Windows 10 Security Vulnerabilities and Issues — Page 17 of Windows 10 CVE List

The Windows kernel in Windows 10 version 1703. Windows 10 version 1709, and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Windows Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0746 and CVE-...

4.7CVSS4.6AI score0.10138EPSS

CVE•added 2018/01/04 2:29 p.m.•126 views

CVE-2018-0753

Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a denial of service vulnerability due to the way objects are handled in memory, aka "Windows IPSec Denial of Service Vulnerability".

7.1CVSS5.4AI score0.19064EPSS

CVE•added 2018/03/14 5:29 p.m.•126 views

CVE-2018-0816

The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerab...

7CVSS6.2AI score0.01338EPSS

CVE•added 2019/01/08 9:29 p.m.•126 views

CVE-2019-0554

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Wind...

5.5CVSS5.6AI score0.01077EPSS

CVE•added 2019/04/08 11:29 p.m.•126 views

CVE-2019-0617

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.

9.3CVSS8.4AI score0.25636EPSS

CVE•added 2019/03/06 12:0 a.m.•126 views

CVE-2019-0632

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631.

7.8CVSS8.3AI score0.00202EPSS

CVE•added 2019/04/09 12:29 a.m.•126 views

CVE-2019-0702

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0755, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782.

5.5CVSS5.6AI score0.00908EPSS

CVE•added 2019/04/09 9:29 p.m.•126 views

CVE-2019-0842

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'.

9.3CVSS8.8AI score0.24058EPSS

CVE•added 2019/04/09 9:29 p.m.•126 views

CVE-2019-0856

A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.

9CVSS8AI score0.09586EPSS

CVE•added 2020/06/09 8:15 p.m.•126 views

CVE-2020-1239

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1238.

8.8CVSS8.3AI score0.30475EPSS

CVE•added 2021/04/13 8:15 p.m.•126 views

CVE-2021-28329

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.12162EPSS

CVE•added 2021/04/13 8:15 p.m.•126 views

CVE-2021-28337

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.12162EPSS

CVE•added 2021/04/13 8:15 p.m.•126 views

CVE-2021-28345

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.12162EPSS

CVE•added 2021/05/11 7:15 p.m.•126 views

CVE-2021-31170

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS6.4AI score0.00387EPSS

CVE•added 2021/10/13 1:15 a.m.•126 views

CVE-2021-36970

Windows Print Spooler Spoofing Vulnerability

8.8CVSS7.9AI score0.08614EPSS

CVE•added 2021/09/15 12:15 p.m.•126 views

CVE-2021-38638

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00248EPSS

CVE•added 2021/10/13 1:15 a.m.•126 views

CVE-2021-41342

Windows MSHTML Platform Remote Code Execution Vulnerability

8.8CVSS7.7AI score0.01262EPSS

CVE•added 2022/01/11 9:15 p.m.•126 views

CVE-2022-21873

Tile Data Repository Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00581EPSS

CVE•added 2022/01/11 9:15 p.m.•126 views

CVE-2022-21905

Windows Hyper-V Security Feature Bypass Vulnerability

8CVSS6.7AI score0.00169EPSS

CVE•added 2022/01/11 9:15 p.m.•126 views

CVE-2022-21908

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.0061EPSS

CVE•added 2022/01/11 9:15 p.m.•126 views

CVE-2022-21914

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

7.8CVSS8.5AI score0.0189EPSS

CVE•added 2022/09/13 7:15 p.m.•126 views

CVE-2022-37956

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00908EPSS

CVE•added 2022/11/09 10:15 p.m.•126 views

CVE-2022-41100

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00086EPSS

CVE•added 2017/03/17 12:59 a.m.•125 views

CVE-2017-0060

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a ...

5.5CVSS4.3AI score0.03112EPSS

CVE•added 2017/12/12 9:29 p.m.•125 views

CVE-2017-11885

Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a remote code execution vulnerability due to the way the Routing and Remote Access service ha...

8.5CVSS8.3AI score0.61795EPSS

CVE•added 2018/09/13 12:29 a.m.•125 views

CVE-2018-8271

An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory, aka "Windows Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Serve...

5.5CVSS5.7AI score0.02604EPSS

CVE•added 2018/08/15 5:29 p.m.•125 views

CVE-2018-8348

4.7CVSS5.6AI score0.01216EPSS

CVE•added 2018/08/15 5:29 p.m.•125 views

CVE-2018-8404

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 20...

7.2CVSS6.7AI score0.0171EPSS

CVE•added 2018/11/14 1:29 a.m.•125 views

CVE-2018-8450

A remote code execution vulnerability exists when Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows S...

9CVSS7.7AI score0.15929EPSS

CVE•added 2019/03/06 12:0 a.m.•125 views

CVE-2019-0656

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.

7CVSS7.8AI score0.00537EPSS

CVE•added 2019/04/09 9:29 p.m.•125 views

CVE-2019-0840

5.5CVSS6.1AI score0.00978EPSS

CVE•added 2019/04/09 9:29 p.m.•125 views

CVE-2019-0849

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0802.

6.5CVSS6.7AI score0.22134EPSS

CVE•added 2019/10/10 2:15 p.m.•125 views

CVE-2019-1316

An elevation of privilege vulnerability exists in Microsoft Windows Setup when it does not properly handle privileges, aka 'Microsoft Windows Setup Elevation of Privilege Vulnerability'.

7.8CVSS8.4AI score0.00538EPSS

CVE•added 2019/10/10 2:15 p.m.•125 views

CVE-2019-1347

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1346.

7.1CVSS7.4AI score0.37278EPSS

CVE•added 2020/01/14 11:15 p.m.•125 views

CVE-2020-0634

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00513EPSS

CVE•added 2020/04/15 3:15 p.m.•125 views

CVE-2020-0687

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'.

9.3CVSS8.8AI score0.69886EPSS

CVE•added 2020/08/17 7:15 p.m.•125 views

CVE-2020-1558

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8.8AI score0.1249EPSS

CVE•added 2020/08/17 7:15 p.m.•125 views

CVE-2020-1587

An elevation of privilege vulnerability exists when the Windows Ancillary Function Driver for WinSock improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate p...

7.8CVSS8.7AI score0.00428EPSS

CVE•added 2021/04/13 8:15 p.m.•125 views

CVE-2021-28355

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.12162EPSS

CVE•added 2021/05/11 7:15 p.m.•125 views

CVE-2021-28479

Windows CSC Service Information Disclosure Vulnerability

5.5CVSS7AI score0.00285EPSS

CVE•added 2021/05/11 7:15 p.m.•125 views

CVE-2021-31208

Windows Container Manager Service Elevation of Privilege Vulnerability