Windows 10 1903 Security Vulnerabilities and Issues — Windows 10 1903 CVE List

Lucene search

MicrosoftWindows 10 1903

18 matches found

CVE•added 2020/01/14 11:15 p.m.•1295 views

CVE-2020-0601

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, l...

8.1CVSS7.6AI score0.94044EPSS

CVE•added 2020/04/15 3:15 p.m.•1204 views

CVE-2020-1020

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

8.8CVSS8.2AI score0.8787EPSS

CVE•added 2020/10/16 11:15 p.m.•204 views

CVE-2020-16891

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could caus...

8.8CVSS8.7AI score0.00539EPSS

CVE•added 2020/10/16 11:15 p.m.•183 views

CVE-2020-16898

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.To exploit this vulnerability, an attack...

8.8CVSS8.7AI score0.32378EPSS

CVE•added 2019/06/12 2:29 p.m.•156 views

CVE-2019-1019

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access anothe...

8.5CVSS7.1AI score0.04674EPSS

CVE•added 2020/08/17 7:15 p.m.•147 views

CVE-2020-1509

An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the targ...

8.8CVSS8.1AI score0.06869EPSS

CVE•added 2019/06/12 2:29 p.m.•136 views

CVE-2019-0620

8.4CVSS8.1AI score0.00508EPSS

CVE•added 2020/12/10 12:15 a.m.•134 views

CVE-2020-17140

Windows SMB Information Disclosure Vulnerability

8.1CVSS6.8AI score0.19706EPSS

CVE•added 2019/06/12 2:29 p.m.•132 views

CVE-2019-1053

An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox.To exploit this vulnerability, an attacker would require unprivileged execution on the vi...

8.8CVSS7.2AI score0.00362EPSS

CVE•added 2020/08/17 7:15 p.m.•126 views

CVE-2020-1525

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacke...

8.8CVSS8.2AI score0.08623EPSS

CVE•added 2019/06/12 2:29 p.m.•107 views

CVE-2019-1043

A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could ...

8.5CVSS7.8AI score0.02663EPSS

CVE•added 2020/08/17 7:15 p.m.•106 views

CVE-2020-1552

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap...

8CVSS8AI score0.00792EPSS

CVE•added 2020/09/11 5:15 p.m.•106 views

CVE-2020-1593

A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.There are multiple ways an attacker could exploit the vulnerability, such as by convincing a us...

8.8CVSS8.3AI score0.01653EPSS

CVE•added 2020/10/16 11:15 p.m.•100 views

CVE-2020-1080

An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.This vulnerability by itself does not allow arbit...

8.8CVSS8.6AI score0.00744EPSS

CVE•added 2019/08/14 9:15 p.m.•97 views

CVE-2019-1170

An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.To exploit the vulnerability, an attacker ...

8.8CVSS8.2AI score0.02231EPSS

CVE•added 2021/02/25 11:15 p.m.•91 views

CVE-2020-17162

Microsoft Windows Security Feature Bypass Vulnerability

8.8CVSS8.5AI score0.10614EPSS

CVE•added 2020/10/16 11:15 p.m.•88 views

CVE-2020-16915

8.8CVSS8.1AI score0.12345EPSS

CVE•added 2020/09/11 5:15 p.m.•87 views

CVE-2020-1129

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or cre...

8.8CVSS8.7AI score0.14862EPSS