Export limit exceeded: 335260 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5978 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-0805 | 1 Microsoft | 4 Windows 10, Windows 10 1809, Windows Server 2004 and 1 more | 2026-02-23 | 5.3 Medium |
| <p>A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could delete a targeted file they would not have permissions to.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability.</p> <p>The security update addresses the vulnerability by correcting how Windows Projected Filesystem handle file redirections.</p> | ||||
| CVE-2020-0790 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2026-02-23 | 7.8 High |
| <p>A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.</p> <p>This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted.</p> <p>The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls..</p> | ||||
| CVE-2020-0782 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2026-02-23 | 7.8 High |
| <p>An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p> <p>The security update addresses the vulnerability by addressing how the Windows Cryptographic Catalog Services handle objects in memory.</p> | ||||
| CVE-2020-0766 | 1 Microsoft | 10 Windows 10, Windows 10 1607, Windows 10 1803 and 7 more | 2026-02-23 | 7.8 High |
| <p>An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.</p> <p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.</p> <p>The security update addresses the vulnerability by correcting how the Microsoft Store Runtime handles memory.</p> | ||||
| CVE-2020-0764 | 1 Microsoft | 11 Windows 10, Windows 10 1507, Windows 10 1607 and 8 more | 2026-02-23 | 7.8 High |
| <p>An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p> <p>To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Storage Services properly handle file operations.</p> | ||||
| CVE-2020-0648 | 1 Microsoft | 18 Windows 10, Windows 10 1607, Windows 10 1803 and 15 more | 2026-02-23 | 7.8 High |
| <p>An elevation of privilege vulnerability exists when the Windows RSoP Service Application improperly handles memory.</p> <p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.</p> <p>The security update addresses the vulnerability by correcting how the Windows RSoP Service Application handles memory.</p> | ||||
| CVE-2025-59289 | 1 Microsoft | 19 Windows, Windows 10, Windows 10 21h2 and 16 more | 2026-02-22 | 7 High |
| Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59278 | 1 Microsoft | 28 Windows, Windows 10, Windows 10 1507 and 25 more | 2026-02-22 | 7.8 High |
| Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59275 | 1 Microsoft | 28 Windows, Windows 10, Windows 10 1507 and 25 more | 2026-02-22 | 7.8 High |
| Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59253 | 1 Microsoft | 28 Windows, Windows 10, Windows 10 1507 and 25 more | 2026-02-22 | 5.5 Medium |
| Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally. | ||||
| CVE-2025-59244 | 1 Microsoft | 28 Windows, Windows 10, Windows 10 1507 and 25 more | 2026-02-22 | 6.5 Medium |
| External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59214 | 1 Microsoft | 30 Windows, Windows 10, Windows 10 1507 and 27 more | 2026-02-22 | 6.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59209 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1507 and 24 more | 2026-02-22 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-59208 | 1 Microsoft | 30 Windows, Windows 10, Windows 10 1507 and 27 more | 2026-02-22 | 7.1 High |
| Out-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-59205 | 1 Microsoft | 31 Graphics Component, Windows, Windows 10 and 28 more | 2026-02-22 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59203 | 1 Microsoft | 25 Windows, Windows 10, Windows 10 1507 and 22 more | 2026-02-22 | 5.5 Medium |
| Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-59198 | 1 Microsoft | 31 Windows, Windows 10, Windows 10 1507 and 28 more | 2026-02-22 | 5 Medium |
| Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally. | ||||
| CVE-2025-59197 | 1 Microsoft | 25 Windows, Windows 10, Windows 10 1507 and 22 more | 2026-02-22 | 5.5 Medium |
| Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-59191 | 1 Microsoft | 23 Connected Devices Platform Service, Windows, Windows 10 and 20 more | 2026-02-22 | 7.8 High |
| Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59190 | 1 Microsoft | 31 Windows, Windows 10, Windows 10 1507 and 28 more | 2026-02-22 | 5.5 Medium |
| Improper input validation in Microsoft Windows Search Component allows an unauthorized attacker to deny service locally. | ||||