Search Results (Refine Search)
- CPE Product Version: cpe:/o:microsoft:windows_10:1607::~~~~x64~
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-33758 |
Windows Hyper-V Denial of Service Vulnerability Published: July 14, 2021; 2:15:10 PM -0400 |
V4.0:(not available) V3.1: 7.7 HIGH V2.0: 4.0 MEDIUM |
CVE-2021-28476 |
Windows Hyper-V Remote Code Execution Vulnerability Published: May 11, 2021; 3:15:09 PM -0400 |
V4.0:(not available) V3.1: 9.9 CRITICAL V2.0: 6.5 MEDIUM |
CVE-2021-28444 |
Windows Hyper-V Security Feature Bypass Vulnerability Published: April 13, 2021; 4:15:19 PM -0400 |
V4.0:(not available) V3.1: 5.7 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2021-26901 |
Windows Event Tracing Elevation of Privilege Vulnerability Published: March 11, 2021; 11:15:16 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2021-26899 |
Windows UPnP Device Host Elevation of Privilege Vulnerability Published: March 11, 2021; 11:15:16 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2021-26898 |
Windows Event Tracing Elevation of Privilege Vulnerability Published: March 11, 2021; 11:15:16 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2021-26879 |
Windows Network Address Translation (NAT) Denial of Service Vulnerability Published: March 11, 2021; 11:15:15 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2021-24076 |
Microsoft Windows VMSwitch Information Disclosure Vulnerability Published: February 25, 2021; 6:15:14 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2021-1704 |
Windows Hyper-V Elevation of Privilege Vulnerability Published: January 12, 2021; 3:15:34 PM -0500 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0: 7.2 HIGH |
CVE-2021-1692 |
Windows Hyper-V Denial of Service Vulnerability Published: January 12, 2021; 3:15:33 PM -0500 |
V4.0:(not available) V3.1: 7.7 HIGH V2.0: 4.0 MEDIUM |
CVE-2020-17140 |
Windows SMB Information Disclosure Vulnerability Published: December 09, 2020; 7:15:15 PM -0500 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0: 4.0 MEDIUM |
CVE-2020-17095 |
Windows Hyper-V Remote Code Execution Vulnerability Published: December 09, 2020; 7:15:14 PM -0500 |
V4.0:(not available) V3.1: 8.5 HIGH V2.0: 9.0 HIGH |
CVE-2020-1243 |
<p>A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.</p> <p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.</p> <p>The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.</p> Published: October 16, 2020; 7:15:17 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2020-16894 |
<p>A denial of service vulnerability exists when Windows Network Address Translation (NAT) on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.</p> <p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.</p> <p>The update addresses the vulnerability by modifying how Windows NAT accesses the host.</p> Published: October 16, 2020; 7:15:13 PM -0400 |
V4.0:(not available) V3.1: 7.7 HIGH V2.0: 6.8 MEDIUM |
CVE-2020-16891 |
<p>A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.</p> <p>An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system.</p> <p>The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input.</p> Published: October 16, 2020; 7:15:13 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2020-1598 |
<p>An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.</p> <p>The update addresses the vulnerability by correcting how the Windows UPnP service handles objects in memory.</p> Published: September 11, 2020; 1:15:22 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2020-1596 |
<p>A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel.</p> <p>To exploit the vulnerability, an attacker would have to conduct a man-in-the-middle attack.</p> <p>The update addresses the vulnerability by correcting how TLS components use hash algorithms.</p> Published: September 11, 2020; 1:15:21 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 2.9 LOW |
CVE-2020-1593 |
<p>A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.</p> <p>There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.</p> <p>The security update addresses the vulnerability by correcting how Windows Media Audio Decoder handles objects.</p> Published: September 11, 2020; 1:15:21 PM -0400 |
V4.0:(not available) V3.1: 7.6 HIGH V2.0: 6.8 MEDIUM |
CVE-2020-1589 |
<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p> Published: September 11, 2020; 1:15:21 PM -0400 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2020-1559 |
<p>An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p> <p>To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Storage Services properly handle file operations.</p> Published: September 11, 2020; 1:15:21 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |