CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows 8.1 : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
651 CVE-2020-0885 200 +Info 2020-03-12 2021-07-21
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'.
652 CVE-2020-0883 119 Exec Code Overflow 2020-03-12 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0881.
653 CVE-2020-0882 200 +Info 2020-03-12 2021-07-21
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0874, CVE-2020-0879, CVE-2020-0880.
654 CVE-2020-0881 119 Exec Code Overflow 2020-03-12 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0883.
655 CVE-2020-0880 200 +Info 2020-03-12 2021-07-21
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0874, CVE-2020-0879, CVE-2020-0882.
656 CVE-2020-0879 200 +Info 2020-03-12 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0874, CVE-2020-0880, CVE-2020-0882.
657 CVE-2020-0877 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0788, CVE-2020-0887.
658 CVE-2020-0875 200 +Info 2020-09-11 2021-07-21
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Information Disclosure Vulnerability'.
659 CVE-2020-0874 200 +Info 2020-03-12 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0879, CVE-2020-0880, CVE-2020-0882.
660 CVE-2020-0871 200 +Info 2020-03-12 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when Windows Network Connections Service fails to properly handle objects in memory, aka 'Windows Network Connections Service Information Disclosure Vulnerability'.
661 CVE-2020-0866 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0897.
662 CVE-2020-0865 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0866, CVE-2020-0897.
663 CVE-2020-0864 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897.
664 CVE-2020-0861 200 +Info 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability'.
665 CVE-2020-0860 269 +Priv 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0770, CVE-2020-0773.
666 CVE-2020-0859 200 +Info 2020-03-12 2021-07-21
2.1
None Local Low Not required Partial None None
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.
667 CVE-2020-0858 269 +Priv 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0776.
668 CVE-2020-0857 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'.
669 CVE-2020-0853 200 +Info 2020-03-12 2021-07-21
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.
670 CVE-2020-0849 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0840, CVE-2020-0841, CVE-2020-0896.
671 CVE-2020-0845 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0804.
672 CVE-2020-0844 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'.
673 CVE-2020-0843 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0779, CVE-2020-0798, CVE-2020-0814, CVE-2020-0842.
674 CVE-2020-0842 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0779, CVE-2020-0798, CVE-2020-0814, CVE-2020-0843.
675 CVE-2020-0840 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0841, CVE-2020-0849, CVE-2020-0896.
676 CVE-2020-0838 269 2020-09-11 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka 'NTFS Elevation of Privilege Vulnerability'.
677 CVE-2020-0834 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'.
678 CVE-2020-0822 2020-03-12 2021-11-29
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations, aka 'Windows Language Pack Installer Elevation of Privilege Vulnerability'.
679 CVE-2020-0821 200 +Info 2020-04-15 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1007.
680 CVE-2020-0819 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations, aka 'Windows Device Setup Manager Elevation of Privilege Vulnerability'.
681 CVE-2020-0814 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0779, CVE-2020-0798, CVE-2020-0842, CVE-2020-0843.
682 CVE-2020-0806 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0772.
683 CVE-2020-0804 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0845.
684 CVE-2020-0803 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0804, CVE-2020-0845.
685 CVE-2020-0802 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0803, CVE-2020-0804, CVE-2020-0845.
686 CVE-2020-0800 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897.
687 CVE-2020-0799 269 2020-03-12 2020-03-17
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
688 CVE-2020-0797 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897.
689 CVE-2020-0791 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0898.
690 CVE-2020-0790 269 2020-09-11 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'.
691 CVE-2020-0788 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0877, CVE-2020-0887.
692 CVE-2020-0787 269 2020-03-12 2020-06-11
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
693 CVE-2020-0785 269 2020-03-12 2020-03-18
3.6
None Local Low Not required None Partial Partial
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
694 CVE-2020-0783 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0781.
695 CVE-2020-0782 269 2020-09-11 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory, aka 'Windows Cryptographic Catalog Services Elevation of Privilege Vulnerability'.
696 CVE-2020-0781 269 2020-03-12 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0783.
697 CVE-2020-0780 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'.
698 CVE-2020-0779 59 2020-03-12 2020-03-16
2.1
None Local Low Not required None Partial None
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0798, CVE-2020-0814, CVE-2020-0842, CVE-2020-0843.
699 CVE-2020-0778 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0802, CVE-2020-0803, CVE-2020-0804, CVE-2020-0845.
700 CVE-2020-0777 269 2020-03-12 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897.
Total number of vulnerabilities : 1758   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 (This Page)15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.