Windows CSC Service
by Microsoft
CVEs (417)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-1513 | 0.00 | — | 0.01 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate… | |||
| CVE-2020-1489 | 0.00 | — | 0.01 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate… | |||
| CVE-2020-0771 | 0.00 | — | 0.01 | Mar 12, 2020 | An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID… | |||
| CVE-2020-0769 | 0.00 | — | 0.01 | Mar 12, 2020 | An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID… | |||
| CVE-2019-1053 | 0.00 | — | 0.01 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require… | |||
| CVE-2019-1045 | 0.00 | — | 0.01 | Jun 12, 2019 | An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally… | |||
| CVE-2019-1043 | 0.00 | — | 0.03 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the… | |||
| CVE-2019-1028 | 0.00 | — | 0.01 | Jun 12, 2019 | An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the… | |||
| CVE-2019-1039 | 0.00 | — | 0.01 | Jun 12, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could… | |||
| CVE-2019-1017 | 0.00 | — | 0.01 | Jun 12, 2019 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,… | |||
| CVE-2019-1014 | 0.00 | — | 0.01 | Jun 12, 2019 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,… | |||
| CVE-2019-0986 | 0.00 | — | 0.02 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker… | |||
| CVE-2019-0984 | 0.00 | — | 0.01 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an… | |||
| CVE-2019-0973 | 0.00 | — | 0.01 | Jun 12, 2019 | An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An… | |||
| CVE-2019-0941 | 0.00 | — | 0.03 | Jun 12, 2019 | A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. To… | |||
| CVE-2019-0960 | 0.00 | — | 0.01 | Jun 12, 2019 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,… | |||
| CVE-2019-0713 | 0.00 | — | 0.02 | Jun 12, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,… |
- CVE-2020-1513Aug 17, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate…
- CVE-2020-1489Aug 17, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate…
- CVE-2020-0771Mar 12, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID…
- CVE-2020-0769Mar 12, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID…
- CVE-2019-1053Jun 12, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require…
- CVE-2019-1045Jun 12, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally…
- CVE-2019-1043Jun 12, 2019risk 0.00cvss —epss 0.03
A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the…
- CVE-2019-1028Jun 12, 2019risk 0.00cvss —epss 0.01
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
- CVE-2019-1039Jun 12, 2019risk 0.00cvss —epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could…
- CVE-2019-1017Jun 12, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…
- CVE-2019-1014Jun 12, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…
- CVE-2019-0986Jun 12, 2019risk 0.00cvss —epss 0.02
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker…
- CVE-2019-0984Jun 12, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an…
- CVE-2019-0973Jun 12, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An…
- CVE-2019-0941Jun 12, 2019risk 0.00cvss —epss 0.03
A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. To…
- CVE-2019-0960Jun 12, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…
- CVE-2019-0713Jun 12, 2019risk 0.00cvss —epss 0.02
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,…
Page 21 of 21