Windows CSC Service
by Microsoft
CVEs (406)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0888 | 0.05 | — | 0.57 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that… | |||
| CVE-2023-21746 | 0.04 | — | 0.54 | Jan 10, 2023 | Windows NTLM Elevation of Privilege Vulnerability | |||
| CVE-2022-44666 | 0.04 | — | 0.55 | Dec 13, 2022 | Windows Contacts Remote Code Execution Vulnerability | |||
| CVE-2022-23270 | 0.04 | — | 0.48 | May 10, 2022 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||
| CVE-2022-21972 | 0.04 | — | 0.49 | May 10, 2022 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||
| CVE-2022-24500 | 0.04 | — | 0.45 | Apr 15, 2022 | Windows SMB Remote Code Execution Vulnerability | |||
| CVE-2022-41076 | 0.03 | — | 0.34 | Dec 13, 2022 | PowerShell Remote Code Execution Vulnerability | |||
| CVE-2022-22025 | 0.03 | — | 0.40 | Jul 12, 2022 | Windows Internet Information Services Cachuri Module Denial of Service Vulnerability | |||
| CVE-2019-1019 | 0.03 | — | 0.03 | Jun 12, 2019 | A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this… | |||
| CVE-2019-0943 | 0.03 | — | 0.04 | Jun 12, 2019 | An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then… | |||
| CVE-2023-21527 | 0.02 | — | 0.28 | Jan 10, 2023 | Windows iSCSI Service Denial of Service Vulnerability | |||
| CVE-2023-21757 | 0.02 | — | 0.19 | Jan 10, 2023 | Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability | |||
| CVE-2022-41058 | 0.02 | — | 0.25 | Nov 9, 2022 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | |||
| CVE-2022-41053 | 0.02 | — | 0.25 | Nov 9, 2022 | Windows Kerberos Denial of Service Vulnerability | |||
| CVE-2022-41097 | 0.02 | — | 0.24 | Nov 9, 2022 | Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability | |||
| CVE-2022-41056 | 0.02 | — | 0.23 | Nov 9, 2022 | Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability | |||
| CVE-2022-38041 | 0.02 | — | 0.27 | Oct 11, 2022 | Windows Secure Channel Denial of Service Vulnerability | |||
| CVE-2022-37975 | 0.02 | — | 0.21 | Oct 11, 2022 | Windows Group Policy Elevation of Privilege Vulnerability | |||
| CVE-2022-33645 | 0.02 | — | 0.19 | Oct 11, 2022 | Windows TCP/IP Driver Denial of Service Vulnerability | |||
| CVE-2022-38006 | 0.02 | — | 0.26 | Sep 13, 2022 | Windows Graphics Component Information Disclosure Vulnerability |
- CVE-2019-0888Jun 12, 2019risk 0.05cvss —epss 0.57
A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that…
- CVE-2023-21746Jan 10, 2023risk 0.04cvss —epss 0.54
Windows NTLM Elevation of Privilege Vulnerability
- CVE-2022-44666Dec 13, 2022risk 0.04cvss —epss 0.55
Windows Contacts Remote Code Execution Vulnerability
- CVE-2022-23270May 10, 2022risk 0.04cvss —epss 0.48
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
- CVE-2022-21972May 10, 2022risk 0.04cvss —epss 0.49
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
- CVE-2022-24500Apr 15, 2022risk 0.04cvss —epss 0.45
Windows SMB Remote Code Execution Vulnerability
- CVE-2022-41076Dec 13, 2022risk 0.03cvss —epss 0.34
PowerShell Remote Code Execution Vulnerability
- CVE-2022-22025Jul 12, 2022risk 0.03cvss —epss 0.40
Windows Internet Information Services Cachuri Module Denial of Service Vulnerability
- CVE-2019-1019Jun 12, 2019risk 0.03cvss —epss 0.03
A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this…
- CVE-2019-0943Jun 12, 2019risk 0.03cvss —epss 0.04
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then…
- CVE-2023-21527Jan 10, 2023risk 0.02cvss —epss 0.28
Windows iSCSI Service Denial of Service Vulnerability
- CVE-2023-21757Jan 10, 2023risk 0.02cvss —epss 0.19
Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
- CVE-2022-41058Nov 9, 2022risk 0.02cvss —epss 0.25
Windows Network Address Translation (NAT) Denial of Service Vulnerability
- CVE-2022-41053Nov 9, 2022risk 0.02cvss —epss 0.25
Windows Kerberos Denial of Service Vulnerability
- CVE-2022-41097Nov 9, 2022risk 0.02cvss —epss 0.24
Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability
- CVE-2022-41056Nov 9, 2022risk 0.02cvss —epss 0.23
Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability
- CVE-2022-38041Oct 11, 2022risk 0.02cvss —epss 0.27
Windows Secure Channel Denial of Service Vulnerability
- CVE-2022-37975Oct 11, 2022risk 0.02cvss —epss 0.21
Windows Group Policy Elevation of Privilege Vulnerability
- CVE-2022-33645Oct 11, 2022risk 0.02cvss —epss 0.19
Windows TCP/IP Driver Denial of Service Vulnerability
- CVE-2022-38006Sep 13, 2022risk 0.02cvss —epss 0.26
Windows Graphics Component Information Disclosure Vulnerability
Page 2 of 21