Lucene search

K

639 matches found

CVE
CVE
added 2020/08/17 7:15 p.m.3670 views

CVE-2020-1472

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a d...

10CVSS8.2AI score0.94448EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.1653 views

CVE-2020-1350

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'.

10CVSS9.6AI score0.93595EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.1387 views

CVE-2020-0787

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.60201EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.1295 views

CVE-2020-0601

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, l...

8.1CVSS7.6AI score0.94044EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.1250 views

CVE-2020-0986

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.1247 views

CVE-2020-17087

Windows Kernel Local Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.15084EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.1204 views

CVE-2020-1020

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

8.8CVSS8.2AI score0.8787EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.1172 views

CVE-2020-0683

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.

7.8CVSS8AI score0.27418EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.1152 views

CVE-2020-1054

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.

7.8CVSS7.8AI score0.80651EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.1102 views

CVE-2020-1464

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.In an attack scenario, an attacker could bypass security features intended to prevent imprope...

7.8CVSS7.3AI score0.05831EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.1082 views

CVE-2020-1040

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036,...

9CVSS9.2AI score0.01001EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.1069 views

CVE-2020-0610

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ...

10CVSS9.7AI score0.87813EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.1068 views

CVE-2020-0938

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

7.8CVSS8.2AI score0.8787EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.1062 views

CVE-2020-1027

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.

7.8CVSS8AI score0.13396EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.937 views

CVE-2020-17049

A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service t...

9CVSS6.8AI score0.20086EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.446 views

CVE-2020-0609

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ...

10CVSS9.7AI score0.87813EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.369 views

CVE-2020-0645

A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.

7.5CVSS8.2AI score0.08197EPSS
CVE
CVE
added 2020/07/29 6:15 p.m.318 views

CVE-2020-15707

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extrem...

6.4CVSS7.6AI score0.00033EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.290 views

CVE-2020-1269

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/07/29 6:15 p.m.285 views

CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 ...

6.4CVSS7.7AI score0.00064EPSS
CVE
CVE
added 2020/07/29 6:15 p.m.284 views

CVE-2020-15705

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. Thi...

6.4CVSS7.1AI score0.00024EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.273 views

CVE-2020-17051

Windows Network File System Remote Code Execution Vulnerability

10CVSS9.6AI score0.14901EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.270 views

CVE-2020-0611

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

7.5CVSS8.8AI score0.14967EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.263 views

CVE-2020-1048

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.

7.8CVSS7.7AI score0.73576EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.247 views

CVE-2020-1036

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1040,...

9CVSS9.2AI score0.01001EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.243 views

CVE-2020-1337

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...

7.8CVSS7.8AI score0.55248EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.236 views

CVE-2020-1013

An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.To exploit this vulnerability, an att...

9.3CVSS8.1AI score0.15904EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.235 views

CVE-2020-1032

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1036, CVE-2020-1040,...

9CVSS9.2AI score0.01001EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.229 views

CVE-2020-1599

Windows Spoofing Vulnerability

5.5CVSS7.2AI score0.05733EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.226 views

CVE-2020-1042

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036,...

9CVSS9.2AI score0.01001EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.224 views

CVE-2020-1299

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

9.3CVSS8.4AI score0.32912EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.221 views

CVE-2020-1301

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.

8.8CVSS8.5AI score0.34234EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.220 views

CVE-2020-1300

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious ...

8.8CVSS8.3AI score0.40477EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.216 views

CVE-2020-1316

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.215 views

CVE-2020-16916

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An atta...

7.8CVSS8.2AI score0.00744EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.213 views

CVE-2020-1262

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.212 views

CVE-2020-1246

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.208 views

CVE-2020-1043

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036,...

9CVSS9.2AI score0.01001EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.206 views

CVE-2020-1266

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.204 views

CVE-2020-16891

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could caus...

8.8CVSS8.7AI score0.00539EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.202 views

CVE-2020-1041

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036,...

9CVSS9.2AI score0.01001EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.199 views

CVE-2020-0686

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0683.

7.8CVSS8AI score0.27418EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.199 views

CVE-2020-1264

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/12/10 12:15 a.m.197 views

CVE-2020-17096

Windows NTFS Remote Code Execution Vulnerability

9CVSS8AI score0.08663EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.196 views

CVE-2020-0668

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.

7.8CVSS7.7AI score0.79783EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.196 views

CVE-2020-1143

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1054.

7.8CVSS7.8AI score0.80651EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.182 views

CVE-2020-0662

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.

9CVSS8.4AI score0.34804EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.180 views

CVE-2020-0642

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0624.

7.8CVSS8.5AI score0.15527EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.179 views

CVE-2020-1530

An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security updat...

7.8CVSS8.3AI score0.00594EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.178 views

CVE-2020-0689

A security feature bypass vulnerability exists in secure boot, aka 'Microsoft Secure Boot Security Feature Bypass Vulnerability'.

6.7CVSS6.8AI score0.00158EPSS
Total number of security vulnerabilities639