Windows Server 2019
Monthly
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An information disclosure vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Information Disclosure Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory, aka 'Windows Now Playing Session Manager Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory, aka 'Windows Print Configuration Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations, aka 'Windows Registry Denial of Service Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles file and folder links, aka 'Windows Error Reporting Manager Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A denial of service vulnerability exists in the Windows implementation of Transport Layer Security (TLS) when it improperly handles certain key exchanges, aka 'Microsoft Windows Transport Layer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A remote code execution vulnerability exists in the way that the Color Management Module (ICM32.dll) handles objects in memory, aka 'Microsoft Color Management Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.
An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values.An attacker who successfully exploited this vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows fails to properly handle objects in memory, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when Windows improperly handles errors tied to Remote Access Common Dialog, aka 'Windows Remote Access Common Dialog Elevation of Privilege. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
A remote code execution vulnerability exists in the way that the Microsoft Script Runtime handles objects in memory, aka 'Microsoft Script Runtime Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An information disclosure vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Information Disclosure Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory, aka 'Windows Now Playing Session Manager Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory, aka 'Windows Print Configuration Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations, aka 'Windows Registry Denial of Service Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles file and folder links, aka 'Windows Error Reporting Manager Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A denial of service vulnerability exists in the Windows implementation of Transport Layer Security (TLS) when it improperly handles certain key exchanges, aka 'Microsoft Windows Transport Layer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A remote code execution vulnerability exists in the way that the Color Management Module (ICM32.dll) handles objects in memory, aka 'Microsoft Color Management Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.
An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values.An attacker who successfully exploited this vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows fails to properly handle objects in memory, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists when Windows improperly handles errors tied to Remote Access Common Dialog, aka 'Windows Remote Access Common Dialog Elevation of Privilege. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
A remote code execution vulnerability exists in the way that the Microsoft Script Runtime handles objects in memory, aka 'Microsoft Script Runtime Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.