Windows CSC Service
by Microsoft
CVEs (417)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-41076 | Hig | 0.60 | 8.5 | 0.62 | Dec 13, 2022 | PowerShell Remote Code Execution Vulnerability | ||
| CVE-2022-37958 | Hig | 0.60 | 8.1 | 0.86 | Sep 13, 2022 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | ||
| CVE-2022-24500 | Hig | 0.60 | 8.8 | 0.39 | Apr 15, 2022 | Windows SMB Remote Code Execution Vulnerability | ||
| CVE-2022-21972 | Hig | 0.59 | 8.1 | 0.81 | May 10, 2022 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2022-23285 | Hig | 0.59 | 8.8 | 0.26 | Mar 9, 2022 | Remote Desktop Client Remote Code Execution Vulnerability | ||
| CVE-2022-21990 | Hig | 0.59 | 8.8 | 0.19 | Mar 9, 2022 | Remote Desktop Client Remote Code Execution Vulnerability | ||
| CVE-2019-1019 | Hig | 0.59 | 8.5 | 0.15 | Jun 12, 2019 | A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this… | ||
| CVE-2022-23270 | Hig | 0.58 | 8.1 | 0.73 | May 10, 2022 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2022-21919 | Hig | 0.58 | 7.0 | 0.03 | KEV | Jan 11, 2022 | Windows User Profile Service Elevation of Privilege Vulnerability | |
| CVE-2019-0888 | Hig | 0.58 | 8.8 | 0.11 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that… | ||
| CVE-2019-0722 | Hig | 0.58 | 8.8 | 0.05 | Jun 12, 2019 | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating… | ||
| CVE-2023-21732 | Hig | 0.57 | 8.8 | 0.01 | Jan 10, 2023 | Microsoft ODBC Driver Remote Code Execution Vulnerability | ||
| CVE-2023-21681 | Hig | 0.57 | 8.8 | 0.01 | Jan 10, 2023 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||
| CVE-2022-41048 | Hig | 0.57 | 8.8 | 0.01 | Nov 9, 2022 | Microsoft ODBC Driver Remote Code Execution Vulnerability | ||
| CVE-2022-41047 | Hig | 0.57 | 8.8 | 0.01 | Nov 9, 2022 | Microsoft ODBC Driver Remote Code Execution Vulnerability | ||
| CVE-2022-38040 | Hig | 0.57 | 8.8 | 0.01 | Oct 11, 2022 | Microsoft ODBC Driver Remote Code Execution Vulnerability | ||
| CVE-2022-38034 | Hig | 0.57 | 8.8 | 0.03 | Oct 11, 2022 | Windows Workstation Service Elevation of Privilege Vulnerability | ||
| CVE-2022-38031 | Hig | 0.57 | 8.8 | 0.01 | Oct 11, 2022 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||
| CVE-2022-37982 | Hig | 0.57 | 8.8 | 0.01 | Oct 11, 2022 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||
| CVE-2022-37975 | Hig | 0.57 | 8.8 | 0.01 | Oct 11, 2022 | Windows Group Policy Elevation of Privilege Vulnerability |
- risk 0.60cvss 8.5epss 0.62
PowerShell Remote Code Execution Vulnerability
- risk 0.60cvss 8.1epss 0.86
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
- risk 0.60cvss 8.8epss 0.39
Windows SMB Remote Code Execution Vulnerability
- risk 0.59cvss 8.1epss 0.81
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.59cvss 8.8epss 0.26
Remote Desktop Client Remote Code Execution Vulnerability
- risk 0.59cvss 8.8epss 0.19
Remote Desktop Client Remote Code Execution Vulnerability
- risk 0.59cvss 8.5epss 0.15
A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this…
- risk 0.58cvss 8.1epss 0.73
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.58cvss 7.0epss 0.03
Windows User Profile Service Elevation of Privilege Vulnerability
- risk 0.58cvss 8.8epss 0.11
A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that…
- risk 0.58cvss 8.8epss 0.05
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating…
- risk 0.57cvss 8.8epss 0.01
Microsoft ODBC Driver Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.01
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.01
Microsoft ODBC Driver Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.01
Microsoft ODBC Driver Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.01
Microsoft ODBC Driver Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.03
Windows Workstation Service Elevation of Privilege Vulnerability
- risk 0.57cvss 8.8epss 0.01
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.01
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.01
Windows Group Policy Elevation of Privilege Vulnerability
Page 2 of 21