Total
3357 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-17048 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-02-04 | 6.8 MEDIUM | 4.2 MEDIUM |
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2021-1664 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||
| CVE-2020-16887 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> <p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Network Connections Service properly handles objects in memory.</p> | |||||
| CVE-2020-17090 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 7.5 HIGH | 5.3 MEDIUM |
| Microsoft Defender for Endpoint Security Feature Bypass Vulnerability | |||||
| CVE-2020-16973 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.</p> <p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.</p> <p>The security update addresses the vulnerability by correcting how the Windows Backup Service handles file operations.</p> | |||||
| CVE-2021-1660 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||
| CVE-2020-17000 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Remote Desktop Protocol Client Information Disclosure Vulnerability | |||||
| CVE-2020-17046 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Error Reporting Denial of Service Vulnerability | |||||
| CVE-2021-1684 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-02-04 | 2.1 LOW | 5.0 MEDIUM |
| Windows Bluetooth Security Feature Bypass Vulnerability | |||||
| CVE-2020-16998 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 4.6 MEDIUM | 7.0 HIGH |
| DirectX Elevation of Privilege Vulnerability | |||||
| CVE-2021-24102 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||
| CVE-2020-17095 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 9.0 HIGH | 8.5 HIGH |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||
| CVE-2020-17013 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Win32k Information Disclosure Vulnerability | |||||
| CVE-2021-24111 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| .NET Framework Denial of Service Vulnerability | |||||
| CVE-2020-1167 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| <p>A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.</p> <p>To exploit the vulnerability, a user would have to open a specially crafted file.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory.</p> | |||||
| CVE-2020-17034 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Remote Access Elevation of Privilege Vulnerability | |||||
| CVE-2020-17045 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows KernelStream Information Disclosure Vulnerability | |||||
| CVE-2021-1688 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-26879 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Server 2012 and 2 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | |||||
| CVE-2021-26887 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting another user's personal data to a created folder.</p> <p>To exploit the vulnerability, an attacker can create a new folder under the Folder Redirection root path and create a junction on a newly created User folder. When the new user logs in, Folder Redirection would start redirecting to the folder and copying personal data.</p> <p>This elevation of privilege vulnerability can only be addressed by reconfiguring Folder Redirection with Offline files and restricting permissions, and NOT via a security update for affected Windows Servers. See the <strong>FAQ</strong> section of this CVE for configuration guidance.</p> | |||||