Total
4177 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-16958 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Windows Backup Engine Elevation of Privilege Vulnerability | |||||
CVE-2020-16909 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
<p>An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it.</p> <p>An attacker who successfully exploited the vulnerability could gain greater access to sensitive information and system functionality. To exploit the vulnerability, an attacker could run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting the way that WER handles and executes files.</p> | |||||
CVE-2021-26891 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Windows Container Execution Agent Elevation of Privilege Vulnerability | |||||
CVE-2020-17045 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
Windows KernelStream Information Disclosure Vulnerability | |||||
CVE-2020-16935 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
<p>An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows COM Server creates COM objects.</p> | |||||
CVE-2020-17094 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Windows Error Reporting Information Disclosure Vulnerability | |||||
CVE-2020-16885 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
<p>An elevation of privilege vulnerability exists when the Windows Storage VSP Driver improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p> <p>To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Storage VSP Driver properly handles file operations.</p> | |||||
CVE-2020-17028 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Windows Remote Access Elevation of Privilege Vulnerability | |||||
CVE-2020-16877 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
<p>An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and overwrite or delete files.</p> <p>The security update addresses the vulnerability by correcting how Windows handles reparse points.</p> | |||||
CVE-2020-16910 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-28 | 4.3 MEDIUM | 6.2 MEDIUM |
<p>A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location.</p> <p>To exploit this vulnerability, an attacker could run a specially crafted application to bypass Unified Extensible Firmware Interface (UEFI) variable security in Windows.</p> <p>The security update addresses the vulnerability by correcting security feature behavior to enforce permissions.</p> | |||||
CVE-2021-26881 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-28 | 6.5 MEDIUM | 7.5 HIGH |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability | |||||
CVE-2021-26874 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Windows Overlay Filter Elevation of Privilege Vulnerability | |||||
CVE-2020-16939 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
<p>An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.</p> <p>The security update addresses the vulnerability by correcting how Group Policy checks access.</p> | |||||
CVE-2020-16924 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
<p>A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.</p> <p>An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.</p> <p>The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.</p> | |||||
CVE-2020-16913 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
<p>An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p> <p>The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.</p> | |||||
CVE-2020-17046 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
Windows Error Reporting Denial of Service Vulnerability | |||||
CVE-2020-16962 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Windows Backup Engine Elevation of Privilege Vulnerability | |||||
CVE-2020-17026 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Windows Remote Access Elevation of Privilege Vulnerability | |||||
CVE-2021-1727 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Windows Installer Elevation of Privilege Vulnerability | |||||
CVE-2020-17075 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Windows USO Core Worker Elevation of Privilege Vulnerability |