Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Server 2008 Sp2
Subscriptions
Total
1178 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-0790 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-08-04 | 7.8 High |
<p>A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.</p> <p>This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted.</p> <p>The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls..</p> | ||||
CVE-2020-0761 | 1 Microsoft | 10 Windows Server 1903, Windows Server 1909, Windows Server 2004 and 7 more | 2024-08-04 | 8.8 High |
<p>A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account</p> <p>To exploit the vulnerability, an authenticated attacker could send malicious requests to an Active Directory integrated DNS (ADIDNS) server.</p> <p>The update addresses the vulnerability by correcting how Active Directory integrated DNS (ADIDNS) handles objects in memory.</p> | ||||
CVE-2020-0718 | 1 Microsoft | 10 Windows Server 1903, Windows Server 1909, Windows Server 2004 and 7 more | 2024-08-04 | 8.8 High |
<p>A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account</p> <p>To exploit the vulnerability, an authenticated attacker could send malicious requests to an Active Directory integrated DNS (ADIDNS) server.</p> <p>The update addresses the vulnerability by correcting how Active Directory integrated DNS (ADIDNS) handles objects in memory.</p> | ||||
CVE-2020-0664 | 1 Microsoft | 10 Windows Server 1903, Windows Server 1909, Windows Server 2004 and 7 more | 2024-08-04 | 6.5 Medium |
<p>An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system.</p> <p>To exploit this condition, an authenticated attacker would need to send a specially crafted request to the AD|DNS service. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system.</p> <p>The update addresses the vulnerability by correcting how Active Directory integrated DNS (ADIDNS) handles objects in memory.</p> | ||||
CVE-2020-0648 | 1 Microsoft | 18 Windows 10, Windows 10 1607, Windows 10 1803 and 15 more | 2024-08-04 | 7.8 High |
<p>An elevation of privilege vulnerability exists when the Windows RSoP Service Application improperly handles memory.</p> <p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.</p> <p>The security update addresses the vulnerability by correcting how the Windows RSoP Service Application handles memory.</p> | ||||
CVE-2021-43883 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.8 High |
Windows Installer Elevation of Privilege Vulnerability | ||||
CVE-2021-43893 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.5 High |
Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability | ||||
CVE-2021-43238 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.8 High |
Windows Remote Access Elevation of Privilege Vulnerability | ||||
CVE-2021-43236 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.5 High |
Microsoft Message Queuing Information Disclosure Vulnerability | ||||
CVE-2021-43230 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.8 High |
Windows NTFS Elevation of Privilege Vulnerability | ||||
CVE-2021-43229 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.8 High |
Windows NTFS Elevation of Privilege Vulnerability | ||||
CVE-2021-43234 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.8 High |
Windows Fax Service Remote Code Execution Vulnerability | ||||
CVE-2021-43224 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 5.5 Medium |
Windows Common Log File System Driver Information Disclosure Vulnerability | ||||
CVE-2021-43222 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.5 High |
Microsoft Message Queuing Information Disclosure Vulnerability | ||||
CVE-2021-43226 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.8 High |
Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
CVE-2021-43216 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 6.5 Medium |
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | ||||
CVE-2021-43217 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 8.1 High |
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability | ||||
CVE-2021-43215 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-08-04 | 9.8 Critical |
iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution | ||||
CVE-2021-43207 | 1 Microsoft | 24 Windows 10, Windows 10 1507, Windows 10 1607 and 21 more | 2024-08-04 | 7.8 High |
Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
CVE-2021-42282 | 1 Microsoft | 11 Windows Server, Windows Server 2004, Windows Server 2008 and 8 more | 2024-08-04 | 7.5 High |
Active Directory Domain Services Elevation of Privilege Vulnerability |