Microsoft Windows vulnerabilities
831 known vulnerabilities affecting microsoft/windows.
Total CVEs
831
CISA KEV
31
actively exploited
Public exploits
48
Exploited in wild
32
Severity breakdown
CRITICAL15HIGH591MEDIUM223LOW2
Vulnerabilities
Page 10 of 42
CVE-2020-1126HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+9 more2020-05-21
CVE-2020-1126 [HIGH] CVE-2020-1126: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption V
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1028, CVE-2020-1136, CVE-2020-1150.
cvelistv5
CVE-2020-1143HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-05-21
CVE-2020-1143 [HIGH] CVE-2020-1143: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1054.
cvelistv5
CVE-2020-1135HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+7 more2020-05-21
CVE-2020-1135 [HIGH] CVE-2020-1135: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handle
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-1144HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-05-21
CVE-2020-1144 [HIGH] CVE-2020-1144: An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repo
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1184, CVE-2020-1185, CVE-202
cvelistv5
CVE-2020-1132HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-05-21
CVE-2020-1132 [HIGH] CVE-2020-1132: An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handl
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles file and folder links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-1087HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-05-21
CVE-2020-1087 [HIGH] CVE-2020-1087: An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1114.
cvelistv5nvd
CVE-2020-1051HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-05-21
CVE-2020-1051 [HIGH] CVE-2020-1051: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1174, CVE-2020-1175, CVE-2020-1176.
cvelistv5nvd
CVE-2020-1174HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-05-21
CVE-2020-1174 [HIGH] CVE-2020-1174: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1175, CVE-2020-1176.
cvelistv5
CVE-2020-1021HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-05-21
CVE-2020-1021 [HIGH] CWE-362 CVE-2020-1021: An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088.
cvelistv5nvd
CVE-2020-1054HIGHCVSS 7.8KEVPoCv10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-05-21
CVE-2020-1054 [HIGH] CWE-787 CVE-2020-1054: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.
cvelistv5nvd
CVE-2020-1028HIGHCVSS 7.8v7 for 32-bit Systems Service Pack 1v7 for x64-based Systems Service Pack 12020-05-21
CVE-2020-1028 [HIGH] CWE-787 CVE-2020-1028: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1126, CVE-2020-1136, CVE-2020-1150.
cvelistv5nvd
CVE-2020-1154HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-05-21
CVE-2020-1154 [HIGH] CVE-2020-1154: An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-1078HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-05-21
CVE-2020-1078 [HIGH] CVE-2020-1078: An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Insta
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-1082HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-05-21
CVE-2020-1082 [HIGH] CVE-2020-1082: An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elev
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1021, CVE-2020-1088.
cvelistv5
CVE-2020-1156HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-05-21
CVE-2020-1156 [HIGH] CVE-2020-1156: An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privil
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1149, CVE-2020-1151, CVE-2020-11
cvelistv5
CVE-2020-1151HIGHCVSS 7.8v10 Version 1809 for 32-bit Systemsv10 Version 1809 for x64-based Systems+7 more2020-05-21
CVE-2020-1151 [HIGH] CVE-2020-1151: An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privil
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1149, CVE-2020-1155, CVE-2020-11
cvelistv5
CVE-2020-1158HIGHCVSS 7.8v10 Version 1809 for 32-bit Systemsv10 Version 1809 for ARM64-based Systems+9 more2020-05-21
CVE-2020-1158 [HIGH] CVE-2020-1158: An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privil
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1149, CVE-2020-1151, CVE-2020-11
cvelistv5
CVE-2020-1070HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-05-21
CVE-2020-1070 [HIGH] CVE-2020-1070: An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Win
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1048.
cvelistv5
CVE-2020-1121HIGHCVSS 7.8v10 Version 1809 for 32-bit Systemsv10 Version 1809 for x64-based Systems+1 more2020-05-21
CVE-2020-1121 [HIGH] CVE-2020-1121: An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of
An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1111, CVE-2020-1165, CVE-2020-1166.
cvelistv5
CVE-2020-1138HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1809 for x64-based Systems+7 more2020-05-21
CVE-2020-1138 [HIGH] CVE-2020-1138: An elevation of privilege vulnerability exists when the Storage Service improperly handles file oper
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'.
cvelistv5nvd