Windows 10 1809@* Security Vulnerabilities and Issues — Page 2 of Windows 10 1809@* CVE List

An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.T...

7.8CVSS8.3AI score0.00381EPSS

In wild

CVE•added 2020/04/15 3:15 p.m.•1071 views

CVE-2020-0938

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

7.8CVSS8.2AI score0.87842EPSS

In wild

CVE•added 2020/04/15 3:15 p.m.•1064 views

CVE-2020-1027

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.

7.8CVSS8AI score0.1501EPSS

In wild

CVE•added 2022/08/09 8:15 p.m.•1060 views

CVE-2022-34713

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

7.8CVSS8.9AI score0.07962EPSS

In wild

CVE•added 2019/04/09 3:29 a.m.•1057 views

CVE-2019-0797

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.

7.8CVSS8.2AI score0.52291EPSS

In wild

CVE•added 2023/10/18 4:15 a.m.•1049 views

CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxyhandshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allowthat to resolve the address instead of it getting done by curl itself, themaximum length that host name can be is 255 bytes. If the host name is...

9.8CVSS9.4AI score0.22222EPSS

CVE•added 2019/05/16 7:29 p.m.•1048 views

CVE-2019-0903

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

9.3CVSS8AI score0.50648EPSS

In wild

CVE•added 2020/01/14 11:15 p.m.•1038 views

CVE-2020-0638

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.

7.8CVSS8.6AI score0.07009EPSS

In wild

CVE•added 2022/05/10 9:15 p.m.•1035 views

CVE-2022-26923

Active Directory Domain Services Elevation of Privilege Vulnerability

9CVSS9.2AI score0.91618EPSS

In wild

CVE•added 2019/07/29 2:13 p.m.•1034 views

CVE-2019-1129

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130.

7.8CVSS7.7AI score0.08695EPSS

In wild

CVE•added 2023/09/12 5:15 p.m.•1026 views

CVE-2023-36802

Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.75007EPSS

In wild

CVE•added 2018/12/12 12:29 a.m.•977 views

CVE-2018-8611

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012...

7.8CVSS8.4AI score0.06406EPSS

In wild

CVE•added 2022/01/11 9:15 p.m.•971 views

CVE-2022-21907

HTTP Protocol Stack Remote Code Execution Vulnerability

10CVSS9.7AI score0.91737EPSS

In wild

CVE•added 2024/08/13 6:15 p.m.•936 views

CVE-2024-38063

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9.8AI score0.88095EPSS

CVE•added 2023/01/10 10:15 p.m.•904 views

CVE-2023-21674

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.09979EPSS

In wild

CVE•added 2022/09/13 7:15 p.m.•886 views

CVE-2022-37969

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.9AI score0.05424EPSS

In wild

CVE•added 2025/01/14 6:15 p.m.•884 views

CVE-2025-21298

Windows OLE Remote Code Execution Vulnerability

9.8CVSS9.8AI score0.70558EPSS

CVE•added 2022/11/09 10:15 p.m.•854 views

CVE-2022-41128

Windows Scripting Languages Remote Code Execution Vulnerability

8.8CVSS8.3AI score0.67153EPSS

In wild

CVE•added 2023/03/14 5:15 p.m.•851 views

CVE-2023-24880

Windows SmartScreen Security Feature Bypass Vulnerability

4.4CVSS7AI score0.90812EPSS

In wild

CVE•added 2022/10/11 7:15 p.m.•833 views

CVE-2022-41033

Windows COM+ Event System Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00234EPSS

In wild

CVE•added 2023/02/14 9:15 p.m.•829 views

CVE-2023-21823

Windows Graphics Component Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.03215EPSS

In wild

CVE•added 2019/11/12 7:15 p.m.•826 views

CVE-2019-1388

An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.02651EPSS

In wild

CVE•added 2022/11/09 10:15 p.m.•781 views

CVE-2022-41073

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00699EPSS

In wild

CVE•added 2022/11/09 10:15 p.m.•777 views

CVE-2022-41091

Windows Mark of the Web Security Feature Bypass Vulnerability

5.4CVSS7AI score0.06912EPSS

In wild