427 matches found
CVE-2020-0782
An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.To exploit this vulnerability, an attacker would first have to log on ...
CVE-2020-17032
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2021-1661
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1683
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the rem...
CVE-2021-1710
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-1734
Windows Remote Procedure Call Information Disclosure Vulnerability
CVE-2020-0838
An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafte...
CVE-2020-1598
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v...
CVE-2020-16876
An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code e...
CVE-2020-17034
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17138
Windows Error Reporting Information Disclosure Vulnerability
CVE-2021-1652
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1688
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1708
Windows GDI+ Information Disclosure Vulnerability
CVE-2021-26864
Windows Virtual Registry Provider Elevation of Privilege Vulnerability
CVE-2021-28326
Windows AppX Deployment Server Denial of Service Vulnerability
CVE-2021-28439
Windows TCP/IP Driver Denial of Service Vulnerability
CVE-2019-1198
An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerabi...
CVE-2020-16905
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.An attacker who successfully exploited the vulnerability could gain greater access to ...
CVE-2020-17004
Windows Graphics Component Information Disclosure Vulnerability
CVE-2020-17033
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17041
Windows Print Configuration Elevation of Privilege Vulnerability
CVE-2020-17068
Windows GDI+ Remote Code Execution Vulnerability
CVE-2020-17099
Windows Lock Screen Security Feature Bypass Vulnerability
CVE-2020-17162
Microsoft Windows Security Feature Bypass Vulnerability
CVE-2021-28351
Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2019-1186
An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted...
CVE-2020-0904
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtua...
CVE-2020-0922
A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted file...
CVE-2020-1053
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ful...
CVE-2020-1146
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security...
CVE-2020-17045
Windows KernelStream Information Disclosure Vulnerability
CVE-2021-1693
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-28328
Windows DNS Information Disclosure Vulnerability
CVE-2019-1206
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive.To exploit the vulnerability, an atta...
CVE-2020-0912
An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privil...
CVE-2020-17027
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17046
Windows Error Reporting Denial of Service Vulnerability
CVE-2021-1679
Windows CryptoAPI Denial of Service Vulnerability
CVE-2021-1685
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
CVE-2021-24082
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
CVE-2021-26416
Windows Hyper-V Denial of Service Vulnerability
CVE-2021-26881
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-26901
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-27079
Windows Media Photo Codec Information Disclosure Vulnerability
CVE-2021-28309
Windows Kernel Information Disclosure Vulnerability
CVE-2020-0856
An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system.To exploit this condition, an authen...
CVE-2020-1038
A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system...
CVE-2020-1074
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2020-1245
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; o...