Microsoft Windows 10
By the Year
In 2021 there have been 92 vulnerabilities in Microsoft Windows 10 with an average score of 7.5 out of ten. Last year Windows 10 had 802 security vulnerabilities published. Right now, Windows 10 is on track to have less security vulnerabilities in 2021 than it did last year. However, the average CVE base score of the vulnerabilities in 2021 is greater by 0.13.
Year | Vulnerabilities | Average Score |
---|---|---|
2021 | 92 | 7.55 |
2020 | 802 | 7.42 |
2019 | 448 | 7.37 |
2018 | 257 | 6.58 |
It may take a day or so for new Windows 10 vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.
Latest Microsoft Windows 10 Security Vulnerabilities
Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1732
7.8 - High
- February 25, 2021
Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698.
CVE-2021-1732 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Camera Codec Pack Remote Code Execution Vulnerability
CVE-2021-24091
8.8 - High
- February 25, 2021
Windows Camera Codec Pack Remote Code Execution Vulnerability
CVE-2021-24091 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Out-of-bounds Write
Windows Mobile Device Management Information Disclosure Vulnerability
CVE-2021-24084
5.5 - Medium
- February 25, 2021
Windows Mobile Device Management Information Disclosure Vulnerability
CVE-2021-24084 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1727
7.8 - High
- February 25, 2021
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1727 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Address Book Remote Code Execution Vulnerability
CVE-2021-24083
7.8 - High
- February 25, 2021
Windows Address Book Remote Code Execution Vulnerability
CVE-2021-24083 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Out-of-bounds Write
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-24103
7.8 - High
- February 25, 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24102.
CVE-2021-24103 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2021-24093
8.8 - High
- February 25, 2021
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2021-24093 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Backup Engine Information Disclosure Vulnerability
CVE-2021-24079
5.5 - Medium
- February 25, 2021
Windows Backup Engine Information Disclosure Vulnerability
CVE-2021-24079 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Windows Remote Procedure Call Information Disclosure Vulnerability
CVE-2021-1734
7.5 - High
- February 25, 2021
Windows Remote Procedure Call Information Disclosure Vulnerability
CVE-2021-1734 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1722
9.8 - Critical
- February 25, 2021
Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24077.
CVE-2021-1722 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Windows Local Spooler Remote Code Execution Vulnerability
CVE-2021-24088
8.8 - High
- February 25, 2021
Windows Local Spooler Remote Code Execution Vulnerability
CVE-2021-24088 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-24074
9.8 - Critical
- February 25, 2021
Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24094.
CVE-2021-24074 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVE-2021-24081
7.8 - High
- February 25, 2021
Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVE-2021-24081 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Out-of-bounds Write
Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-24094
9.8 - Critical
- February 25, 2021
Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24074.
CVE-2021-24094 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Windows DirectX Information Disclosure Vulnerability
CVE-2021-24106
5.5 - Medium
- February 25, 2021
Windows DirectX Information Disclosure Vulnerability
CVE-2021-24106 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
PFX Encryption Security Feature Bypass Vulnerability
CVE-2021-1731
5.5 - Medium
- February 25, 2021
PFX Encryption Security Feature Bypass Vulnerability
CVE-2021-1731 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-24102
7.8 - High
- February 25, 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24103.
CVE-2021-24102 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-24077
9.8 - Critical
- February 25, 2021
Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1722.
CVE-2021-24077 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Windows Trust Verification API Denial of Service Vulnerability
CVE-2021-24080
6.5 - Medium
- February 25, 2021
Windows Trust Verification API Denial of Service Vulnerability
CVE-2021-24080 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1698
7.8 - High
- February 25, 2021
Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1732.
CVE-2021-1698 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Microsoft Windows Security Feature Bypass Vulnerability
CVE-2020-17162
8.8 - High
- February 25, 2021
Microsoft Windows Security Feature Bypass Vulnerability
CVE-2020-17162 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
CVE-2021-24082
6.5 - Medium
- February 25, 2021
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
CVE-2021-24082 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Console Driver Denial of Service Vulnerability
CVE-2021-24098
5.5 - Medium
- February 25, 2021
Windows Console Driver Denial of Service Vulnerability
CVE-2021-24098 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Windows Network File System Denial of Service Vulnerability
CVE-2021-24075
6.8 - Medium
- February 25, 2021
Windows Network File System Denial of Service Vulnerability
CVE-2021-24075 can be explotited with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.3 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-24096
7.8 - High
- February 25, 2021
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-24096 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows TCP/IP Denial of Service Vulnerability
CVE-2021-24086
7.5 - High
- February 25, 2021
Windows TCP/IP Denial of Service Vulnerability
CVE-2021-24086 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Windows PKU2U Elevation of Privilege Vulnerability
CVE-2021-25195
7.8 - High
- February 25, 2021
Windows PKU2U Elevation of Privilege Vulnerability
CVE-2021-25195 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Microsoft Windows VMSwitch Information Disclosure Vulnerability
CVE-2021-24076
5.5 - Medium
- February 25, 2021
Microsoft Windows VMSwitch Information Disclosure Vulnerability
CVE-2021-24076 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Microsoft SharePoint Spoofing Vulnerability
CVE-2021-1726
8 - High
- February 25, 2021
Microsoft SharePoint Spoofing Vulnerability
CVE-2021-1726 is exploitable with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.1 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2021-1704
7.8 - High
- January 12, 2021
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2021-1704 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1693
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688.
CVE-2021-1693 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique
CVE-2021-1670
5.5 - Medium
- January 12, 2021
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-1663, CVE-2021-1672.
CVE-2021-1670 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows DNS Query Information Disclosure Vulnerability
CVE-2021-1637
5.5 - Medium
- January 12, 2021
Windows DNS Query Information Disclosure Vulnerability
CVE-2021-1637 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Microsoft splwow64 Elevation of Privilege Vulnerability
CVE-2021-1648
7.8 - High
- January 12, 2021
Microsoft splwow64 Elevation of Privilege Vulnerability
CVE-2021-1648 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique
CVE-2021-1683
5.5 - Medium
- January 12, 2021
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684.
CVE-2021-1683 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-1662
7.8 - High
- January 12, 2021
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-1662 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Docker Information Disclosure Vulnerability
CVE-2021-1645
5.5 - Medium
- January 12, 2021
Windows Docker Information Disclosure Vulnerability
CVE-2021-1645 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique
CVE-2021-1672
5.5 - Medium
- January 12, 2021
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-1663, CVE-2021-1670.
CVE-2021-1672 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1652
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.
CVE-2021-1652 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Hyper-V Denial of Service Vulnerability This CVE ID is unique
CVE-2021-1692
7.7 - High
- January 12, 2021
Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-1691.
CVE-2021-1692 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 3.1 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1680
7.8 - High
- January 12, 2021
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1651.
CVE-2021-1680 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1655
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.
CVE-2021-1655 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
CVE-2021-1674
8.8 - High
- January 12, 2021
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
CVE-2021-1674 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows LUAFV Elevation of Privilege Vulnerability
CVE-2021-1706
8.8 - High
- January 12, 2021
Windows LUAFV Elevation of Privilege Vulnerability
CVE-2021-1706 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
CVE-2021-1676
5.5 - Medium
- January 12, 2021
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
CVE-2021-1676 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1685
7.8 - High
- January 12, 2021
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1642.
CVE-2021-1685 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1690
7.8 - High
- January 12, 2021
Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1681, CVE-2021-1686, CVE-2021-1687.
CVE-2021-1690 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows CryptoAPI Denial of Service Vulnerability
CVE-2021-1679
6.5 - Medium
- January 12, 2021
Windows CryptoAPI Denial of Service Vulnerability
CVE-2021-1679 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Windows InstallService Elevation of Privilege Vulnerability
CVE-2021-1697
7.8 - High
- January 12, 2021
Windows InstallService Elevation of Privilege Vulnerability
CVE-2021-1697 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
NTLM Security Feature Bypass Vulnerability
CVE-2021-1678
7.5 - High
- January 12, 2021
NTLM Security Feature Bypass Vulnerability
CVE-2021-1678 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1673
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1673 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Remote Desktop Security Feature Bypass Vulnerability
CVE-2021-1669
8.8 - High
- January 12, 2021
Windows Remote Desktop Security Feature Bypass Vulnerability
CVE-2021-1669 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
AuthZ
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1661
7.8 - High
- January 12, 2021
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1661 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1701
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700.
CVE-2021-1701 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique
CVE-2021-1663
5.5 - Medium
- January 12, 2021
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-1670, CVE-2021-1672.
CVE-2021-1663 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1654
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.
CVE-2021-1654 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2021-1694
9.8 - Critical
- January 12, 2021
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2021-1694 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Improper Privilege Management
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1671
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1671 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Multipoint Management Elevation of Privilege Vulnerability
CVE-2021-1689
7.8 - High
- January 12, 2021
Windows Multipoint Management Elevation of Privilege Vulnerability
CVE-2021-1689 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1666
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1666 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2021-1650
7.8 - High
- January 12, 2021
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2021-1650 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1660
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1660 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows GDI+ Information Disclosure Vulnerability
CVE-2021-1708
5.7 - Medium
- January 12, 2021
Windows GDI+ Information Disclosure Vulnerability
CVE-2021-1708 is exploitable with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.1 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1664
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1664 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1681
7.8 - High
- January 12, 2021
Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1686, CVE-2021-1687, CVE-2021-1690.
CVE-2021-1681 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1686
7.8 - High
- January 12, 2021
Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1681, CVE-2021-1687, CVE-2021-1690.
CVE-2021-1686 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability
CVE-2021-1668
7.8 - High
- January 12, 2021
Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability
CVE-2021-1668 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1687
7.8 - High
- January 12, 2021
Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1681, CVE-2021-1686, CVE-2021-1690.
CVE-2021-1687 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1667
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1667 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-1709
7.8 - High
- January 12, 2021
Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-1709 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-1682
7.8 - High
- January 12, 2021
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-1682 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows (modem.sys) Information Disclosure Vulnerability
CVE-2021-1699
5.5 - Medium
- January 12, 2021
Windows (modem.sys) Information Disclosure Vulnerability
CVE-2021-1699 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1651
7.8 - High
- January 12, 2021
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1680.
CVE-2021-1651 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1658
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1658 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Graphics Component Information Disclosure Vulnerability
CVE-2021-1696
5.5 - Medium
- January 12, 2021
Windows Graphics Component Information Disclosure Vulnerability
CVE-2021-1696 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
GDI+ Remote Code Execution Vulnerability
CVE-2021-1665
7.8 - High
- January 12, 2021
GDI+ Remote Code Execution Vulnerability
CVE-2021-1665 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1642
7.8 - High
- January 12, 2021
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1685.
CVE-2021-1642 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique
CVE-2021-1684
5.5 - Medium
- January 12, 2021
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683.
CVE-2021-1684 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1695
7.8 - High
- January 12, 2021
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1695 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Hyper-V Denial of Service Vulnerability This CVE ID is unique
CVE-2021-1691
7.7 - High
- January 12, 2021
Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-1692.
CVE-2021-1691 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 3.1 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1700
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1701.
CVE-2021-1700 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-1710
7.8 - High
- January 12, 2021
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-1710 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1688
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1693.
CVE-2021-1688 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability
CVE-2021-1702
7.8 - High
- January 12, 2021
Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability
CVE-2021-1702 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Event Logging Service Elevation of Privilege Vulnerability
CVE-2021-1703
7.8 - High
- January 12, 2021
Windows Event Logging Service Elevation of Privilege Vulnerability
CVE-2021-1703 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Fax Compose Form Remote Code Execution Vulnerability
CVE-2021-1657
7.8 - High
- January 12, 2021
Windows Fax Compose Form Remote Code Execution Vulnerability
CVE-2021-1657 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1659
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1688, CVE-2021-1693.
CVE-2021-1659 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
TPM Device Driver Information Disclosure Vulnerability
CVE-2021-1656
5.5 - Medium
- January 12, 2021
TPM Device Driver Information Disclosure Vulnerability
CVE-2021-1656 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique
CVE-2021-1638
5.5 - Medium
- January 12, 2021
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1683, CVE-2021-1684.
CVE-2021-1638 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
AuthZ
Active Template Library Elevation of Privilege Vulnerability
CVE-2021-1649
7.8 - High
- January 12, 2021
Active Template Library Elevation of Privilege Vulnerability
CVE-2021-1649 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1653
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.
CVE-2021-1653 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows WLAN Service Elevation of Privilege Vulnerability
CVE-2021-1646
7.8 - High
- January 12, 2021
Windows WLAN Service Elevation of Privilege Vulnerability
CVE-2021-1646 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17134
7.8 - High
- December 10, 2020
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17103, CVE-2020-17136.
CVE-2020-17134 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-16964
7.8 - High
- December 10, 2020
Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963.
CVE-2020-16964 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-16962
7.8 - High
- December 10, 2020
Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16963, CVE-2020-16964.
CVE-2020-16962 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows SMB Information Disclosure Vulnerability
CVE-2020-17140
6.5 - Medium
- December 10, 2020
Windows SMB Information Disclosure Vulnerability
CVE-2020-17140 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2020-17137
7.8 - High
- December 10, 2020
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2020-17137 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-16961
7.8 - High
- December 10, 2020
Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.
CVE-2020-16961 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Lock Screen Security Feature Bypass Vulnerability
CVE-2020-17099
6.8 - Medium
- December 10, 2020
Windows Lock Screen Security Feature Bypass Vulnerability
CVE-2020-17099 can be explotited with physical access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.9 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows GDI+ Information Disclosure Vulnerability
CVE-2020-17098
5.5 - Medium
- December 10, 2020
Windows GDI+ Information Disclosure Vulnerability
CVE-2020-17098 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.