4166 matches found
CVE-2020-1550
An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handle memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The secur...
CVE-2020-16919
An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files.An attacker with unprivileged access to a vulnerable system could exploi...
CVE-2021-33744
Windows Secure Kernel Mode Security Feature Bypass Vulnerability
CVE-2021-33758
Windows Hyper-V Denial of Service Vulnerability
CVE-2021-33788
Windows LSA Denial of Service Vulnerability
CVE-2021-34491
Win32k Information Disclosure Vulnerability
CVE-2021-34513
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-38630
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-40475
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2021-41361
Active Directory Federation Server Spoofing Vulnerability
CVE-2022-22031
Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability
CVE-2022-26784
Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability
CVE-2022-41077
Windows Fax Compose Form Elevation of Privilege Vulnerability
CVE-2023-28223
Windows Domain Name Service Remote Code Execution Vulnerability
CVE-2023-28255
Windows DNS Server Remote Code Execution Vulnerability
CVE-2023-29369
Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2024-30077
Windows OLE Remote Code Execution Vulnerability
CVE-2024-38074
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43554
Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-43637
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2025-21369
Microsoft Digest Authentication Remote Code Execution Vulnerability
CVE-2025-24068
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-27482
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
CVE-2018-0963
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2018-0972
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2...
CVE-2018-1008
An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory, aka "OpenType Font Driver Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 20...
CVE-2018-1036
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Win...
CVE-2018-8434
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows...
CVE-2019-0682
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0689, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694.
CVE-2019-0973
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then insta...
CVE-2019-1027
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulner...
CVE-2019-1078
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.An authenticated attacker could exploit this vulnerabil...
CVE-2019-1240
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1246, CVE-2019-1247, CVE-2019-1248,...
CVE-2020-0629
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627...
CVE-2020-0703
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'.
CVE-2020-0755
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addre...
CVE-2020-0992
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0994,...
CVE-2020-1152
An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.To exploit the vulnerability, an attacker would have to log on to an affected system and r...
CVE-2020-1308
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ful...
CVE-2020-1382
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1381.
CVE-2020-1393
An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418.
CVE-2020-1473
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2020-1552
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap...
CVE-2020-1553
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted applica...
CVE-2020-1578
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a ker...
CVE-2020-1593
A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.There are multiple ways an attacker could exploit the vulnerability, such as by convincing a us...
CVE-2021-1656
TPM Device Driver Information Disclosure Vulnerability
CVE-2021-1667
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-1726
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-26891
Windows Container Execution Agent Elevation of Privilege Vulnerability