CVE-2020-1222

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Microsoft Store Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique fro...

CVE-2020-1278

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1293.

CVE-2020-1344

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1362, CVE-2020-1369.

CVE-2020-1359

An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory, aka 'Windows CNG Key Isolation Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1384.

CVE-2020-1365

An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event Logging Service Elevation of Privilege Vulnerability'. This CVE ID i...

CVE-2020-17007

Windows Error Reporting Elevation of Privilege Vulnerability

CVE-2020-17013

Win32k Information Disclosure Vulnerability

CVE-2020-17028

Windows Remote Access Elevation of Privilege Vulnerability

CVE-2021-1691

Windows Hyper-V Denial of Service Vulnerability

CVE-2021-28317

Microsoft Windows Codecs Library Information Disclosure Vulnerability

CVE-2022-33645

Windows TCP/IP Driver Denial of Service Vulnerability

CVE-2022-34712

Windows Defender Credential Guard Information Disclosure Vulnerability

CVE-2022-35760

Microsoft ATA Port Driver Elevation of Privilege Vulnerability

CVE-2022-35793

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2022-38034

Windows Workstation Service Elevation of Privilege Vulnerability

CVE-2023-21701

Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability

CVE-2023-24906

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-32040

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-35296

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-35322

Windows Deployment Services Remote Code Execution Vulnerability

CVE-2024-30067

Winlogon Elevation of Privilege Vulnerability

CVE-2024-37974

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-38022

Windows Image Acquisition Elevation of Privilege Vulnerability

CVE-2024-38056

Microsoft Windows Codecs Library Information Disclosure Vulnerability

CVE-2024-38057

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2024-38069

Windows Enroll Engine Security Feature Bypass Vulnerability

CVE-2024-38242

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

CVE-2024-38263

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

CVE-2024-49125

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-21247

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

CVE-2025-21319

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21371

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-24992

Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.

CVE-2016-7218

Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information via a cr...

CVE-2017-0081

The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is differ...

CVE-2017-0250

Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to buffer overflow, aka "Microsoft JET Databa...

CVE-2017-11783

Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles calls to Advanced Local Procedure Call (ALPC), aka "Windows Elevation of Privilege Vulnerability".

CVE-2018-8253

An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka "Microsoft Cortana Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10.

CVE-2019-1251

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1245.

CVE-2019-1440

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1436.

CVE-2020-0675

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addre...

CVE-2020-0714

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.

CVE-2020-0766

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security...

CVE-2020-0773

An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. This ...

CVE-2020-0845

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0804.

CVE-2020-0909

A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolv...

CVE-2020-0934

An elevation of privilege vulnerability exists when the Windows WpcDesktopMonSvc improperly manages memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0983...

CVE-2020-0948

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0949, CVE-2020-0950.

CVE-2020-0993

A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka 'Windows DNS Denial of Service Vulnerability'.

CVE-2020-1005

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-0987.