# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2022-30226 |
269 |
|
|
2022-07-12 |
2022-07-20 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30206. |
2 |
CVE-2022-30225 |
269 |
|
|
2022-07-12 |
2022-07-20 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability. |
3 |
CVE-2022-29121 |
400 |
|
DoS |
2022-05-10 |
2022-05-25 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
Windows WLAN AutoConfig Service Denial of Service Vulnerability. |
4 |
CVE-2022-26935 |
668 |
|
|
2022-05-10 |
2022-05-19 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
Windows WLAN AutoConfig Service Information Disclosure Vulnerability. |
5 |
CVE-2022-22022 |
|
|
|
2022-07-12 |
2022-07-16 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22041, CVE-2022-30206, CVE-2022-30226. |
6 |
CVE-2022-21997 |
269 |
|
|
2022-02-09 |
2022-05-23 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21999, CVE-2022-22717, CVE-2022-22718. |
7 |
CVE-2022-21900 |
|
|
Bypass |
2022-01-11 |
2022-05-23 |
3.8 |
None |
Local Network |
Medium |
??? |
None |
Partial |
Partial |
Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-21905. |
8 |
CVE-2021-36961 |
|
|
DoS |
2021-09-15 |
2021-09-24 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
Windows Installer Denial of Service Vulnerability |
9 |
CVE-2021-1708 |
|
|
|
2021-01-12 |
2021-01-20 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
Windows GDI+ Information Disclosure Vulnerability |
10 |
CVE-2020-1333 |
269 |
|
|
2020-07-14 |
2021-07-21 |
3.7 |
None |
Local |
High |
Not required |
Partial |
Partial |
Partial |
An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points, aka 'Group Policy Services Policy Processing Elevation of Privilege Vulnerability'. |
11 |
CVE-2020-0785 |
269 |
|
|
2020-03-12 |
2020-03-18 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. |
12 |
CVE-2020-0730 |
59 |
|
|
2020-02-11 |
2020-02-14 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. |
13 |
CVE-2019-1454 |
269 |
|
|
2020-01-24 |
2020-01-27 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. |
14 |
CVE-2019-0986 |
59 |
|
|
2019-06-12 |
2020-08-24 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. |
15 |
CVE-2018-0976 |
|
|
DoS |
2018-04-12 |
2019-10-03 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka "Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
16 |
CVE-2017-11815 |
200 |
|
+Info |
2017-10-13 |
2019-05-16 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it handles certain requests, aka "Windows SMB Information Disclosure Vulnerability". |
17 |
CVE-2017-8581 |
281 |
|
|
2017-07-11 |
2019-10-03 |
3.7 |
None |
Local |
High |
Not required |
Partial |
Partial |
Partial |
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8578, CVE-2017-8580, CVE-2017-8577, and CVE-2017-8467. |
18 |
CVE-2017-0191 |
|
|
DoS |
2017-04-12 |
2019-10-03 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding, aka "Windows Denial of Service Vulnerability." |
19 |
CVE-2015-0009 |
254 |
|
Bypass |
2015-02-11 |
2019-10-29 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
Partial |
None |
The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows man-in-the-middle attackers to disable a signing requirement and trigger a revert-to-default action by spoofing domain-controller responses, aka "Group Policy Security Feature Bypass Vulnerability." |
20 |
CVE-2011-4434 |
264 |
|
Bypass |
2011-11-11 |
2020-09-28 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce AppLocker rules, which allows local users to bypass intended access restrictions via a (1) macro or (2) scripting feature in an application, as demonstrated by Microsoft Office applications and the SANDBOX_INERT and LOAD_IGNORE_CODE_AUTHZ_LEVEL flags. |