itm4n/CVEs

# CVE | CVE ID | 标题 | 贡献者 | | :---: | --- | :---: | | [CVE-2026-20817](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20817/) | Windows 错误报告服务权限提升漏洞 | Denis Faiustov, Ruslan Sayfiev | | [CVE-2024-13345](https://nvd.nist.gov/vuln/detail/CVE-2024-13345) | Avada Builder <= 3.11.13 - 未认证任意短代码执行 | [@mikemyers](https://www.wordfence.com/threat-intel/vulnerabilities/researchers/michael-mazzolini) | | [CVE-2024-13346](https://nvd.nist.gov/vuln/detail/CVE-2024-13346) | Avada Theme <= 7.11.13 - 未认证任意短代码执行 | [@mikemyers](https://www.wordfence.com/threat-intel/vulnerabilities/researchers/michael-mazzolini) | | [CVE-2021-27091](https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-27091) | RPC 端点映射器服务权限提升漏洞 | [@itm4n](https://infosec.exchange/@itm4n) | | [CVE-2020-1194](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1194) | Microsoft Windows 跟踪任意目录创建 | [@itm4n](https://infosec.exchange/@itm4n) | | [CVE-2020-1170](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1170) | Microsoft Windows Defender 权限提升漏洞 | [@itm4n](https://infosec.exchange/@itm4n) | | [CVE-2020-1029](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1029) | Microsoft Windows DiagTrack 任意文件删除 | [@itm4n](https://infosec.exchange/@itm4n) | | [CVE-2020-0863](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0863) | Microsoft Windows DiagTrack 'UtcApi_DownloadLatestSettings' 任意文件读取 | [@itm4n](https://infosec.exchange/@itm4n) | | [CVE-2020-0787](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0787) | Microsoft Windows BITS 本地权限提升任意文件移动 | [@itm4n](https://infosec.exchange/@itm4n) | | [CVE-2020-0753](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0753) | Microsoft Windows 错误报告任意文件删除 | [@itm4n](https://infosec.exchange/@itm4n) | | [CVE-2020-0668](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0668) | Microsoft Windows 服务跟踪本地权限提升任意文件移动漏洞 | [@itm4n](https://infosec.exchange/@itm4n) | | [CVE-2019-19544](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19544) | CA Dollar Universe 5.3.3 'uxdqmsrv' - 通过存在漏洞的 setuid 二进制文件进行权限提升 | [@itm4n](https://infosec.exchange/@itm4n) | | [CVE-2017-13130](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13130) | BMC Patrol 'mcmnm' - 通过存在漏洞的 setuid 二进制文件进行权限提升 | [@itm4n](https://infosec.exchange/@itm4n) |

标签：BITS, CVE, Defender, DiagTrack, DNS 解析, HTTP工具, Microsoft, RPC, SEO, Tracing, Web报告查看器, Windows Error Reporting, 任意文件删除, 任意文件读取, 关键词, 协议分析, 多模态安全, 安全, 攻击路径, 数字签名, 未认证, 权限提升, 漏洞, 漏洞披露, 短code执行, 超时处理, 防御加固