4264 matches found
CVE-2020-1598
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v...
CVE-2020-16876
An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code e...
CVE-2020-17004
Windows Graphics Component Information Disclosure Vulnerability
CVE-2020-17034
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17099
Windows Lock Screen Security Feature Bypass Vulnerability
CVE-2021-1652
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1672
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
CVE-2021-1688
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1708
Windows GDI+ Information Disclosure Vulnerability
CVE-2021-26864
Windows Virtual Registry Provider Elevation of Privilege Vulnerability
CVE-2021-27070
Windows 10 Update Assistant Elevation of Privilege Vulnerability
CVE-2021-28326
Windows AppX Deployment Server Denial of Service Vulnerability
CVE-2021-28351
Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2021-28439
Windows TCP/IP Driver Denial of Service Vulnerability
CVE-2021-28441
Windows Hyper-V Information Disclosure Vulnerability
CVE-2022-26795
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-35758
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2022-38032
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
CVE-2023-33174
Windows Cryptographic Information Disclosure Vulnerability
CVE-2023-35318
Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-35319
Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-35345
Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-37969
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37979
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-38028
Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVE-2024-38085
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38191
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38231
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-43644
Windows Client-Side Caching Elevation of Privilege Vulnerability
CVE-2025-21261
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21285
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21373
Windows Installer Elevation of Privilege Vulnerability
CVE-2025-21409
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-26648
Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-32720
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2017-0058
A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure V...
CVE-2017-0084
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows ...
CVE-2017-0121
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a craft...
CVE-2017-8708
The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects...
CVE-2018-0885
The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows a denial of service vulnerability due to how input from a pri...
CVE-2018-8222
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2018-8231
A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2019-0983
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.To exploit the vulnerability, an attacker would first have to gain execution on t...
CVE-2019-1041
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new ...
CVE-2019-1198
An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerabi...
CVE-2019-1384
A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'Microsoft Windows Security Feature Bypass Vulnerability'.
CVE-2019-1474
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1472.
CVE-2020-0744
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'.
CVE-2020-0753
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0754.
CVE-2020-0769
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-20...