Microsoft Windows vulnerabilities
831 known vulnerabilities affecting microsoft/windows.
Total CVEs
831
CISA KEV
31
actively exploited
Public exploits
48
Exploited in wild
32
Severity breakdown
CRITICAL15HIGH591MEDIUM223LOW2
Vulnerabilities
Page 14 of 42
CVE-2020-1001HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+7 more2020-04-15
CVE-2020-1001 [HIGH] CVE-2020-1001: An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notificat
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1006, CVE-2020-1017.
cvelistv5
CVE-2020-1015HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-04-15
CVE-2020-1015 [HIGH] CVE-2020-1015: An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of
An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011.
cvelistv5
CVE-2020-0994HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-04-15
CVE-2020-0994 [HIGH] CVE-2020-0994: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0995
cvelistv5
CVE-2020-1004HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-04-15
CVE-2020-1004 [HIGH] CVE-2020-1004: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handle
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0936HIGHCVSS 7.1v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+14 more2020-04-15
CVE-2020-0936 [HIGH] CVE-2020-0936: An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file
An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections, aka 'Windows Scheduled Task Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0965HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-04-15
CVE-2020-0965 [HIGH] CVE-2020-0965: A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handl
A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'.
cvelistv5nvd
CVE-2020-0985HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+4 more2020-04-15
CVE-2020-0985 [HIGH] CVE-2020-0985: An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handl
An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0996.
cvelistv5nvd
CVE-2020-0934HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-04-15
CVE-2020-0934 [HIGH] CVE-2020-0934: An elevation of privilege vulnerability exists when the Windows WpcDesktopMonSvc improperly manages
An elevation of privilege vulnerability exists when the Windows WpcDesktopMonSvc improperly manages memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0983, CVE-2020-1009, CVE-2020-1011, CVE-2020-1015.
cvelistv5nvd
CVE-2020-0957HIGHCVSS 7.8v7 for 32-bit Systems Service Pack 1v7 for x64-based Systems Service Pack 12020-04-15
CVE-2020-0957 [HIGH] CVE-2020-0957: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0956, CVE-2020-0958.
cvelistv5
CVE-2020-1029HIGHCVSS 7.1v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+7 more2020-04-15
CVE-2020-1029 [HIGH] CVE-2020-1029: An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connecte
An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0942, CVE-2020-0944.
cvelistv5
CVE-2020-0907HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-04-15
CVE-2020-0907 [HIGH] CVE-2020-0907: A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle ob
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.
cvelistv5nvd
CVE-2020-0992HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-04-15
CVE-2020-0992 [HIGH] CVE-2020-0992: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0994, CVE-2020-0995
cvelistv5
CVE-2020-0950HIGHCVSS 8.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-04-15
CVE-2020-0950 [HIGH] CVE-2020-0950: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption V
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0948, CVE-2020-0949.
cvelistv5
CVE-2020-0944HIGHCVSS 7.1v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+7 more2020-04-15
CVE-2020-0944 [HIGH] CVE-2020-0944: An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connecte
An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0942, CVE-2020-1029.
cvelistv5
CVE-2020-1094HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-04-15
CVE-2020-1094 [HIGH] CVE-2020-1094: An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handl
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0949HIGHCVSS 8.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-04-15
CVE-2020-0949 [HIGH] CVE-2020-0949: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption V
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0948, CVE-2020-0950.
cvelistv5
CVE-2020-0988HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-04-15
CVE-2020-0988 [HIGH] CVE-2020-0988: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0992, CVE-2020-0994, CVE-2020-0995
cvelistv5
CVE-2020-1008HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-04-15
CVE-2020-1008 [HIGH] CVE-2020-1008: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994
cvelistv5
CVE-2020-0910HIGHCVSS 8.4v10 Version 1809 for x64-based Systems2020-04-15
CVE-2020-0910 [HIGH] CWE-20 CVE-2020-0910: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.
cvelistv5nvd
CVE-2020-1000HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-04-15
CVE-2020-1000 [HIGH] CVE-2020-1000: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Pr
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1003, CVE-2020-1027.
cvelistv5