Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Windows Server 1803  Security Vulnerabilities
CVE-2019-1253
Known exploited
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303.
CVSS Score
7.8
EPSS Score
0.229
Published
2019-09-11
CVE-2019-1214
Known exploited
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
CVSS Score
7.8
EPSS Score
0.116
Published
2019-09-11
CVE-2019-1215
Known exploited
An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.
CVSS Score
7.8
EPSS Score
0.031
Published
2019-09-11
CVE-2019-1130
Known exploited
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129.
CVSS Score
7.8
EPSS Score
0.04
Published
2019-07-15
CVE-2019-1129
Known exploited
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130.
CVSS Score
7.8
EPSS Score
0.087
Published
2019-07-15
CVE-2019-1064
Known exploited
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows AppX Deployment Service handles hard links.
CVSS Score
7.8
EPSS Score
0.135
Published
2019-06-12
CVE-2019-1069
Known exploited
An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. To exploit the vulnerability, an attacker would require unprivileged code execution on a victim system. The security update addresses the vulnerability by correctly validating file operations.
CVSS Score
7.8
EPSS Score
0.319
Published
2019-06-12
CVE-2019-0903
Known exploited
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.
CVSS Score
8.8
EPSS Score
0.507
Published
2019-05-16
CVE-2019-0863
Known exploited
An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.
CVSS Score
7.8
EPSS Score
0.135
Published
2019-05-16
CVE-2019-0859
Known exploited
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.
CVSS Score
7.8
EPSS Score
0.102
Published
2019-04-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved