Windows User Profile Service
by Microsoft
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-26904 | 0.17 | — | 0.23 | KEV | Apr 15, 2022 | Windows User Profile Service Elevation of Privilege Vulnerability | ||
| CVE-2022-21919 | 0.12 | — | 0.00 | KEV | Jan 11, 2022 | Windows User Profile Service Elevation of Privilege Vulnerability | ||
| CVE-2022-21895 | 0.00 | — | 0.01 | Jan 11, 2022 | Windows User Profile Service Elevation of Privilege Vulnerability | |||
| CVE-2021-26886 | 0.00 | — | 0.00 | Mar 11, 2021 | User Profile Service Denial of Service Vulnerability | |||
| CVE-2021-26873 | 0.00 | — | 0.00 | Mar 11, 2021 | Windows User Profile Service Elevation of Privilege Vulnerability | |||
| CVE-2020-16940 | 0.00 | — | 0.00 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this… | |||
| CVE-2020-1360 | 0.00 | — | 0.00 | Jul 14, 2020 | An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations, aka 'Windows Profile Service Elevation of Privilege Vulnerability'. | |||
| CVE-2019-1454 | 0.00 | — | 0.00 | Jan 24, 2020 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. | |||
| CVE-2019-0986 | 0.00 | — | 0.02 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker… |
- risk 0.17cvss —epss 0.23
Windows User Profile Service Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.00
Windows User Profile Service Elevation of Privilege Vulnerability
- CVE-2022-21895Jan 11, 2022risk 0.00cvss —epss 0.01
Windows User Profile Service Elevation of Privilege Vulnerability
- CVE-2021-26886Mar 11, 2021risk 0.00cvss —epss 0.00
User Profile Service Denial of Service Vulnerability
- CVE-2021-26873Mar 11, 2021risk 0.00cvss —epss 0.00
Windows User Profile Service Elevation of Privilege Vulnerability
- CVE-2020-16940Oct 16, 2020risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this…
- CVE-2020-1360Jul 14, 2020risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations, aka 'Windows Profile Service Elevation of Privilege Vulnerability'.
- CVE-2019-1454Jan 24, 2020risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
- CVE-2019-0986Jun 12, 2019risk 0.00cvss —epss 0.02
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker…