Windows CSC Service
by Microsoft
CVEs (406)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0908 | 0.01 | — | 0.07 | Jun 12, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2019-0974 | 0.01 | — | 0.13 | Jun 12, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2019-0972 | 0.01 | — | 0.17 | Jun 12, 2019 | This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a… | |||
| CVE-2019-0977 | 0.01 | — | 0.08 | Jun 12, 2019 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an… | |||
| CVE-2019-0722 | 0.01 | — | 0.13 | Jun 12, 2019 | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating… | |||
| CVE-2019-0985 | 0.01 | — | 0.16 | Jun 12, 2019 | A remote code execution vulnerability exists when the Microsoft Speech API (SAPI) improperly handles text-to-speech (TTS) input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the… | |||
| CVE-2019-0905 | 0.01 | — | 0.10 | Jun 12, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2019-0906 | 0.01 | — | 0.09 | Jun 12, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2019-0904 | 0.01 | — | 0.10 | Jun 12, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2019-0909 | 0.01 | — | 0.07 | Jun 12, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2019-0907 | 0.01 | — | 0.10 | Jun 12, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2022-35759 | 0.00 | — | 0.05 | May 31, 2023 | Windows Local Security Authority (LSA) Denial of Service Vulnerability | |||
| CVE-2022-35758 | 0.00 | — | 0.00 | May 31, 2023 | Windows Kernel Memory Information Disclosure Vulnerability | |||
| CVE-2022-35753 | 0.00 | — | 0.03 | May 31, 2023 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | |||
| CVE-2022-35752 | 0.00 | — | 0.03 | May 31, 2023 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | |||
| CVE-2022-35750 | 0.00 | — | 0.04 | May 31, 2023 | Win32k Elevation of Privilege Vulnerability | |||
| CVE-2022-35747 | 0.00 | — | 0.01 | May 31, 2023 | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | |||
| CVE-2022-35745 | 0.00 | — | 0.03 | May 31, 2023 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | |||
| CVE-2022-35743 | 0.00 | — | 0.00 | May 31, 2023 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | |||
| CVE-2023-21546 | 0.00 | — | 0.01 | Jan 10, 2023 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
- CVE-2019-0908Jun 12, 2019risk 0.01cvss —epss 0.07
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2019-0974Jun 12, 2019risk 0.01cvss —epss 0.13
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2019-0972Jun 12, 2019risk 0.01cvss —epss 0.17
This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a…
- CVE-2019-0977Jun 12, 2019risk 0.01cvss —epss 0.08
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an…
- CVE-2019-0722Jun 12, 2019risk 0.01cvss —epss 0.13
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating…
- CVE-2019-0985Jun 12, 2019risk 0.01cvss —epss 0.16
A remote code execution vulnerability exists when the Microsoft Speech API (SAPI) improperly handles text-to-speech (TTS) input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the…
- CVE-2019-0905Jun 12, 2019risk 0.01cvss —epss 0.10
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2019-0906Jun 12, 2019risk 0.01cvss —epss 0.09
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2019-0904Jun 12, 2019risk 0.01cvss —epss 0.10
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2019-0909Jun 12, 2019risk 0.01cvss —epss 0.07
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2019-0907Jun 12, 2019risk 0.01cvss —epss 0.10
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2022-35759May 31, 2023risk 0.00cvss —epss 0.05
Windows Local Security Authority (LSA) Denial of Service Vulnerability
- CVE-2022-35758May 31, 2023risk 0.00cvss —epss 0.00
Windows Kernel Memory Information Disclosure Vulnerability
- CVE-2022-35753May 31, 2023risk 0.00cvss —epss 0.03
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
- CVE-2022-35752May 31, 2023risk 0.00cvss —epss 0.03
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
- CVE-2022-35750May 31, 2023risk 0.00cvss —epss 0.04
Win32k Elevation of Privilege Vulnerability
- CVE-2022-35747May 31, 2023risk 0.00cvss —epss 0.01
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
- CVE-2022-35745May 31, 2023risk 0.00cvss —epss 0.03
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
- CVE-2022-35743May 31, 2023risk 0.00cvss —epss 0.00
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
- CVE-2023-21546Jan 10, 2023risk 0.00cvss —epss 0.01
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
Page 8 of 21