CVE-2023-36874

Known exploited
Public exploit
Windows Error Reporting Service Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.15%
Published
2023-07-11
Updated
2023-09-27
CISA KEV Added
2023-07-11

CVE-2023-28252

Known exploited
Public exploit
Used for ransomware
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
2.55%
Published
2023-04-11
Updated
2023-09-14
CISA KEV Added
2023-04-11

CVE-2023-21768

Public exploit
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.40%
Published
2023-01-10
Updated
2023-04-27

CVE-2022-26904

Known exploited
Public exploit
Windows User Profile Service Elevation of Privilege Vulnerability
Max CVSS
7.0
EPSS Score
0.10%
Published
2022-04-15
Updated
2023-06-29
CISA KEV Added
2022-04-25

CVE-2022-21999

Known exploited
Public exploit
Windows Print Spooler Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.10%
Published
2022-02-09
Updated
2023-06-29
CISA KEV Added
2022-03-25

CVE-2022-21882

Known exploited
Public exploit
Win32k Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.14%
Published
2022-01-11
Updated
2023-12-21
CISA KEV Added
2022-02-04

CVE-2021-40449

Known exploited
Public exploit
Used for ransomware
Win32k Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.15%
Published
2021-10-13
Updated
2023-08-01
CISA KEV Added
2021-11-17

CVE-2021-38648

Known exploited
Public exploit
Open Management Infrastructure Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
96.24%
Published
2021-09-15
Updated
2023-12-28
CISA KEV Added
2021-11-03

CVE-2021-36942

Known exploited
Public exploit
Used for ransomware
Windows LSA Spoofing Vulnerability
Max CVSS
7.5
EPSS Score
85.29%
Published
2021-08-12
Updated
2023-12-28
CISA KEV Added
2021-11-03

CVE-2021-31207

Known exploited
Public exploit
Used for ransomware
Microsoft Exchange Server Security Feature Bypass Vulnerability
Max CVSS
7.2
EPSS Score
97.13%
Published
2021-05-11
Updated
2023-08-02
CISA KEV Added
2021-11-03

CVE-2021-27065

Known exploited
Public exploit
Used for ransomware
Microsoft Exchange Server Remote Code Execution Vulnerability
Max CVSS
7.8
EPSS Score
96.36%
Published
2021-03-03
Updated
2023-12-29
CISA KEV Added
2021-11-03

CVE-2021-1732

Known exploited
Public exploit
Used for ransomware
Windows Win32k Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.44%
Published
2021-02-25
Updated
2023-12-29
CISA KEV Added
2021-11-03

CVE-2020-17136

Public exploit
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.17%
Published
2020-12-10
Updated
2023-12-30

CVE-2020-1337

Public exploit
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application. The update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.
Max CVSS
7.8
EPSS Score
0.25%
Published
2020-08-17
Updated
2024-01-19

CVE-2020-1313

Public exploit
An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'.
Max CVSS
7.8
EPSS Score
1.08%
Published
2020-06-09
Updated
2022-04-28

CVE-2020-1147

Known exploited
Public exploit
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Max CVSS
7.8
EPSS Score
86.03%
Published
2020-07-14
Updated
2022-07-12
CISA KEV Added
2021-11-03

CVE-2020-1054

Known exploited
Public exploit
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.
Max CVSS
7.8
EPSS Score
0.47%
Published
2020-05-21
Updated
2022-04-28
CISA KEV Added
2021-11-03

CVE-2020-1048

Public exploit
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.
Max CVSS
7.8
EPSS Score
0.69%
Published
2020-05-21
Updated
2022-04-28

CVE-2020-0787

Known exploited
Public exploit
Used for ransomware
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
Max CVSS
7.8
EPSS Score
1.09%
Published
2020-03-12
Updated
2022-07-12
CISA KEV Added
2022-01-28

CVE-2020-0668

Public exploit
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.
Max CVSS
7.8
EPSS Score
0.48%
Published
2020-02-11
Updated
2022-01-01

CVE-2019-1458

Known exploited
Public exploit
Used for ransomware
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
Max CVSS
7.8
EPSS Score
96.58%
Published
2019-12-10
Updated
2023-01-30
CISA KEV Added
2022-01-10

CVE-2019-1405

Known exploited
Public exploit
Used for ransomware
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'.
Max CVSS
7.8
EPSS Score
0.12%
Published
2019-11-12
Updated
2023-03-01
CISA KEV Added
2022-03-15

CVE-2019-1322

Known exploited
Public exploit
Used for ransomware
An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1320, CVE-2019-1340.
Max CVSS
7.8
EPSS Score
0.11%
Published
2019-10-10
Updated
2020-08-24
CISA KEV Added
2022-03-15

CVE-2019-0841

Known exploited
Public exploit
Used for ransomware
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.
Max CVSS
7.8
EPSS Score
86.70%
Published
2019-04-09
Updated
2023-03-20
CISA KEV Added
2022-03-15

CVE-2019-0808

Known exploited
Public exploit
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
Max CVSS
7.8
EPSS Score
0.05%
Published
2019-04-09
Updated
2020-08-24
CISA KEV Added
2021-11-03
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!