Search
Total
52 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1467 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-01-04 | 7.2 HIGH | 10.0 CRITICAL |
| <p>An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p> <p>The security update addresses the vulnerability by correcting how Windows handles hard links.</p> | |||||
| CVE-2020-17051 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2023-12-31 | 10.0 HIGH | 9.8 CRITICAL |
| Windows Network File System Remote Code Execution Vulnerability | |||||
| CVE-2021-24074 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| Windows TCP/IP Remote Code Execution Vulnerability | |||||
| CVE-2021-24094 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| Windows TCP/IP Remote Code Execution Vulnerability | |||||
| CVE-2021-24077 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| Windows Fax Service Remote Code Execution Vulnerability | |||||
| CVE-2021-24078 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2023-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26893 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2023-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26877 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2023-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26897 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2023-12-29 | 10.0 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26894 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2023-12-29 | 10.0 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26895 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2023-12-29 | 10.0 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26424 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-28 | 6.8 MEDIUM | 9.9 CRITICAL |
| Windows TCP/IP Remote Code Execution Vulnerability | |||||
| CVE-2022-26937 | 1 Microsoft | 6 Windows Server, Windows Server 2008, Windows Server 2012 and 3 more | 2023-12-21 | 7.5 HIGH | 9.8 CRITICAL |
| Windows Network File System Remote Code Execution Vulnerability | |||||
| CVE-2022-29130 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2023-12-21 | 9.3 HIGH | 9.8 CRITICAL |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||
| CVE-2022-22012 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-12-21 | 9.3 HIGH | 9.8 CRITICAL |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||
| CVE-2023-36049 | 1 Microsoft | 16 .net, .net Framework, Visual Studio 2022 and 13 more | 2023-11-21 | N/A | 9.8 CRITICAL |
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2023-36397 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2023-11-20 | N/A | 9.8 CRITICAL |
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |||||
| CVE-2023-36910 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Microsoft Message Queuing Remote Code Execution Vulnerability | |||||
| CVE-2023-35385 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Microsoft Message Queuing Remote Code Execution Vulnerability | |||||
| CVE-2023-36911 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Microsoft Message Queuing Remote Code Execution Vulnerability | |||||
| CVE-2023-36903 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Windows System Assessment Tool Elevation of Privilege Vulnerability | |||||
| CVE-2021-43215 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 6.8 MEDIUM | 9.8 CRITICAL |
| iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution | |||||
| CVE-2021-28476 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2023-08-02 | 6.5 MEDIUM | 9.9 CRITICAL |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||
| CVE-2021-31962 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-08-01 | 7.5 HIGH | 9.4 CRITICAL |
| Kerberos AppContainer Security Feature Bypass Vulnerability | |||||
| CVE-2020-0646 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2022-07-12 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'. | |||||
| CVE-2020-1350 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2022-07-12 | 10.0 HIGH | 10.0 CRITICAL |
| A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'. | |||||
| CVE-2021-43217 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Windows Encrypting File System (EFS) Remote Code Execution Vulnerability | |||||
| CVE-2018-8421 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2022-05-23 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input, aka ".NET Framework Remote Code Execution Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0. | |||||
| CVE-2019-0708 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2021-06-03 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | |||||
| CVE-2018-8540 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2020-09-28 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 4.6.2. | |||||
| CVE-2019-1365 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 9.0 HIGH | 9.9 CRITICAL |
| An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability can allow an unprivileged function ran by the user to execute code in the context of NT AUTHORITY\system escaping the Sandbox.The security update addresses the vulnerability by correcting how Microsoft IIS Server sanitizes web requests., aka 'Microsoft IIS Server Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-1182 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1222, CVE-2019-1226. | |||||
| CVE-2019-1181 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1182, CVE-2019-1222, CVE-2019-1226. | |||||
| CVE-2019-0736 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. | |||||
| CVE-2019-0725 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. | |||||
| CVE-2019-0626 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. | |||||
| CVE-2019-1213 | 1 Microsoft | 1 Windows Server 2008 | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. | |||||
| CVE-2019-1384 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 6.5 MEDIUM | 9.9 CRITICAL |
| A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'Microsoft Windows Security Feature Bypass Vulnerability'. | |||||
| CVE-2020-1043 | 1 Microsoft | 3 Windows Server 2008, Windows Server 2012, Windows Server 2016 | 2020-07-21 | 7.7 HIGH | 9.0 CRITICAL |
| A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036, CVE-2020-1040, CVE-2020-1041, CVE-2020-1042. | |||||
| CVE-2020-1042 | 1 Microsoft | 3 Windows Server 2008, Windows Server 2012, Windows Server 2016 | 2020-07-21 | 7.7 HIGH | 9.0 CRITICAL |
| A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036, CVE-2020-1040, CVE-2020-1041, CVE-2020-1043. | |||||
| CVE-2020-1041 | 1 Microsoft | 3 Windows Server 2008, Windows Server 2012, Windows Server 2016 | 2020-07-21 | 7.7 HIGH | 9.0 CRITICAL |
| A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036, CVE-2020-1040, CVE-2020-1042, CVE-2020-1043. | |||||
| CVE-2020-1040 | 1 Microsoft | 3 Windows Server 2008, Windows Server 2012, Windows Server 2016 | 2020-07-21 | 7.7 HIGH | 9.0 CRITICAL |
| A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036, CVE-2020-1041, CVE-2020-1042, CVE-2020-1043. | |||||
| CVE-2020-1032 | 1 Microsoft | 3 Windows Server 2008, Windows Server 2012, Windows Server 2016 | 2020-07-21 | 7.7 HIGH | 9.0 CRITICAL |
| A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1036, CVE-2020-1040, CVE-2020-1041, CVE-2020-1042, CVE-2020-1043. | |||||
| CVE-2020-1036 | 1 Microsoft | 3 Windows Server 2008, Windows Server 2012, Windows Server 2016 | 2020-07-21 | 7.7 HIGH | 9.0 CRITICAL |
| A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1040, CVE-2020-1041, CVE-2020-1042, CVE-2020-1043. | |||||
| CVE-2020-1112 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-05-29 | 9.0 HIGH | 9.9 CRITICAL |
| An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. | |||||
| CVE-2018-8476 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2020-02-13 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10 Servers. | |||||
| CVE-2019-0719 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-11-14 | 9.0 HIGH | 9.1 CRITICAL |
| A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0721. | |||||
| CVE-2017-11771 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows Search Remote Code Execution Vulnerability". | |||||
| CVE-2017-8589 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability". | |||||
| CVE-2017-8543 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability". | |||||