CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows 8.1 : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1347 119 DoS Overflow 2019-10-10 2019-10-15
7.1
None Remote Medium Not required None None Complete
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1346.
2 CVE-2019-1346 119 DoS Overflow 2019-10-10 2019-10-15
7.1
None Remote Medium Not required None None Complete
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1347.
3 CVE-2019-1343 119 DoS Overflow 2019-10-10 2019-10-15
7.1
None Remote Medium Not required None None Complete
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1346, CVE-2019-1347.
4 CVE-2019-1342 20 2019-10-10 2019-10-15
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1315, CVE-2019-1339.
5 CVE-2019-1341 269 2019-10-10 2019-10-15
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when umpo.dll of the Power Service, improperly handles a Registry Restore Key function, aka 'Windows Power Service Elevation of Privilege Vulnerability'.
6 CVE-2019-1339 269 2019-10-10 2019-10-15
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1315, CVE-2019-1342.
7 CVE-2019-1326 20 DoS 2019-10-10 2019-10-11
7.8
None Remote Low Not required None None Complete
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
8 CVE-2019-1319 269 2019-10-10 2019-10-11
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.
9 CVE-2019-1315 269 2019-10-10 2019-10-11
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342.
10 CVE-2019-1285 269 2019-09-11 2019-09-12
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1256.
11 CVE-2019-1271 269 2019-09-11 2019-09-12
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege exists in hdAudio.sys which may lead to an out of band write, aka 'Windows Media Elevation of Privilege Vulnerability'.
12 CVE-2019-1269 269 2019-09-11 2019-09-12
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1272.
13 CVE-2019-1268 269 2019-09-11 2019-09-12
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege exists when Winlogon does not properly handle file path information, aka 'Winlogon Elevation of Privilege Vulnerability'.
14 CVE-2019-1267 269 2019-09-11 2019-09-12
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Microsoft Compatibility Appraiser where a configuration file, with local privileges, is vulnerable to symbolic link and hard link attacks, aka 'Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability'.
15 CVE-2019-1256 269 2019-09-11 2019-09-12
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1285.
16 CVE-2019-1236 119 Exec Code Overflow 2019-09-11 2019-09-12
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1208.
17 CVE-2019-1235 20 2019-09-11 2019-09-12
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'.
18 CVE-2019-1215 269 2019-09-11 2019-09-12
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.
19 CVE-2019-1214 269 2019-09-11 2019-09-12
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
20 CVE-2019-1212 119 DoS Overflow Mem. Corr. 2019-08-14 2019-08-20
7.8
None Remote Low Not required None None Complete
A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets, aka 'Windows DHCP Server Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1206.
21 CVE-2019-1168 264 2019-08-14 2019-08-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability'.
22 CVE-2019-1164 264 2019-08-14 2019-08-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1159.
23 CVE-2019-1162 264 2019-08-14 2019-08-22
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'.
24 CVE-2019-1159 264 2019-08-14 2019-08-19
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1164.
25 CVE-2019-1130 264 2019-07-15 2019-07-16
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129.
26 CVE-2019-1089 264 2019-07-15 2019-07-19
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application. The security update addresses this vulnerability by correcting how rpcss.dll handles these requests., aka 'Windows RPCSS Elevation of Privilege Vulnerability'.
27 CVE-2019-1082 264 2019-07-15 2019-07-19
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Microsoft Windows where a certain DLL, with Local Service privilege, is vulnerable to race planting a customized DLL.An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM.The update addresses this vulnerability by requiring SYSTEM privileges for a certain DLL., aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1074.
28 CVE-2019-1053 264 2019-06-12 2019-06-14
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts, aka 'Windows Shell Elevation of Privilege Vulnerability'.
29 CVE-2019-1045 264 2019-06-12 2019-06-13
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory, aka 'Windows Network File System Elevation of Privilege Vulnerability'.
30 CVE-2019-1025 119 DoS Overflow 2019-06-12 2019-06-13
7.8
None Remote Low Not required None None Complete
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.
31 CVE-2019-1017 264 2019-06-12 2019-06-13
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0960, CVE-2019-1014.
32 CVE-2019-1014 264 2019-06-12 2019-06-13
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0960, CVE-2019-1017.
33 CVE-2019-0984 264 2019-06-12 2019-06-13
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0959.
34 CVE-2019-0973 264 2019-06-12 2019-06-13
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'.
35 CVE-2019-0943 264 2019-06-12 2019-06-13
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'.
36 CVE-2019-0936 264 2019-05-16 2019-05-20
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0734.
37 CVE-2019-0881 264 2019-05-16 2019-05-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
38 CVE-2019-0879 119 Exec Code Overflow 2019-04-09 2019-05-08
7.2
None Local Low Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0877.
39 CVE-2019-0877 119 Exec Code Overflow 2019-04-09 2019-05-08
7.2
None Local Low Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0879.
40 CVE-2019-0863 264 2019-05-16 2019-05-24
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.
41 CVE-2019-0859 264 2019-04-09 2019-04-10
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.
42 CVE-2019-0803 264 2019-04-09 2019-05-23
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.
43 CVE-2019-0797 264 2019-04-08 2019-05-08
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.
44 CVE-2019-0784 119 Exec Code Overflow 2019-04-08 2019-04-10
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'.
45 CVE-2019-0736 119 Exec Code Overflow Mem. Corr. 2019-08-14 2019-08-19
7.5
None Remote Low Not required Partial Partial Partial
A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'.
46 CVE-2019-0735 264 2019-04-09 2019-04-17
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Elevation of Privilege Vulnerability'.
47 CVE-2019-0720 20 Exec Code 2019-08-14 2019-08-20
7.7
None Local Network Low Single system Complete Complete Complete
A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'.
48 CVE-2019-0620 20 Exec Code 2019-06-12 2019-06-12
7.7
None Local Network Low Single system Complete Complete Complete
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0709, CVE-2019-0722.
49 CVE-2018-8641 404 2018-12-11 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8639.
50 CVE-2018-8639 404 2018-12-11 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8641.
Total number of vulnerabilities : 226   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.