Skip to main content

Windows 8 1

2096 CVEs product

Monthly

CVE-2020-1337 HIGH POC PATCH THREAT Act Now

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
14.2%
CVE-2020-15707 MEDIUM POC PATCH This Month

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not. Rated medium severity (CVSS 6.4). Public exploit code available.

Ubuntu Buffer Overflow Race Condition Debian RCE +16
NVD
CVSS 3.1
6.4
EPSS
1.6%
CVE-2020-15706 MEDIUM PATCH This Month

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already. Rated medium severity (CVSS 6.4).

Race Condition RCE Grub2 Enterprise Linux Atomic Host Openshift Container Platform +11
NVD
CVSS 3.1
6.4
EPSS
1.0%
CVE-2020-15705 MEDIUM PATCH This Month

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. Rated medium severity (CVSS 6.4).

Jwt Attack Authentication Bypass Grub2 Enterprise Linux Atomic Host Openshift Container Platform +11
NVD
CVSS 3.1
6.4
EPSS
1.4%
CVE-2020-1468 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
6.5
EPSS
5.2%
CVE-2020-1438 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1437 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Location Awareness Service handles objects in memory, aka 'Windows Network Location Awareness Service Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1436 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10 +7
NVD
CVSS 3.1
8.8
EPSS
21.4%
CVE-2020-1435 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
13.8%
CVE-2020-1430 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1428 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1427 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1419 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-1412 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

RCE Privilege Escalation Microsoft Windows 10 Windows 7 +6
NVD
CVSS 3.1
8.8
EPSS
14.0%
CVE-2020-1410 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Address Book (WAB) improperly processes vcard files.To exploit the vulnerability, an attacker could send a malicious vcard that a victim. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
11.5%
CVE-2020-1409 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
11.7%
CVE-2020-1408 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
5.7%
CVE-2020-1407 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
10.9%
CVE-2020-1406 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1402 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1401 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
13.2%
CVE-2020-1400 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Integer Overflow Windows 10 Windows 7 +6
NVD
CVSS 3.1
7.8
EPSS
23.8%
CVE-2020-1399 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1397 MEDIUM PATCH This Month

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
6.5
EPSS
6.4%
CVE-2020-1396 HIGH PATCH This Week

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1390 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1389 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2020-1385 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory, aka 'Windows Credential Picker Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1384 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory, aka 'Windows CNG Key Isolation Service Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1374 HIGH PATCH This Week

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.5
EPSS
8.4%
CVE-2020-1373 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1371 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1368 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Credential Enrollment Manager service handles objects in memory, aka 'Windows Credential Enrollment Manager Service Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1365 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1360 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations, aka 'Windows Profile Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1359 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory, aka 'Windows CNG Key Isolation Service Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1354 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1351 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2020-1346 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Modules Installer improperly handles file operations, aka 'Windows Modules Installer Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1333 MEDIUM PATCH This Month

An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points, aka 'Group Policy Services Policy Processing Elevation of Privilege. Rated medium severity (CVSS 6.7).

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2020-1267 MEDIUM PATCH This Month

This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
4.9
EPSS
4.5%
CVE-2020-1249 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1085 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1348 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
6.5
EPSS
5.2%
CVE-2020-1334 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1317 HIGH PATCH This Week

An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
8.8
EPSS
4.3%
CVE-2020-1314 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server fails to properly handle messages sent from TSF clients, aka 'Windows Text Service Framework. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2020-1311 HIGH PATCH This Week

An elevation of privilege vulnerability exists when Component Object Model (COM) client uses special case IIDs, aka 'Component Object Model Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2020-1310 MEDIUM PATCH This Month

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2020-1302 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1301 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
36.7%
CVE-2020-1300 HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
59.5%
CVE-2020-1299 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
14.5%
CVE-2020-1291 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2020-1287 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2020-1282 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-1281 HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

RCE Microsoft Integer Overflow Windows 10 Windows 7 +6
NVD
CVSS 3.1
8.8
EPSS
14.5%
CVE-2020-1272 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1270 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory, aka 'Windows WLAN Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1269 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1263 MEDIUM PATCH This Month

An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2020-1262 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1255 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
3.4%
CVE-2020-1254 HIGH PATCH This Week

An elevation of privilege vulnerability exists when Windows Modules Installer Service improperly handles class object members.A locally authenticated attacker could run arbitrary code with elevated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1253 MEDIUM PATCH This Month

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2020-1251 MEDIUM PATCH This Month

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2020-1247 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1246 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-1239 HIGH PATCH This Week

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
8.8
EPSS
5.9%
CVE-2020-1236 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
11.5%
CVE-2020-1231 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2020-1212 HIGH PATCH This Week

An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2020-1208 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
14.7%
CVE-2020-1207 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Use After Free Memory Corruption Information Disclosure Windows 10 +7
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-1196 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory, aka 'Windows Print Configuration Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-1194 MEDIUM PATCH This Month

A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations, aka 'Windows Registry Denial of Service Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-1160 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.6%
CVE-2020-0986 HIGH KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption Windows 10 1507 Windows 10 1607 +15
NVD
CVSS 3.1
7.8
EPSS
15.9%
CVE-2020-0916 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-0915 HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +3
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1179 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
6.5
EPSS
6.3%
CVE-2020-1176 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
10.9%
CVE-2020-1175 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
10.9%
CVE-2020-1174 HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
10.9%
CVE-2020-1154 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1153 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
11.7%
CVE-2020-1149 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2020-1143 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-1141 MEDIUM PATCH This Month

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.6%
CVE-2020-1136 HIGH PATCH This Week

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption Windows 10 Windows 8 1 +4
NVD
CVSS 3.1
7.8
EPSS
4.7%
EPSS 14% CVSS 7.8
HIGH POC PATCH THREAT Act Now

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

RCE Microsoft Windows 10 +7
NVD
EPSS 2% CVSS 6.4
MEDIUM POC PATCH This Month

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not. Rated medium severity (CVSS 6.4). Public exploit code available.

Ubuntu Buffer Overflow Race Condition +18
NVD
EPSS 1% CVSS 6.4
MEDIUM PATCH This Month

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already. Rated medium severity (CVSS 6.4).

Race Condition RCE Grub2 +13
NVD
EPSS 1% CVSS 6.4
MEDIUM PATCH This Month

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. Rated medium severity (CVSS 6.4).

Jwt Attack Authentication Bypass Grub2 +13
NVD
EPSS 5% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Location Awareness Service handles objects in memory, aka 'Windows Network Location Awareness Service Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 21% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE +9
NVD
EPSS 14% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 14% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

RCE Privilege Escalation Microsoft +8
NVD
EPSS 12% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Address Book (WAB) improperly processes vcard files.To exploit the vulnerability, an attacker could send a malicious vcard that a victim. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 12% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Windows 10 Windows 7 +6
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 11% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 13% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 24% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Integer Overflow +8
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 6% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory, aka 'Windows Credential Picker Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory, aka 'Windows CNG Key Isolation Service Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 8% CVSS 7.5
HIGH PATCH This Week

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Credential Enrollment Manager service handles objects in memory, aka 'Windows Credential Enrollment Manager Service Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations, aka 'Windows Profile Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory, aka 'Windows CNG Key Isolation Service Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Modules Installer improperly handles file operations, aka 'Windows Modules Installer Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points, aka 'Group Policy Services Policy Processing Elevation of Privilege. Rated medium severity (CVSS 6.7).

Information Disclosure Windows 10 Windows 7 +6
NVD
EPSS 5% CVSS 4.9
MEDIUM PATCH This Month

This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Windows 10 Windows 7 +6
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 5% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Windows 10 Windows 7 +6
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server fails to properly handle messages sent from TSF clients, aka 'Windows Text Service Framework. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when Component Object Model (COM) client uses special case IIDs, aka 'Component Object Model Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Windows 10 Windows 7 +6
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 37% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 60% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 15% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 14% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

RCE Microsoft Integer Overflow +8
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory, aka 'Windows WLAN Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +8
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when Windows Modules Installer Service improperly handles class object members.A locally authenticated attacker could run arbitrary code with elevated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Week

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Microsoft Windows 10 +7
NVD
EPSS 12% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Windows 10 Windows 7 +6
NVD
EPSS 15% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Microsoft Use After Free Memory Corruption +9
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory, aka 'Windows Print Configuration Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations, aka 'Windows Registry Denial of Service Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 +7
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 16% CVSS 7.8
HIGH KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption +17
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 6% CVSS 6.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 11% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 11% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 11% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 12% CVSS 7.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10 +7
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption +6
NVD
Prev Page 10 of 24 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy