Microsoft Windows vulnerabilities
831 known vulnerabilities affecting microsoft/windows.
Total CVEs
831
CISA KEV
31
actively exploited
Public exploits
51
Exploited in wild
32
Severity breakdown
CRITICAL15HIGH591MEDIUM223LOW2
Vulnerabilities
Page 20 of 42
CVE-2020-0879MEDIUMCVSS 6.5v10 Version 1809 for 32-bit Systemsv10 Version 1809 for x64-based Systems+10 more2020-03-12
CVE-2020-0879 [MEDIUM] CVE-2020-0879: An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an atta
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0
cvelistv5
CVE-2020-0798MEDIUMCVSS 5.5v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+9 more2020-03-12
CVE-2020-0798 [MEDIUM] CVE-2020-0798: An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an inse
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Priv
cvelistv5
CVE-2020-0820MEDIUMCVSS 5.5v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-03-12
CVE-2020-0820 [MEDIUM] CVE-2020-0820: An information disclosure vulnerability exists when Media Foundation improperly handles objects in m
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
cvelistv5nvd
CVE-2020-0814MEDIUMCVSS 5.5v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-03-12
CVE-2020-0814 [MEDIUM] CVE-2020-0814: An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID i
cvelistv5
CVE-2020-0691HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-02-11
CVE-2020-0691 [HIGH] CVE-2020-0691: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731.
cvelistv5nvd
CVE-2020-0740HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+9 more2020-02-11
CVE-2020-0740 [HIGH] CVE-2020-0740: An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Servic
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-2020-0749, CVE-2020-0750.
cvelistv5nvd
CVE-2020-0681HIGHCVSS 7.5v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-02-11
CVE-2020-0681 [HIGH] CVE-2020-0681: A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connec
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0734.
cvelistv5nvd
CVE-2020-0704HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-02-11
CVE-2020-0704 [HIGH] CVE-2020-0704: An elevation of privilege vulnerability exists when the Windows Wireless Network Manager improperly
An elevation of privilege vulnerability exists when the Windows Wireless Network Manager improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Wireless Network Manager Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0667HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-02-11
CVE-2020-0667 [HIGH] CVE-2020-0667: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Eleva
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0666, CVE-2020-0735, CVE-2020-0752.
cvelistv5
CVE-2020-0721HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-02-11
CVE-2020-0721 [HIGH] CVE-2020-0721: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE
cvelistv5
CVE-2020-0738HIGHCVSS 8.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-02-11
CVE-2020-0738 [HIGH] CWE-787 CVE-2020-0738: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.
cvelistv5nvd
CVE-2020-0732HIGHCVSS 7.8v10 for 32-bit Systemsv10 for x64-based Systems+2 more2020-02-11
CVE-2020-0732 [HIGH] CVE-2020-0732: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0709.
cvelistv5
CVE-2020-0665HIGHCVSS 8.1v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-02-11
CVE-2020-0665 [HIGH] CVE-2020-0665: An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default se
An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0731HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-02-11
CVE-2020-0731 [HIGH] CVE-2020-0731: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE
cvelistv5
CVE-2020-0722HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-02-11
CVE-2020-0722 [HIGH] CVE-2020-0722: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE
cvelistv5
CVE-2020-0701HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+7 more2020-02-11
CVE-2020-0701 [HIGH] CVE-2020-0701: An elevation of privilege vulnerability exists in the way that the Windows Client License Service (C
An elevation of privilege vulnerability exists in the way that the Windows Client License Service (ClipSVC) handles objects in memory, aka 'Windows Client License Service Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0727HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-02-11
CVE-2020-0727 [HIGH] CVE-2020-0727: An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Ser
An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0754HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-02-11
CVE-2020-0754 [HIGH] CVE-2020-0754: An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elev
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0753.
cvelistv5
CVE-2020-0729HIGHCVSS 8.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-02-11
CVE-2020-0729 [HIGH] CVE-2020-0729: A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execu
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.
cvelistv5nvd
CVE-2020-0747HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-02-11
CVE-2020-0747 [HIGH] CVE-2020-0747: An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Ser
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0659.
cvelistv5