Microsoft Windows Rt 8 1
By the Year
In 2021 there have been 54 vulnerabilities in Microsoft Windows Rt 8 1 with an average score of 7.8 out of ten. Last year Windows Rt 8 1 had 429 security vulnerabilities published. Right now, Windows Rt 8 1 is on track to have less security vulnerabilities in 2021 than it did last year. However, the average CVE base score of the vulnerabilities in 2021 is greater by 0.40.
Year | Vulnerabilities | Average Score |
---|---|---|
2021 | 54 | 7.81 |
2020 | 429 | 7.41 |
2019 | 296 | 7.34 |
2018 | 139 | 6.51 |
It may take a day or so for new Windows Rt 8 1 vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.
Latest Microsoft Windows Rt 8 1 Security Vulnerabilities
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1727
7.8 - High
- February 25, 2021
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1727 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-24102
7.8 - High
- February 25, 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24103.
CVE-2021-24102 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-24077
9.8 - Critical
- February 25, 2021
Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1722.
CVE-2021-24077 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Windows Backup Engine Information Disclosure Vulnerability
CVE-2021-24079
5.5 - Medium
- February 25, 2021
Windows Backup Engine Information Disclosure Vulnerability
CVE-2021-24079 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Windows TCP/IP Denial of Service Vulnerability
CVE-2021-24086
7.5 - High
- February 25, 2021
Windows TCP/IP Denial of Service Vulnerability
CVE-2021-24086 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1722
9.8 - Critical
- February 25, 2021
Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24077.
CVE-2021-1722 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Microsoft SharePoint Spoofing Vulnerability
CVE-2021-1726
8 - High
- February 25, 2021
Microsoft SharePoint Spoofing Vulnerability
CVE-2021-1726 is exploitable with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.1 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-24094
9.8 - Critical
- February 25, 2021
Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24074.
CVE-2021-24094 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Windows PKU2U Elevation of Privilege Vulnerability
CVE-2021-25195
7.8 - High
- February 25, 2021
Windows PKU2U Elevation of Privilege Vulnerability
CVE-2021-25195 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Address Book Remote Code Execution Vulnerability
CVE-2021-24083
7.8 - High
- February 25, 2021
Windows Address Book Remote Code Execution Vulnerability
CVE-2021-24083 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Out-of-bounds Write
Microsoft Windows Security Feature Bypass Vulnerability
CVE-2020-17162
8.8 - High
- February 25, 2021
Microsoft Windows Security Feature Bypass Vulnerability
CVE-2020-17162 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-24103
7.8 - High
- February 25, 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24102.
CVE-2021-24103 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Local Spooler Remote Code Execution Vulnerability
CVE-2021-24088
8.8 - High
- February 25, 2021
Windows Local Spooler Remote Code Execution Vulnerability
CVE-2021-24088 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Remote Procedure Call Information Disclosure Vulnerability
CVE-2021-1734
7.5 - High
- February 25, 2021
Windows Remote Procedure Call Information Disclosure Vulnerability
CVE-2021-1734 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-24074
9.8 - Critical
- February 25, 2021
Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24094.
CVE-2021-24074 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Active Template Library Elevation of Privilege Vulnerability
CVE-2021-1649
7.8 - High
- January 12, 2021
Active Template Library Elevation of Privilege Vulnerability
CVE-2021-1649 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1660
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1660 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows (modem.sys) Information Disclosure Vulnerability
CVE-2021-1699
5.5 - Medium
- January 12, 2021
Windows (modem.sys) Information Disclosure Vulnerability
CVE-2021-1699 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2021-1650
7.8 - High
- January 12, 2021
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2021-1650 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1666
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1666 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
TPM Device Driver Information Disclosure Vulnerability
CVE-2021-1656
5.5 - Medium
- January 12, 2021
TPM Device Driver Information Disclosure Vulnerability
CVE-2021-1656 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1655
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.
CVE-2021-1655 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
CVE-2021-1674
8.8 - High
- January 12, 2021
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
CVE-2021-1674 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1700
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1701.
CVE-2021-1700 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1664
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1664 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique
CVE-2021-1683
5.5 - Medium
- January 12, 2021
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684.
CVE-2021-1683 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1701
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700.
CVE-2021-1701 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2021-1694
9.8 - Critical
- January 12, 2021
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2021-1694 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Improper Privilege Management
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1652
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.
CVE-2021-1652 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1661
7.8 - High
- January 12, 2021
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1661 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability
CVE-2021-1668
7.8 - High
- January 12, 2021
Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability
CVE-2021-1668 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1693
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688.
CVE-2021-1693 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Fax Compose Form Remote Code Execution Vulnerability
CVE-2021-1657
7.8 - High
- January 12, 2021
Windows Fax Compose Form Remote Code Execution Vulnerability
CVE-2021-1657 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
GDI+ Remote Code Execution Vulnerability
CVE-2021-1665
7.8 - High
- January 12, 2021
GDI+ Remote Code Execution Vulnerability
CVE-2021-1665 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1667
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1667 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique
CVE-2021-1684
5.5 - Medium
- January 12, 2021
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683.
CVE-2021-1684 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
NTLM Security Feature Bypass Vulnerability
CVE-2021-1678
7.5 - High
- January 12, 2021
NTLM Security Feature Bypass Vulnerability
CVE-2021-1678 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1671
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1671 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-1710
7.8 - High
- January 12, 2021
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-1710 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-1709
7.8 - High
- January 12, 2021
Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-1709 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1688
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1693.
CVE-2021-1688 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows CryptoAPI Denial of Service Vulnerability
CVE-2021-1679
6.5 - Medium
- January 12, 2021
Windows CryptoAPI Denial of Service Vulnerability
CVE-2021-1679 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Windows LUAFV Elevation of Privilege Vulnerability
CVE-2021-1706
8.8 - High
- January 12, 2021
Windows LUAFV Elevation of Privilege Vulnerability
CVE-2021-1706 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1653
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.
CVE-2021-1653 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows DNS Query Information Disclosure Vulnerability
CVE-2021-1637
5.5 - Medium
- January 12, 2021
Windows DNS Query Information Disclosure Vulnerability
CVE-2021-1637 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1658
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1658 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1659
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1688, CVE-2021-1693.
CVE-2021-1659 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
CVE-2021-1676
5.5 - Medium
- January 12, 2021
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
CVE-2021-1676 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Graphics Component Information Disclosure Vulnerability
CVE-2021-1696
5.5 - Medium
- January 12, 2021
Windows Graphics Component Information Disclosure Vulnerability
CVE-2021-1696 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique
CVE-2021-1673
8.8 - High
- January 12, 2021
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1700, CVE-2021-1701.
CVE-2021-1673 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability
CVE-2021-1702
7.8 - High
- January 12, 2021
Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability
CVE-2021-1702 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2021-1654
7.8 - High
- January 12, 2021
Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693.
CVE-2021-1654 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows GDI+ Information Disclosure Vulnerability
CVE-2021-1708
5.7 - Medium
- January 12, 2021
Windows GDI+ Information Disclosure Vulnerability
CVE-2021-1708 is exploitable with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.1 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1695
7.8 - High
- January 12, 2021
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1695 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows GDI+ Information Disclosure Vulnerability
CVE-2020-17098
5.5 - Medium
- December 10, 2020
Windows GDI+ Information Disclosure Vulnerability
CVE-2020-17098 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2020-17097
7.8 - High
- December 10, 2020
Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2020-17097 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-17092
7.8 - High
- December 10, 2020
Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-17092 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows SMB Information Disclosure Vulnerability
CVE-2020-17140
6.5 - Medium
- December 10, 2020
Windows SMB Information Disclosure Vulnerability
CVE-2020-17140 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Windows NTFS Remote Code Execution Vulnerability
CVE-2020-17096
8.8 - High
- December 10, 2020
Windows NTFS Remote Code Execution Vulnerability
CVE-2020-17096 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows KernelStream Information Disclosure Vulnerability
CVE-2020-17045
5.5 - Medium
- November 11, 2020
Windows KernelStream Information Disclosure Vulnerability
CVE-2020-17045 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Windows Graphics Component Information Disclosure Vulnerability
CVE-2020-17004
5.5 - Medium
- November 11, 2020
Windows Graphics Component Information Disclosure Vulnerability
CVE-2020-17004 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows NDIS Information Disclosure Vulnerability
CVE-2020-17069
5.5 - Medium
- November 11, 2020
Windows NDIS Information Disclosure Vulnerability
CVE-2020-17069 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17032
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
CVE-2020-17032 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Print Spooler Remote Code Execution Vulnerability
CVE-2020-17042
8.8 - High
- November 11, 2020
Windows Print Spooler Remote Code Execution Vulnerability
CVE-2020-17042 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability
CVE-2020-17024
7.8 - High
- November 11, 2020
Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability
CVE-2020-17024 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Function Discovery SSDP Provider Information Disclosure Vulnerability
CVE-2020-17036
5.5 - Medium
- November 11, 2020
Windows Function Discovery SSDP Provider Information Disclosure Vulnerability
CVE-2020-17036 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2020-17088
7.8 - High
- November 11, 2020
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2020-17088 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows GDI+ Remote Code Execution Vulnerability
CVE-2020-17068
7.8 - High
- November 11, 2020
Windows GDI+ Remote Code Execution Vulnerability
CVE-2020-17068 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17055
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044.
CVE-2020-17055 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Network File System Denial of Service Vulnerability
CVE-2020-17047
7.5 - High
- November 11, 2020
Windows Network File System Denial of Service Vulnerability
CVE-2020-17047 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17043
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055.
CVE-2020-17043 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2020-17000
5.5 - Medium
- November 11, 2020
Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2020-17000 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17028
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
CVE-2020-17028 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17014
7.1 - High
- November 11, 2020
Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.
CVE-2020-17014 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity and availability.
Improper Privilege Management
Windows Port Class Library Elevation of Privilege Vulnerability
CVE-2020-17011
7.8 - High
- November 11, 2020
Windows Port Class Library Elevation of Privilege Vulnerability
CVE-2020-17011 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Kernel Local Elevation of Privilege Vulnerability
CVE-2020-17087
7.8 - High
- November 11, 2020
Windows Kernel Local Elevation of Privilege Vulnerability
CVE-2020-17087 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17026
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
CVE-2020-17026 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Print Configuration Elevation of Privilege Vulnerability
CVE-2020-17041
7.8 - High
- November 11, 2020
Windows Print Configuration Elevation of Privilege Vulnerability
CVE-2020-17041 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17031
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
CVE-2020-17031 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Canonical Display Driver Information Disclosure Vulnerability
CVE-2020-17029
5.5 - Medium
- November 11, 2020
Windows Canonical Display Driver Information Disclosure Vulnerability
CVE-2020-17029 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17001
7.8 - High
- November 11, 2020
Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.
CVE-2020-17001 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Network File System Information Disclosure Vulnerability
CVE-2020-17056
5.5 - Medium
- November 11, 2020
Windows Network File System Information Disclosure Vulnerability
CVE-2020-17056 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17033
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
CVE-2020-17033 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Win32k Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17038
7.8 - High
- November 11, 2020
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010.
CVE-2020-17038 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Spoofing Vulnerability
CVE-2020-1599
5.5 - Medium
- November 11, 2020
Windows Spoofing Vulnerability
CVE-2020-1599 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17034
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
CVE-2020-17034 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17044
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17055.
CVE-2020-17044 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Remote Desktop Protocol Server Information Disclosure Vulnerability
CVE-2020-16997
6.5 - Medium
- November 11, 2020
Remote Desktop Protocol Server Information Disclosure Vulnerability
CVE-2020-16997 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17025
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
CVE-2020-17025 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique
CVE-2020-17027
7.8 - High
- November 11, 2020
Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
CVE-2020-17027 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
An information disclosure vulnerability exists in the way
CVE-2020-16914
5.5 - Medium
- October 16, 2020
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'.
CVE-2020-16914 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
An elevation of privilege vulnerability exists in the way
CVE-2020-16887
7.8 - High
- October 16, 2020
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'.
CVE-2020-16887 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation
CVE-2020-16916
7.8 - High
- October 16, 2020
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16935.
CVE-2020-16916 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
An elevation of privilege vulnerability exists in the way
CVE-2020-16892
7.8 - High
- October 16, 2020
An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory., aka 'Windows Image Elevation of Privilege Vulnerability'.
CVE-2020-16892 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges
CVE-2020-16902
7.8 - High
- October 16, 2020
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'.
CVE-2020-16902 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests
CVE-2020-16927
7.5 - High
- October 16, 2020
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
CVE-2020-16927 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files
CVE-2020-16933
8.8 - High
- October 16, 2020
A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files, aka 'Microsoft Word Security Feature Bypass Vulnerability'.
CVE-2020-16933 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Handling of Exceptional Conditions
An elevation of privilege vulnerability exists when Group Policy improperly checks access
CVE-2020-16939
7.8 - High
- October 16, 2020
An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.
CVE-2020-16939 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management
An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory
CVE-2020-16889
5.5 - Medium
- October 16, 2020
An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory, aka 'Windows KernelStream Information Disclosure Vulnerability'.
CVE-2020-16889 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Information Leak
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation
CVE-2020-16935
7.8 - High
- October 16, 2020
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16916.
CVE-2020-16935 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
Improper Privilege Management