Windows AppX Deployment Service
by Microsoft
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0841 | 0.28 | — | 0.83 | KEV | Apr 9, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836. | ||
| CVE-2019-1253 | 0.23 | — | 0.28 | KEV | Sep 11, 2019 | An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID… | ||
| CVE-2019-1064 | 0.19 | — | 0.12 | KEV | Jun 12, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view,… | ||
| CVE-2019-1130 | 0.18 | — | 0.02 | KEV | Jul 29, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129. | ||
| CVE-2019-1129 | 0.18 | — | 0.02 | KEV | Jul 29, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130. | ||
| CVE-2018-8476 | 0.04 | — | 0.49 | Nov 14, 2018 | A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows… | |||
| CVE-2023-36395 | 0.00 | — | 0.01 | Nov 14, 2023 | Windows Deployment Services Denial of Service Vulnerability | |||
| CVE-2023-36567 | 0.00 | — | 0.05 | Oct 10, 2023 | Windows Deployment Services Information Disclosure Vulnerability | |||
| CVE-2023-36707 | 0.00 | — | 0.05 | Oct 10, 2023 | Windows Deployment Services Denial of Service Vulnerability | |||
| CVE-2023-35322 | 0.00 | — | 0.02 | Jul 11, 2023 | Windows Deployment Services Remote Code Execution Vulnerability | |||
| CVE-2023-35321 | 0.00 | — | 0.03 | Jul 11, 2023 | Windows Deployment Services Denial of Service Vulnerability |
- risk 0.28cvss —epss 0.83
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.
- risk 0.23cvss —epss 0.28
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID…
- risk 0.19cvss —epss 0.12
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view,…
- risk 0.18cvss —epss 0.02
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129.
- risk 0.18cvss —epss 0.02
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130.
- CVE-2018-8476Nov 14, 2018risk 0.04cvss —epss 0.49
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows…
- CVE-2023-36395Nov 14, 2023risk 0.00cvss —epss 0.01
Windows Deployment Services Denial of Service Vulnerability
- CVE-2023-36567Oct 10, 2023risk 0.00cvss —epss 0.05
Windows Deployment Services Information Disclosure Vulnerability
- CVE-2023-36707Oct 10, 2023risk 0.00cvss —epss 0.05
Windows Deployment Services Denial of Service Vulnerability
- CVE-2023-35322Jul 11, 2023risk 0.00cvss —epss 0.02
Windows Deployment Services Remote Code Execution Vulnerability
- CVE-2023-35321Jul 11, 2023risk 0.00cvss —epss 0.03
Windows Deployment Services Denial of Service Vulnerability