/13 8:15 p.m.131 views

CVE-2021-28434

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.12162EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.130 views

CVE-2019-1144

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ...

9.3CVSS9.1AI score0.41601EPSS
CVE
CVEadded 2020/11/11 7:15 a.m.130 views

CVE-2020-17001

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00619EPSS
Total number of security vulnerabilities328