Microsoft Windows vulnerabilities
831 known vulnerabilities affecting microsoft/windows.
Total CVEs
831
CISA KEV
31
actively exploited
Public exploits
48
Exploited in wild
32
Severity breakdown
CRITICAL15HIGH591MEDIUM223LOW2
Vulnerabilities
Page 6 of 42
CVE-2020-1257HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+9 more2020-06-09
CVE-2020-1257 [HIGH] CVE-2020-1257: An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service i
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1278, CVE-2020-1293.
cvelistv5nvd
CVE-2020-1262HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-06-09
CVE-2020-1262 [HIGH] CVE-2020-1262: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Pr
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-202
cvelistv5
CVE-2020-1292HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+4 more2020-06-09
CVE-2020-1292 [HIGH] CVE-2020-1292: An elevation of privilege vulnerability exists in OpenSSH for Windows when it does not properly rest
An elevation of privilege vulnerability exists in OpenSSH for Windows when it does not properly restrict access to configuration settings, aka 'OpenSSH for Windows Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0915HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+14 more2020-06-09
CVE-2020-0915 [HIGH] CVE-2020-0915: An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface
An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0916.
cvelistv5nvd
CVE-2020-1204HIGHCVSS 7.1v10 Version 1809 for 32-bit Systemsv10 Version 1809 for x64-based Systems+1 more2020-06-09
CVE-2020-1204 [HIGH] CVE-2020-1204: An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnosti
An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-1334HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+14 more2020-06-09
CVE-2020-1334 [HIGH] CVE-2020-1334: An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privil
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306.
cvelistv5
CVE-2020-1202HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-06-09
CVE-2020-1202 [HIGH] CVE-2020-1202: An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Vi
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1203.
cvelistv5nvd
CVE-2020-1264HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-06-09
CVE-2020-1264 [HIGH] CVE-2020-1264: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Pr
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-202
cvelistv5
CVE-2020-1282HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+14 more2020-06-09
CVE-2020-1282 [HIGH] CVE-2020-1282: An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privil
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1304, CVE-2020-1306, CVE-2020-1334.
cvelistv5
CVE-2020-1162HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+7 more2020-06-09
CVE-2020-1162 [HIGH] CVE-2020-1162: An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service whe
An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1324.
cvelistv5nvd
CVE-2020-1241HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+6 more2020-06-09
CVE-2020-1241 [HIGH] CVE-2020-1241: A security feature bypass vulnerability exists when Windows Kernel fails to properly sanitize certai
A security feature bypass vulnerability exists when Windows Kernel fails to properly sanitize certain parameters.To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a targeted system.The update addresses the vulnerability by correcting how Windows Kernel handles parameter sanitization., aka 'Win
cvelistv5nvd
CVE-2020-1287HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1709 for x64-based Systems+11 more2020-06-09
CVE-2020-1287 [HIGH] CVE-2020-1287: An elevation of privilege vulnerability exists in the way that the Windows WalletService handles obj
An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1294.
cvelistv5nvd
CVE-2020-1317HIGHCVSS 8.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-06-09
CVE-2020-1317 [HIGH] CVE-2020-1317: An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Grou
An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-1299HIGHCVSS 8.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-06-09
CVE-2020-1299 [HIGH] CVE-2020-1299: A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execu
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.
cvelistv5nvd
CVE-2020-1314HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-06-09
CVE-2020-1314 [HIGH] CVE-2020-1314: An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF
An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server fails to properly handle messages sent from TSF clients, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-1310HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+14 more2020-06-09
CVE-2020-1310 [HIGH] CVE-2020-1310: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1251, CVE-2020-1253.
cvelistv5
CVE-2020-1278HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+10 more2020-06-09
CVE-2020-1278 [HIGH] CVE-2020-1278: An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostic
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1293.
cvelistv5
CVE-2020-1316HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+11 more2020-06-09
CVE-2020-1316 [HIGH] CVE-2020-1316: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Pr
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-202
cvelistv5
CVE-2020-1309HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+9 more2020-06-09
CVE-2020-1309 [HIGH] CVE-2020-1309: An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Microsoft Store Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1222.
cvelistv5
CVE-2020-1246HIGHCVSS 7.8v10 Version 1803 for 32-bit Systemsv10 Version 1803 for x64-based Systems+16 more2020-06-09
CVE-2020-1246 [HIGH] CVE-2020-1246: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Pr
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-202
cvelistv5