Windows CSC Service
by Microsoft
CVEs (406)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-26934 | Med | 0.44 | 6.5 | 0.17 | May 10, 2022 | Windows Graphics Component Information Disclosure Vulnerability | ||
| CVE-2022-30190 | 0.28 | — | 0.94 | KEV | Jun 1, 2022 | A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then… | ||
| CVE-2022-21999 | 0.27 | — | 0.72 | KEV | Feb 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2022-24521 | 0.19 | — | 0.08 | KEV | Apr 15, 2022 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2022-41073 | 0.18 | — | 0.02 | KEV | Nov 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2022-26904 | 0.17 | — | 0.23 | KEV | Apr 15, 2022 | Windows User Profile Service Elevation of Privilege Vulnerability | ||
| CVE-2022-41128 | 0.15 | — | 0.39 | KEV | Nov 9, 2022 | Windows Scripting Languages Remote Code Execution Vulnerability | ||
| CVE-2022-26925 | 0.15 | — | 0.37 | KEV | May 10, 2022 | Windows LSA Spoofing Vulnerability | ||
| CVE-2022-37969 | 0.13 | — | 0.13 | KEV | Sep 13, 2022 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2022-22718 | 0.13 | — | 0.08 | KEV | Feb 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2022-41033 | 0.12 | — | 0.02 | KEV | Oct 11, 2022 | Windows COM+ Event System Service Elevation of Privilege Vulnerability | ||
| CVE-2022-34713 | 0.12 | — | 0.04 | KEV | Aug 9, 2022 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | ||
| CVE-2022-22047 | 0.12 | — | 0.01 | KEV | Jul 12, 2022 | Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | ||
| CVE-2022-21919 | 0.12 | — | 0.00 | KEV | Jan 11, 2022 | Windows User Profile Service Elevation of Privilege Vulnerability | ||
| CVE-2024-26229 | 0.07 | — | 0.86 | Apr 9, 2024 | Windows CSC Service Elevation of Privilege Vulnerability | |||
| CVE-2022-34718 | 0.07 | — | 0.85 | Sep 13, 2022 | Windows TCP/IP Remote Code Execution Vulnerability | |||
| CVE-2022-26809 | 0.07 | — | 0.93 | Apr 15, 2022 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||
| CVE-2019-1040 | 0.07 | — | 0.90 | Jun 12, 2019 | A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security… | |||
| CVE-2023-21752 | 0.06 | — | 0.33 | Jan 10, 2023 | Windows Backup Service Elevation of Privilege Vulnerability | |||
| CVE-2019-0948 | 0.06 | — | 0.41 | Jun 12, 2019 | An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external… |
- risk 0.44cvss 6.5epss 0.17
Windows Graphics Component Information Disclosure Vulnerability
- risk 0.28cvss —epss 0.94
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then…
- risk 0.27cvss —epss 0.72
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.08
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.18cvss —epss 0.02
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.17cvss —epss 0.23
Windows User Profile Service Elevation of Privilege Vulnerability
- risk 0.15cvss —epss 0.39
Windows Scripting Languages Remote Code Execution Vulnerability
- risk 0.15cvss —epss 0.37
Windows LSA Spoofing Vulnerability
- risk 0.13cvss —epss 0.13
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 0.08
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.02
Windows COM+ Event System Service Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.04
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
- risk 0.12cvss —epss 0.01
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.00
Windows User Profile Service Elevation of Privilege Vulnerability
- CVE-2024-26229Apr 9, 2024risk 0.07cvss —epss 0.86
Windows CSC Service Elevation of Privilege Vulnerability
- CVE-2022-34718Sep 13, 2022risk 0.07cvss —epss 0.85
Windows TCP/IP Remote Code Execution Vulnerability
- CVE-2022-26809Apr 15, 2022risk 0.07cvss —epss 0.93
Remote Procedure Call Runtime Remote Code Execution Vulnerability
- CVE-2019-1040Jun 12, 2019risk 0.07cvss —epss 0.90
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security…
- CVE-2023-21752Jan 10, 2023risk 0.06cvss —epss 0.33
Windows Backup Service Elevation of Privilege Vulnerability
- CVE-2019-0948Jun 12, 2019risk 0.06cvss —epss 0.41
An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external…
Page 1 of 21