Total
3357 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1650 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Windows Runtime C++ Template Library Elevation of Privilege Vulnerability | |||||
| CVE-2020-17075 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Windows USO Core Worker Elevation of Privilege Vulnerability | |||||
| CVE-2021-1696 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2020-16890 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p> | |||||
| CVE-2021-26877 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2021-1699 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Windows (modem.sys) Information Disclosure Vulnerability | |||||
| CVE-2020-17097 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-02-04 | 4.6 MEDIUM | 3.3 LOW |
| Windows Digital Media Receiver Elevation of Privilege Vulnerability | |||||
| CVE-2020-17068 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Windows GDI+ Remote Code Execution Vulnerability | |||||
| CVE-2020-16927 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-02-04 | 7.8 HIGH | 7.5 HIGH |
| <p>A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.</p> <p>The update addresses the vulnerability by correcting how RDP handles connection requests.</p> | |||||
| CVE-2021-1669 | 1 Microsoft | 4 Remote Desktop, Windows 10, Windows Server 2016 and 1 more | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
| Windows Remote Desktop Security Feature Bypass Vulnerability | |||||
| CVE-2020-16902 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.</p> <p>A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation.</p> | |||||
| CVE-2021-1654 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Windows CSC Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-1662 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||
| CVE-2021-1642 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | |||||
| CVE-2020-16974 | 1 Microsoft | 5 Windows 10, Windows 7, Windows Server 2008 and 2 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.</p> <p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.</p> <p>The security update addresses the vulnerability by correcting how the Windows Backup Service handles file operations.</p> | |||||
| CVE-2021-1689 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Multipoint Management Elevation of Privilege Vulnerability | |||||
| CVE-2021-1646 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 7.2 HIGH | 6.6 MEDIUM |
| Windows WLAN Service Elevation of Privilege Vulnerability | |||||
| CVE-2020-16921 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| <p>An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and open a specially crafted file.</p> <p>The update addresses the vulnerability by correcting how Text Services Framework handles objects in memory.</p> | |||||
| CVE-2020-17040 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Server 2012 and 2 more | 2024-02-04 | 7.5 HIGH | 6.5 MEDIUM |
| Windows Hyper-V Security Feature Bypass Vulnerability | |||||
| CVE-2020-16914 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| <p>An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting how GDI+ handles memory addresses.</p> | |||||