Windows CSC Service
by Microsoft
CVEs (406)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-21838 | 0.00 | — | 0.00 | Jan 11, 2022 | Windows Cleanup Manager Elevation of Privilege Vulnerability | |||
| CVE-2022-21836 | 0.00 | — | 0.00 | Jan 11, 2022 | Windows Certificate Spoofing Vulnerability | |||
| CVE-2022-21835 | 0.00 | — | 0.00 | Jan 11, 2022 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | |||
| CVE-2022-21834 | 0.00 | — | 0.00 | Jan 11, 2022 | Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability | |||
| CVE-2022-21833 | 0.00 | — | 0.00 | Jan 11, 2022 | Virtual Machine IDE Drive Elevation of Privilege Vulnerability | |||
| CVE-2020-17098 | 0.00 | — | 0.00 | Dec 9, 2020 | Windows GDI+ Information Disclosure Vulnerability | |||
| CVE-2020-16964 | 0.00 | — | 0.00 | Dec 9, 2020 | Windows Backup Engine Elevation of Privilege Vulnerability | |||
| CVE-2020-16963 | 0.00 | — | 0.00 | Dec 9, 2020 | Windows Backup Engine Elevation of Privilege Vulnerability | |||
| CVE-2020-16962 | 0.00 | — | 0.00 | Dec 9, 2020 | Windows Backup Engine Elevation of Privilege Vulnerability | |||
| CVE-2020-16961 | 0.00 | — | 0.00 | Dec 9, 2020 | Windows Backup Engine Elevation of Privilege Vulnerability | |||
| CVE-2020-16959 | 0.00 | — | 0.00 | Dec 9, 2020 | Windows Backup Engine Elevation of Privilege Vulnerability | |||
| CVE-2020-16960 | 0.00 | — | 0.00 | Dec 9, 2020 | Windows Backup Engine Elevation of Privilege Vulnerability | |||
| CVE-2020-16958 | 0.00 | — | 0.00 | Dec 9, 2020 | Windows Backup Engine Elevation of Privilege Vulnerability | |||
| CVE-2019-1053 | 0.00 | — | 0.00 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require… | |||
| CVE-2019-1043 | 0.00 | — | 0.03 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the… | |||
| CVE-2019-1028 | 0.00 | — | 0.00 | Jun 12, 2019 | An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the… | |||
| CVE-2019-1039 | 0.00 | — | 0.01 | Jun 12, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could… | |||
| CVE-2019-1045 | 0.00 | — | 0.00 | Jun 12, 2019 | An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally… | |||
| CVE-2019-0986 | 0.00 | — | 0.02 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker… | |||
| CVE-2019-1014 | 0.00 | — | 0.00 | Jun 12, 2019 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,… |
- CVE-2022-21838Jan 11, 2022risk 0.00cvss —epss 0.00
Windows Cleanup Manager Elevation of Privilege Vulnerability
- CVE-2022-21836Jan 11, 2022risk 0.00cvss —epss 0.00
Windows Certificate Spoofing Vulnerability
- CVE-2022-21835Jan 11, 2022risk 0.00cvss —epss 0.00
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
- CVE-2022-21834Jan 11, 2022risk 0.00cvss —epss 0.00
Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability
- CVE-2022-21833Jan 11, 2022risk 0.00cvss —epss 0.00
Virtual Machine IDE Drive Elevation of Privilege Vulnerability
- CVE-2020-17098Dec 9, 2020risk 0.00cvss —epss 0.00
Windows GDI+ Information Disclosure Vulnerability
- CVE-2020-16964Dec 9, 2020risk 0.00cvss —epss 0.00
Windows Backup Engine Elevation of Privilege Vulnerability
- CVE-2020-16963Dec 9, 2020risk 0.00cvss —epss 0.00
Windows Backup Engine Elevation of Privilege Vulnerability
- CVE-2020-16962Dec 9, 2020risk 0.00cvss —epss 0.00
Windows Backup Engine Elevation of Privilege Vulnerability
- CVE-2020-16961Dec 9, 2020risk 0.00cvss —epss 0.00
Windows Backup Engine Elevation of Privilege Vulnerability
- CVE-2020-16959Dec 9, 2020risk 0.00cvss —epss 0.00
Windows Backup Engine Elevation of Privilege Vulnerability
- CVE-2020-16960Dec 9, 2020risk 0.00cvss —epss 0.00
Windows Backup Engine Elevation of Privilege Vulnerability
- CVE-2020-16958Dec 9, 2020risk 0.00cvss —epss 0.00
Windows Backup Engine Elevation of Privilege Vulnerability
- CVE-2019-1053Jun 12, 2019risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require…
- CVE-2019-1043Jun 12, 2019risk 0.00cvss —epss 0.03
A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the…
- CVE-2019-1028Jun 12, 2019risk 0.00cvss —epss 0.00
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
- CVE-2019-1039Jun 12, 2019risk 0.00cvss —epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could…
- CVE-2019-1045Jun 12, 2019risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally…
- CVE-2019-0986Jun 12, 2019risk 0.00cvss —epss 0.02
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker…
- CVE-2019-1014Jun 12, 2019risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…
Page 20 of 21