328 matches found
CVE-2021-26415
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-27096
NTFS Elevation of Privilege Vulnerability
CVE-2021-28315
Windows Media Video Decoder Remote Code Execution Vulnerability
CVE-2021-28318
Windows GDI+ Information Disclosure Vulnerability
CVE-2019-1143
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...
CVE-2019-1180
An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted...
CVE-2019-1212
A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding.To exploit the vulnerability, a remote unauthenticated attacker coul...
CVE-2020-0648
An elevation of privilege vulnerability exists when the Windows RSoP Service Application improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The...
CVE-2020-17038
Win32k Elevation of Privilege Vulnerability
CVE-2020-17055
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2021-1650
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2021-1654
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1694
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2021-1695
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1696
Windows Graphics Component Information Disclosure Vulnerability
CVE-2021-24079
Windows Backup Engine Information Disclosure Vulnerability
CVE-2021-26877
Windows DNS Server Remote Code Execution Vulnerability
CVE-2021-28349
Windows GDI+ Remote Code Execution Vulnerability
CVE-2019-1158
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...
CVE-2020-1091
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...
CVE-2020-1466
A denial of service vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RD Gateway service on the target system to...
CVE-2021-28437
Windows Installer Information Disclosure Vulnerability
CVE-2021-28445
Windows Network File System Remote Code Execution Vulnerability
CVE-2019-1177
An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted ...
CVE-2020-0761
A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System AccountTo exploit the vulnerability, an authent...
CVE-2020-16935
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An atta...
CVE-2020-17000
Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2021-24103
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-28323
Windows DNS Information Disclosure Vulnerability
CVE-2020-17025
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17036
Windows Function Discovery SSDP Provider Information Disclosure Vulnerability
CVE-2021-1702
Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability
CVE-2021-26893
Windows DNS Server Remote Code Execution Vulnerability
CVE-2019-1172
An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account.To exploit the vulnerability, an attacker would have to trick a user int...
CVE-2020-0911
An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted a...
CVE-2020-1115
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have ...
CVE-2020-17011
Windows Port Class Library Elevation of Privilege Vulnerability
CVE-2020-17047
Windows Network File System Denial of Service Vulnerability
CVE-2020-17069
Windows NDIS Information Disclosure Vulnerability
CVE-2021-1659
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-27094
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
CVE-2021-28443
Windows Console Driver Denial of Service Vulnerability
CVE-2019-1187
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application.A remote unauthenticated attacker could exploit this vulnerability by iss...
CVE-2020-0782
An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.To exploit this vulnerability, an attacker would first have to log on ...
CVE-2020-17032
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2021-1661
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1683
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the rem...
CVE-2021-1710
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-1734
Windows Remote Procedure Call Information Disclosure Vulnerability
CVE-2020-0838
An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafte...