Microsoft Windows vulnerabilities
831 known vulnerabilities affecting microsoft/windows.
Total CVEs
831
CISA KEV
31
actively exploited
Public exploits
51
Exploited in wild
32
Severity breakdown
CRITICAL15HIGH591MEDIUM223LOW2
Vulnerabilities
Page 24 of 42
CVE-2020-0661MEDIUMCVSS 6.8v10 Version 1809 for x64-based Systemsv10 Version 1607 for x64-based Systems2020-02-11
CVE-2020-0661 [MEDIUM] CVE-2020-0661: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest op
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-0751.
cvelistv5
CVE-2019-1454MEDIUMCVSS 5.5v10 Version 1703 for 32-bit Systemsv10 Version 1703 for x64-based Systems+18 more2020-01-24
CVE-2019-1454 [MEDIUM] CWE-269 CVE-2019-1454: An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) impro
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0611HIGHCVSS 7.5v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-01-14
CVE-2020-0611 [HIGH] CVE-2020-0611: A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connec
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
cvelistv5nvd
CVE-2020-0642HIGHCVSS 7.8PoCv10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-01-14
CVE-2020-0642 [HIGH] CVE-2020-0642: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0624.
cvelistv5
CVE-2020-0620HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-01-14
CVE-2020-0620 [HIGH] CVE-2020-0620: An elevation of privilege vulnerability exists when Microsoft Cryptographic Services improperly hand
An elevation of privilege vulnerability exists when Microsoft Cryptographic Services improperly handles files, aka 'Microsoft Cryptographic Services Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0632HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-01-14
CVE-2020-0632 [HIGH] CVE-2020-0632: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Eleva
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-062
cvelistv5
CVE-2020-0628HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-01-14
CVE-2020-0628 [HIGH] CVE-2020-0628: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Eleva
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-062
cvelistv5
CVE-2020-0626HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-01-14
CVE-2020-0626 [HIGH] CVE-2020-0626: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Eleva
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0627, CVE-2020-0628, CVE-2020-062
cvelistv5
CVE-2020-0624HIGHCVSS 7.8PoCv10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-01-14
CVE-2020-0624 [HIGH] CVE-2020-0624: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0642.
nvd
CVE-2020-0638HIGHCVSS 7.8KEVv10 Version 1709 for 32-bit Systemsv10 Version 1803 for 32-bit Systems+7 more2020-01-14
CVE-2020-0638 [HIGH] CWE-59 CVE-2020-0638: An elevation of privilege vulnerability exists in the way the Update Notification Manager handles fi
An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0633HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+9 more2020-01-14
CVE-2020-0633 [HIGH] CVE-2020-0633: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Eleva
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-062
cvelistv5
CVE-2020-0601HIGHCVSS 8.1KEVPoCv10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-01-14
CVE-2020-0601 [HIGH] CWE-295 CVE-2020-0601: A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnera
cvelistv5nvd
CVE-2020-0613HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+9 more2020-01-14
CVE-2020-0613 [HIGH] CVE-2020-0613: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles ob
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CV
cvelistv5nvd
CVE-2020-0630HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+15 more2020-01-14
CVE-2020-0630 [HIGH] CVE-2020-0630: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Eleva
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-062
cvelistv5
CVE-2020-0644HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+14 more2020-01-14
CVE-2020-0644 [HIGH] CVE-2020-0644: An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names, aka 'Windows Elevation of Privilege
An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0635.
cvelistv5
CVE-2020-0623HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+14 more2020-01-14
CVE-2020-0623 [HIGH] CVE-2020-0623: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Eleva
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-062
cvelistv5
CVE-2020-0635HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+14 more2020-01-14
CVE-2020-0635 [HIGH] CWE-269 CVE-2020-0635: An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly h
An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0644.
cvelistv5nvd
CVE-2020-0634HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-01-14
CVE-2020-0634 [HIGH] CWE-416 CVE-2020-0634: An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0631HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-01-14
CVE-2020-0631 [HIGH] CVE-2020-0631: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Eleva
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-062
cvelistv5
CVE-2020-0625HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-01-14
CVE-2020-0625 [HIGH] CVE-2020-0625: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Eleva
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-062
cvelistv5