3872 matches found
CVE-2025-26687
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-26688
Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.
CVE-2025-47955
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
CVE-2019-1324
An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'.
CVE-2019-1409
An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory, aka 'Windows Remote Procedure Call Information Disclosure Vulnerability'.
CVE-2020-0658
An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.
CVE-2020-0725
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE...
CVE-2020-0748
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addre...
CVE-2020-1144
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1184, CVE-2020...
CVE-2020-1244
A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-1120.
CVE-2020-1388
An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1392, CVE-2020-1394, CVE-2020-1395.
CVE-2020-1424
An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'.
CVE-2020-1431
An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.T...
CVE-2020-16854
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...
CVE-2021-24095
DirectX Elevation of Privilege Vulnerability
CVE-2021-26870
Windows Projected File System Elevation of Privilege Vulnerability
CVE-2021-26892
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-38239
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2025-21214
Windows BitLocker Information Disclosure Vulnerability
CVE-2025-21223
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21236
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21238
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21347
Windows Deployment Services Denial of Service Vulnerability
CVE-2025-24059
Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-24987
Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
CVE-2019-1415
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerabi...
CVE-2019-1420
An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1422, CVE-2019-1423.
CVE-2020-0752
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0666, CVE-2020-0667, CVE-2020-0735.
CVE-2020-0763
An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Windows Defender Security Center Elevation of Privilege Vulnerability'. This CVE ID is uniq...
CVE-2020-0779
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0798, CVE-2020-0814, CVE-2020-0842, CVE-2020-0843.
CVE-2020-0780
An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'.
CVE-2020-0867
An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0868.
CVE-2020-1021
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088.
CVE-2020-1068
An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2...
CVE-2020-1079
An elevation of privilege vulnerability exists when the Windows fails to properly handle objects in memory, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1010, CVE-2020-1068.
CVE-2020-1347
An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations, aka 'Windows Storage Services Elevation of Privilege Vulnerability'.
CVE-2020-16879
An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's systemTo exploit this vulnerability, an attacker would first h...
CVE-2021-26880
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-26889
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2023-35346
Windows DNS Server Remote Code Execution Vulnerability
CVE-2023-35644
Windows Sysmain Service Elevation of Privilege Vulnerability
CVE-2024-38238
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38247
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38249
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43564
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-49108
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2025-21217
Windows NTLM Spoofing Vulnerability
CVE-2025-21227
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21239
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21240
Windows Telephony Service Remote Code Execution Vulnerability