Windows 10 1809 Security Vulnerabilities and Issues — Page 55 of Windows 10 1809 CVE List

7.8CVSS8.1AI score0.00511EPSS

CVE-2020-0667

An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0666, CVE-2020-0735, CVE-2020-0752.

7.8CVSS8AI score0.00404EPSS

CVE-2020-0678

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'.

7.8CVSS7.7AI score0.00502EPSS

CVE-2020-0741

An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0740, CVE-2020-0742, CVE-2020-0743, CVE-2020-0749, CVE-...

7.8CVSS8.1AI score0.1948EPSS

CVE-2020-0754

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0753.

CVE•added 2020/03/12 4:15 p.m.•87 views

CVE-2020-0785

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.

7.1CVSS8AI score0.00432EPSS

CVE•added 2020/03/12 4:15 p.m.•87 views

CVE-2020-0860

An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. This ...

7.8CVSS8.2AI score0.00656EPSS

CVE•added 2020/03/12 4:15 p.m.•87 views

CVE-2020-0866

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2...

7.8CVSS7.6AI score0.00538EPSS

7.6CVSS8AI score0.05083EPSS

CVE-2020-0908

A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system.An attacker could host a specially crafted website that is designed to exploit the vulnerabil...

5.5CVSS6.7AI score0.01084EPSS

CVE-2020-0921

Microsoft Graphics Component Denial of Service Vulnerability

5.5CVSS4.7AI score0.00986EPSS

CVE-2020-0928

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...

CVE•added 2020/04/15 3:15 p.m.•87 views

CVE-2020-0936

An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections, aka 'Windows Scheduled Task Elevation of Privilege Vulnerability'.

7.1CVSS7.5AI score0.00371EPSS

CVE•added 2020/04/15 3:15 p.m.•87 views

CVE-2020-0962

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0699.

5.5CVSS6AI score0.00873EPSS

CVE•added 2020/04/15 3:15 p.m.•87 views

CVE-2020-0982

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0987, CVE-2020-1005.

5.5CVSS6.2AI score0.0176EPSS

CVE•added 2020/05/21 11:15 p.m.•87 views

CVE-2020-1051

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1174, CVE-2020-1175, CVE-2020-1176.

9.3CVSS8AI score0.35463EPSS

CVE•added 2020/05/21 11:15 p.m.•87 views

CVE-2020-1118

A denial of service vulnerability exists in the Windows implementation of Transport Layer Security (TLS) when it improperly handles certain key exchanges, aka 'Microsoft Windows Transport Layer Security Denial of Service Vulnerability'.

7.8CVSS8.1AI score0.12606EPSS

8.8CVSS8.7AI score0.14862EPSS

CVE-2020-1129

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or cre...

5.5CVSS6.2AI score0.00479EPSS

CVE-2020-1263

An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1261.

7.8CVSS8.1AI score0.13831EPSS

CVE-2020-1287

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1294.

5.5CVSS6AI score0.00978EPSS

CVE-2020-1290

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

7.8CVSS8.1AI score0.13831EPSS

CVE-2020-1305

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'.

7.8CVSS8.2AI score0.15841EPSS

CVE-2020-1309

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Microsoft Store Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique fro...

7.8CVSS7.7AI score0.12134EPSS

CVE-2020-1334

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-130...

7.8CVSS7.7AI score0.00513EPSS

CVE-2020-1353

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1370, CVE-2020-1399, CVE-2020-1404, CVE-2020-1413, CVE-2020-1414, CVE-2020-141...

9.3CVSS8.4AI score0.35463EPSS

CVE-2020-1401

9.3CVSS8.9AI score0.35463EPSS

CVE-2020-1409

A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'.

7.8CVSS7.7AI score0.00513EPSS

CVE-2020-1422

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1353, CVE-2020-1370, CVE-2020-1399, CVE-2020-1404, CVE-2020-1413, CVE-2020-141...

6.5CVSS7.1AI score0.20177EPSS

CVE-2020-1468

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.