CPE Details
Microsoft Windows Server 2025 - on X64
-
2025-04-24
11h45 +00:00
11h45 +00:00
2025-04-24
11h45 +00:00
11h45 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:o:microsoft:windows_server_2025:-:*:*:*:*:*:x64:*
Informations
Vendor
microsoftProduct
windows_server_2025Version
-Target Hardware
x64Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | 7.8 |
Haute |
||
| Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. | 7 |
Haute |
||
| Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | 7.8 |
Haute |
||
| Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | 5.5 |
Moyen |
||
| Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | 7.8 |
Haute |
||
| Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. | 4.6 |
Moyen |
||
| External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | 6.5 |
Moyen |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Core Messaging Elevation of Privileges Vulnerability | 7 |
Haute |
||
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | 6.5 |
Moyen |
||
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | 6.5 |
Moyen |
||
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | 6.5 |
Moyen |
||
| Windows Core Messaging Elevation of Privileges Vulnerability | 7 |
Haute |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
Haute |
||
| DHCP Client Service Denial of Service Vulnerability | 4.8 |
Moyen |
||
| NTLM Hash Disclosure Spoofing Vulnerability | 6.5 |
Moyen |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Kerberos Denial of Service Vulnerability | 5.9 |
Moyen |
||
| Windows Remote Desktop Configuration Service Tampering Vulnerability | 6.8 |
Moyen |
||
| Windows Deployment Services Denial of Service Vulnerability | 6 |
Moyen |
||
| Windows NTFS Elevation of Privilege Vulnerability | 3.3 |
Bas |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Disk Cleanup Tool Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Setup Files Cleanup Elevation of Privilege Vulnerability | 7.1 |
Haute |
||
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Storage Elevation of Privilege Vulnerability | 7.1 |
Haute |
||
| Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | 7.4 |
Haute |
||
| Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | 7.4 |
Haute |
||
| DHCP Client Service Remote Code Execution Vulnerability | 7.1 |
Haute |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Microsoft Digest Authentication Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Microsoft Digest Authentication Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows NTLM V1 Elevation of Privilege Vulnerability | 9.8 |
Critique |
||
| Internet Explorer Remote Code Execution Vulnerability | 7.8 |
Haute |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 8.8 |
Haute |
||
| Windows Security Account Manager (SAM) Denial of Service Vulnerability | 6.5 |
Moyen |
||
| Windows Kerberos Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows CSC Service Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows CSC Service Information Disclosure Vulnerability | 5.5 |
Moyen |
||
| Microsoft Brokering File System Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability | 5.5 |
Moyen |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| GDI+ Remote Code Execution Vulnerability | 7.8 |
Haute |
||
| Windows Cryptographic Information Disclosure Vulnerability | 5.6 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Moyen |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Themes Spoofing Vulnerability | 6.5 |
Moyen |
||
| Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | 9.8 |
Critique |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows upnphost.dll Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows Search Service Elevation of Privilege Vulnerability | 8.8 |
Haute |
||
| Windows Installer Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows MapUrlToZone Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows App Package Installer Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Event Tracing Denial of Service Vulnerability | 5.5 |
Moyen |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 4.3 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| IP Helper Denial of Service Vulnerability | 7.5 |
Haute |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | 5.9 |
Moyen |
||
| Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Secure Boot Security Feature Bypass Vulnerability | 4.6 |
Moyen |
||
| Secure Boot Security Feature Bypass Vulnerability | 6.8 |
Moyen |
||
| Windows Recovery Environment Agent Elevation of Privilege Vulnerability | 6.1 |
Moyen |
||
| Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Active Directory Federation Server Spoofing Vulnerability | 6.5 |
Moyen |
||
| Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Microsoft Message Queuing Information Disclosure Vulnerability | 7.5 |
Haute |
||
| Windows Remote Desktop Services Denial of Service Vulnerability | 7.5 |
Haute |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 4.3 |
Moyen |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 4.3 |
Moyen |
||
| Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | 6.2 |
Moyen |
||
| Windows NTLM Spoofing Vulnerability | 6.5 |
Moyen |
||
| Windows upnphost.dll Denial of Service Vulnerability | 7.5 |
Haute |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 4.3 |
Moyen |
||
| Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Moyen |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Moyen |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Moyen |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Moyen |
||
| Windows Kernel Memory Information Disclosure Vulnerability | 5.5 |
Moyen |
||
| Microsoft Brokering File System Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows SmartScreen Spoofing Vulnerability | 6.5 |
Moyen |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Geolocation Service Information Disclosure Vulnerability | 6.5 |
Moyen |
||
| Windows Kerberos Security Feature Bypass Vulnerability | 7.8 |
Haute |
||
| Windows OLE Remote Code Execution Vulnerability | 9.8 |
Critique |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| BranchCache Remote Code Execution Vulnerability | 7.5 |
Haute |
||
| SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Microsoft Digest Authentication Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Active Directory Domain Services Elevation of Privilege Vulnerability | 8.8 |
Haute |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows COM Server Information Disclosure Vulnerability | 6.5 |
Moyen |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows Virtual Trusted Platform Module Denial of Service Vulnerability | 5.5 |
Moyen |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Microsoft COM for Windows Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Virtual Trusted Platform Module Denial of Service Vulnerability | 5.5 |
Moyen |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows COM Server Information Disclosure Vulnerability | 6.5 |
Moyen |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows HTML Platforms Security Feature Bypass Vulnerability | 4.3 |
Moyen |
||
| MapUrlToZone Security Feature Bypass Vulnerability | 4.3 |
Moyen |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows WLAN AutoConfig Service Information Disclosure Vulnerability | 5.5 |
Moyen |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows Digital Media Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Kerberos Information Disclosure Vulnerability | 5.9 |
Moyen |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Secure Boot Security Feature Bypass Vulnerability | 4.6 |
Moyen |
||
| Windows BitLocker Information Disclosure Vulnerability | 4.2 |
Moyen |
||
| Windows BitLocker Information Disclosure Vulnerability | 4.2 |
Moyen |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Remote Desktop Client Remote Code Execution Vulnerability | 8.4 |
Haute |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 9.8 |
Critique |
||
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | 7 |
Haute |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Windows File Explorer Information Disclosure Vulnerability | 6.8 |
Moyen |
||
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows IP Routing Management Snapin Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Input Method Editor (IME) Remote Code Execution Vulnerability | 7.8 |
Haute |
||
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Remote Desktop Services Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows Task Scheduler Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Hyper-V Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| WmsRepair Service Elevation of Privilege Vulnerability | 7.3 |
Haute |
||
| Windows Remote Desktop Services Remote Code Execution Vulnerability | 8.1 |
Haute |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | 4.3 |
Moyen |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | 4.3 |
Moyen |
||
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | 4.3 |
Moyen |
||
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | 7 |
Haute |
||
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | 7.5 |
Haute |
||
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | 6.6 |
Moyen |
||
| Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | 8.8 |
Haute |
||
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Windows Domain Name Service Remote Code Execution Vulnerability | 7.2 |
Haute |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.2 |
Haute |
||
| Windows Mobile Broadband Driver Information Disclosure Vulnerability | 4.6 |
Moyen |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7 |
Haute |
||
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Windows Task Scheduler Elevation of Privilege Vulnerability | 8.8 |
Haute |
||
| Active Directory Certificate Services Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Package Library Manager Information Disclosure Vulnerability | 6.2 |
Moyen |
||
| Windows SMB Denial of Service Vulnerability | 7.5 |
Haute |
||
| Windows Registry Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows KDC Proxy Remote Code Execution Vulnerability | 9.8 |
Critique |
||
| Win32k Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows DWM Core Library Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability | 5.9 |
Moyen |
||
| Windows Registry Elevation of Privilege Vulnerability | 7.5 |
Haute |
||
| NTLM Hash Disclosure Spoofing Vulnerability | 6.5 |
Moyen |
||
| Windows DNS Spoofing Vulnerability | 7.5 |
Haute |
||
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Client-Side Caching Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | 6.8 |
Moyen |
||
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Remote Code Execution Vulnerability | 8.8 |
Haute |
||
| Windows Telephony Service Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Microsoft Windows VMSwitch Elevation of Privilege Vulnerability | 8.1 |
Haute |
||
| Windows NT OS Kernel Elevation of Privilege Vulnerability | 7.8 |
Haute |
||
| Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the format is different from the original CVE published in 2013, except for clarifications about how to configure the EnableCertPaddingCheck registry value, the information herein remains unchanged from the original text published on December 10, 2013, Microsoft does not plan to enforce the stricter verification behavior as a default functionality on supported releases of Microsoft Windows. This behavior remains available as an opt-in feature via reg key setting, and is available on supported editions of Windows released since December 10, 2013. This includes all currently supported versions of Windows 10 and Windows 11. The supporting code for this reg key was incorporated at the time of release for Windows 10 and Windows 11, so no security update is required; however, the reg key must be set. See the Security Updates table for the list of affected software. Vulnerability Description A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for portable executable (PE) files. An anonymous attacker could exploit the vulnerability by modifying an existing signed executable file to leverage unverified portions of the file in such a way as to add malicious code to the file without invalidating the signature. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of this vulnerability requires that a user or application run or install a specially crafted, signed PE file. An attacker could modify an... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-3900 | 8.8 |
Haute |
