Skip to main content

Windows Server 1909

12 CVEs product

Monthly

CVE-2021-28310 HIGH KEV PATCH THREAT This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Windows 10 1803 Windows 10 1809 Windows 10 1909 +6
NVD
CVSS 3.1
7.8
EPSS
8.3%
CVE-2020-1464 HIGH POC KEV PATCH THREAT This Week

A spoofing vulnerability exists when Windows incorrectly validates file signatures. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Jwt Attack Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 +16
NVD
CVSS 3.1
7.8
EPSS
41.1%
CVE-2020-0986 HIGH KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption Windows 10 1507 Windows 10 1607 +15
NVD
CVSS 3.1
7.8
EPSS
15.9%
CVE-2020-1054 HIGH POC KEV PATCH THREAT Act Now

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Memory Corruption Windows 10 1507 Windows 10 1607 +15
NVD
CVSS 3.1
7.8
EPSS
52.8%
CVE-2020-1027 HIGH POC KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Memory Corruption Windows 10 1507 Windows 10 1607 +15
NVD
CVSS 3.1
7.8
EPSS
4.4%
CVE-2020-1020 HIGH KEV PATCH THREAT This Week

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Microsoft Buffer Overflow Adobe Memory Corruption RCE +16
NVD
CVSS 3.1
8.8
EPSS
65.0%
CVE-2020-0938 HIGH KEV PATCH THREAT This Week

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Microsoft Buffer Overflow Adobe Memory Corruption RCE +17
NVD
CVSS 3.1
7.8
EPSS
69.2%
CVE-2020-0796 CRITICAL POC KEV PATCH THREAT Act Now

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Microsoft Windows 10 1903 Windows 10 1909 +2
NVD Exploit-DB
CVSS 3.1
10.0
EPSS
99.8%
CVE-2020-0787 HIGH POC KEV EUVD KEV PATCH THREAT Act Now

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1709 +14
NVD
CVSS 3.1
7.8
EPSS
42.5%
CVE-2020-0683 HIGH POC KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1709 +14
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
7.7%
CVE-2020-0638 HIGH KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1709 Windows 10 1803 Windows 10 1809 Windows 10 1903 +5
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2020-0601 Go HIGH POC KEV PATCH THREAT This Week

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1709 +10
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
89.4%
EPSS 8% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Windows 10 1803 +8
NVD
EPSS 41% CVSS 7.8
HIGH POC KEV PATCH THREAT This Week

A spoofing vulnerability exists when Windows incorrectly validates file signatures. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Jwt Attack Microsoft Authentication Bypass +18
NVD
EPSS 16% CVSS 7.8
HIGH KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft Memory Corruption +17
NVD
EPSS 53% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Memory Corruption +17
NVD
EPSS 4% CVSS 7.8
HIGH POC KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Memory Corruption +17
NVD
EPSS 65% CVSS 8.8
HIGH KEV PATCH THREAT This Week

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Microsoft Buffer Overflow Adobe +18
NVD
EPSS 69% CVSS 7.8
HIGH KEV PATCH THREAT This Week

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Microsoft Buffer Overflow Adobe +19
NVD
EPSS 100% CVSS 10.0
CRITICAL POC KEV PATCH THREAT Act Now

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Microsoft +4
NVD Exploit-DB
EPSS 43% CVSS 7.8
HIGH POC KEV EUVD KEV PATCH THREAT Act Now

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 1507 +16
NVD
EPSS 8% CVSS 7.8
HIGH POC KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 1507 +16
NVD Exploit-DB
EPSS 3% CVSS 7.8
HIGH KEV PATCH THREAT This Week

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 1709 Windows 10 1803 +7
NVD
EPSS 89% CVSS 8.1
HIGH POC KEV PATCH THREAT This Week

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 1507 +12
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy