Lucene search

K
MicrosoftWindows Server 2019

742 matches found

CVE
CVE
added 2020/08/17 7:15 p.m.3733 views

CVE-2020-1472

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a d...

10CVSS8.2AI score0.94448EPSS
CVE
CVE
added 2020/07/14 11:15 p.m.1666 views

CVE-2020-1350

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'.

10CVSS9.6AI score0.93577EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.1400 views

CVE-2020-0787

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.57142EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.1306 views

CVE-2020-0601

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, l...

8.1CVSS7.6AI score0.94044EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.1262 views

CVE-2020-0986

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.1262 views

CVE-2020-17087

Windows Kernel Local Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.17301EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.1204 views

CVE-2020-1020

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

8.8CVSS8.2AI score0.87842EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.1185 views

CVE-2020-0683

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.

7.8CVSS8AI score0.27418EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.1164 views

CVE-2020-1054

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.

7.8CVSS7.8AI score0.77317EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.1114 views

CVE-2020-1464

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.In an attack scenario, an attacker could bypass security features intended to prevent imprope...

7.8CVSS7.3AI score0.05831EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.1082 views

CVE-2020-0610

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ...

10CVSS9.7AI score0.87813EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.1068 views

CVE-2020-0938

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

7.8CVSS8.2AI score0.87842EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.1062 views

CVE-2020-1027

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.

7.8CVSS8AI score0.13396EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.1022 views

CVE-2020-0638

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.

7.8CVSS8.6AI score0.07009EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.950 views

CVE-2020-17049

A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service t...

9CVSS6.8AI score0.20086EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.459 views

CVE-2020-0609

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ...

10CVSS9.7AI score0.87813EPSS
CVE
CVE
added 2020/03/12 4:15 p.m.369 views

CVE-2020-0645

A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.

7.5CVSS8.2AI score0.08197EPSS
CVE
CVE
added 2020/07/29 6:15 p.m.319 views

CVE-2020-15707

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extrem...

6.4CVSS7.6AI score0.00033EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.303 views

CVE-2020-1269

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/07/29 6:15 p.m.286 views

CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 ...

6.4CVSS7.7AI score0.00064EPSS
CVE
CVE
added 2020/07/29 6:15 p.m.285 views

CVE-2020-15705

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. Thi...

6.4CVSS7.1AI score0.00024EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.273 views

CVE-2020-17051

Windows Network File System Remote Code Execution Vulnerability

10CVSS9.6AI score0.14901EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.270 views

CVE-2020-0611

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

7.5CVSS8.8AI score0.14967EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.263 views

CVE-2020-1048

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.

7.8CVSS7.7AI score0.72045EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.243 views

CVE-2020-1337

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...

7.8CVSS7.8AI score0.55248EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.241 views

CVE-2020-1599

Windows Spoofing Vulnerability

5.5CVSS7.2AI score0.05733EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.236 views

CVE-2020-1013

An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.To exploit this vulnerability, an att...

9.3CVSS8.1AI score0.1795EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.233 views

CVE-2020-1274

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.230 views

CVE-2020-1237

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273,...

7.8CVSS7.8AI score0.19295EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.228 views

CVE-2020-1276

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.228 views

CVE-2020-1316

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.228 views

CVE-2020-16916

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An atta...

7.8CVSS8.2AI score0.00744EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.225 views

CVE-2020-1262

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.224 views

CVE-2020-1246

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.224 views

CVE-2020-1299

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

9.3CVSS8.4AI score0.32912EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.221 views

CVE-2020-1301

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.

8.8CVSS8.5AI score0.34234EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.220 views

CVE-2020-1300

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious ...

8.8CVSS8.3AI score0.40477EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.219 views

CVE-2020-1266

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.212 views

CVE-2020-0686

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0683.

7.8CVSS8AI score0.27418EPSS
CVE
CVE
added 2020/06/09 8:15 p.m.212 views

CVE-2020-1264

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.208 views

CVE-2020-1143

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1054.

7.8CVSS7.8AI score0.77317EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.204 views

CVE-2020-16891

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could caus...

8.8CVSS8.7AI score0.00539EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.198 views

CVE-2020-0668

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.

7.8CVSS7.7AI score0.79783EPSS
CVE
CVE
added 2020/12/10 12:15 a.m.197 views

CVE-2020-17096

Windows NTFS Remote Code Execution Vulnerability

9CVSS8AI score0.08663EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.183 views

CVE-2020-16898

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.To exploit this vulnerability, an attack...

8.8CVSS8.7AI score0.32378EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.182 views

CVE-2020-0662

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.

9CVSS8.4AI score0.34804EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.180 views

CVE-2020-0642

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0624.

7.8CVSS8.5AI score0.15527EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.179 views

CVE-2020-1530

An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security updat...

7.8CVSS8.3AI score0.00594EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.178 views

CVE-2020-0689

A security feature bypass vulnerability exists in secure boot, aka 'Microsoft Secure Boot Security Feature Bypass Vulnerability'.

6.7CVSS6.8AI score0.00158EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.175 views

CVE-2020-16933

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file co...

8.8CVSS6.6AI score0.0284EPSS
Total number of security vulnerabilities742