CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2012-2539	High	84.4%	MicrosoftWord	Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.	Mar 28, 2022	KEV
CVE-2019-0903	High	34.4%	MicrosoftGraphics Device Interface (GDI)	A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.	Mar 25, 2022	KEV
CVE-2022-21999	High	72.7%	MicrosoftWindows	Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.	Mar 25, 2022	KEV
CVE-2018-8373	High	82.4%	MicrosoftInternet Explorer Scripting Engine	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.	Mar 25, 2022	KEV
CVE-2018-8414	High	87.9%	MicrosoftWindows	A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.	Mar 25, 2022	KEV
CVE-2017-0146	High	93.3%	MicrosoftWindows	The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.	Mar 25, 2022	KEV
CVE-2014-6332	High	94.1%	MicrosoftWindows	OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.	Mar 25, 2022	KEV
CVE-2014-6324	High	89.8%	MicrosoftKerberos Key Distribution Center (KDC)	The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.	Mar 25, 2022	KEV
CVE-2019-1253	High	30.2%	MicrosoftWindows	A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.	Mar 15, 2022	KEV
CVE-2019-1405	High	57.1%	MicrosoftWindows	A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.	Mar 15, 2022	KEV
CVE-2019-1069	High	30.5%	MicrosoftTask Scheduler	A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.	Mar 15, 2022	KEV
CVE-2019-1322	High	36.5%	MicrosoftWindows	A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.	Mar 15, 2022	KEV
CVE-2019-0543	High	16.6%	MicrosoftWindows	A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.	Mar 15, 2022	KEV
CVE-2017-0101	High	64.4%	MicrosoftWindows	A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.	Mar 15, 2022	KEV
CVE-2016-3309	High	43.0%	MicrosoftWindows	A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.	Mar 15, 2022	KEV
CVE-2019-1132	High	35.6%	MicrosoftWin32k	A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.	Mar 15, 2022	KEV
CVE-2019-1315	High	7.5%	MicrosoftWindows	A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.	Mar 15, 2022	KEV
CVE-2019-0841	High	82.7%	MicrosoftWindows	A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.	Mar 15, 2022	KEV
CVE-2019-1064	High	11.3%	MicrosoftWindows	A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.	Mar 15, 2022	KEV
CVE-2018-8120	High	94.1%	MicrosoftWin32k	A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.	Mar 15, 2022	KEV

CVE-2012-2539KEV

High

Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.

MicrosoftEPSS 84.4%

CVE-2019-0903KEV

High

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.

MicrosoftEPSS 34.4%

CVE-2022-21999KEV

High

Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.

MicrosoftEPSS 72.7%

CVE-2018-8373KEV

High

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.

MicrosoftEPSS 82.4%

CVE-2018-8414KEV

High

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.

MicrosoftEPSS 87.9%

CVE-2017-0146KEV

High

The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.

MicrosoftEPSS 93.3%

CVE-2014-6332KEV

High

OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.

MicrosoftEPSS 94.1%

CVE-2014-6324KEV

High

The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.

MicrosoftEPSS 89.8%

CVE-2019-1253KEV

High

A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.

MicrosoftEPSS 30.2%

CVE-2019-1405KEV

High

A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.

MicrosoftEPSS 57.1%

CVE-2019-1069KEV

High

A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations.

MicrosoftEPSS 30.5%

CVE-2019-1322KEV

High

A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.

MicrosoftEPSS 64.4%

CVE-2016-3309KEV

High

A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

MicrosoftEPSS 43.0%

CVE-2019-1132KEV

High

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

MicrosoftEPSS 35.6%

CVE-2019-1315KEV

High

A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

MicrosoftEPSS 7.5%

CVE-2019-0841KEV

High

A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

MicrosoftEPSS 82.7%

CVE-2019-1064KEV

High

A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

MicrosoftEPSS 11.3%

CVE-2018-8120KEV

High

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.

MicrosoftEPSS 94.1%

16 17 18 19 20 21 22