Windows AppX Deployment Service
by Microsoft
CVEs (21)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42987 | Hig | 0.53 | 8.1 | 0.01 | Jun 9, 2026 | Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network. | ||
| CVE-2019-0841 | 0.28 | — | 0.42 | KEV | Apr 9, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836. | ||
| CVE-2019-1253 | 0.23 | — | 0.12 | KEV | Sep 11, 2019 | An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID… | ||
| CVE-2019-1064 | 0.19 | — | 0.07 | KEV | Jun 12, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view,… | ||
| CVE-2019-1130 | 0.18 | — | 0.02 | KEV | Jul 29, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129. | ||
| CVE-2019-1129 | 0.18 | — | 0.02 | KEV | Jul 29, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130. | ||
| CVE-2019-1476 | 0.06 | — | 0.05 | Dec 10, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1483. | |||
| CVE-2018-8476 | 0.04 | — | 0.63 | Nov 14, 2018 | A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows… | |||
| CVE-2019-0603 | 0.02 | — | 0.34 | Apr 8, 2019 | A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the… | |||
| CVE-2023-36395 | 0.00 | — | 0.02 | Nov 14, 2023 | Windows Deployment Services Denial of Service Vulnerability | |||
| CVE-2023-36567 | 0.00 | — | 0.02 | Oct 10, 2023 | Windows Deployment Services Information Disclosure Vulnerability | |||
| CVE-2023-36707 | 0.00 | — | 0.03 | Oct 10, 2023 | Windows Deployment Services Denial of Service Vulnerability | |||
| CVE-2023-35322 | 0.00 | — | 0.01 | Jul 11, 2023 | Windows Deployment Services Remote Code Execution Vulnerability | |||
| CVE-2023-35321 | 0.00 | — | 0.01 | Jul 11, 2023 | Windows Deployment Services Denial of Service Vulnerability | |||
| CVE-2021-41347 | 0.00 | — | 0.01 | Oct 13, 2021 | Windows AppX Deployment Service Elevation of Privilege Vulnerability | |||
| CVE-2021-28326 | 0.00 | — | 0.01 | Apr 13, 2021 | Windows AppX Deployment Server Denial of Service Vulnerability | |||
| CVE-2020-0776 | 0.00 | — | 0.01 | Mar 12, 2020 | An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This… | |||
| CVE-2019-1483 | 0.00 | — | 0.02 | Dec 10, 2019 | An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID… | |||
| CVE-2019-1340 | 0.00 | — | 0.01 | Oct 10, 2019 | An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.… | |||
| CVE-2019-1303 | 0.00 | — | 0.01 | Sep 11, 2019 | An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID… |
- risk 0.53cvss 8.1epss 0.01
Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.
- risk 0.28cvss —epss 0.42
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.
- risk 0.23cvss —epss 0.12
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID…
- risk 0.19cvss —epss 0.07
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view,…
- risk 0.18cvss —epss 0.02
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129.
- risk 0.18cvss —epss 0.02
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130.
- CVE-2019-1476Dec 10, 2019risk 0.06cvss —epss 0.05
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1483.
- CVE-2018-8476Nov 14, 2018risk 0.04cvss —epss 0.63
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows…
- CVE-2019-0603Apr 8, 2019risk 0.02cvss —epss 0.34
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the…
- CVE-2023-36395Nov 14, 2023risk 0.00cvss —epss 0.02
Windows Deployment Services Denial of Service Vulnerability
- CVE-2023-36567Oct 10, 2023risk 0.00cvss —epss 0.02
Windows Deployment Services Information Disclosure Vulnerability
- CVE-2023-36707Oct 10, 2023risk 0.00cvss —epss 0.03
Windows Deployment Services Denial of Service Vulnerability
- CVE-2023-35322Jul 11, 2023risk 0.00cvss —epss 0.01
Windows Deployment Services Remote Code Execution Vulnerability
- CVE-2023-35321Jul 11, 2023risk 0.00cvss —epss 0.01
Windows Deployment Services Denial of Service Vulnerability
- CVE-2021-41347Oct 13, 2021risk 0.00cvss —epss 0.01
Windows AppX Deployment Service Elevation of Privilege Vulnerability
- CVE-2021-28326Apr 13, 2021risk 0.00cvss —epss 0.01
Windows AppX Deployment Server Denial of Service Vulnerability
- CVE-2020-0776Mar 12, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This…
- CVE-2019-1483Dec 10, 2019risk 0.00cvss —epss 0.02
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID…
- CVE-2019-1340Oct 10, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.…
- CVE-2019-1303Sep 11, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID…
Page 1 of 2