Windows 10 Security Vulnerabilities and Issues — Page 5 of Windows 10 CVE List

Lucene search

MicrosoftWindows 10

249 matches found

CVE•added 2018/03/14 5:29 p.m.•95 views

CVE-2018-0888

The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnera...

5.6CVSS5.6AI score0.00559EPSS

CVE•added 2018/04/12 1:29 a.m.•95 views

CVE-2018-0975

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2...

5.5CVSS5AI score0.02612EPSS

CVE•added 2018/04/12 1:29 a.m.•95 views

CVE-2018-1003

A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Win...

9.3CVSS7.3AI score0.1591EPSS

CVE•added 2018/06/14 12:29 p.m.•95 views

CVE-2018-8209

An information disclosure vulnerability exists when Windows allows a normal user to access the Wireless LAN profile of an administrative user, aka "Windows Wireless Network Profile Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

8CVSS7.4AI score0.03861EPSS

CVE•added 2018/09/13 12:29 a.m.•95 views

CVE-2018-8462

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

7.8CVSS7.5AI score0.00502EPSS

CVE•added 2018/03/14 5:29 p.m.•94 views

CVE-2018-0894

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memo...

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/05/09 7:29 p.m.•94 views

CVE-2018-8165

7.8CVSS8AI score0.00397EPSS

CVE•added 2018/05/09 7:29 p.m.•94 views

CVE-2018-8170

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka "Windows Image Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

7CVSS7.5AI score0.00626EPSS

CVE•added 2018/06/14 12:29 p.m.•94 views

CVE-2018-8211

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique ...

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/02/15 2:29 a.m.•93 views

CVE-2018-0831

The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability".

7.8CVSS6.7AI score0.00717EPSS

CVE•added 2018/03/14 5:29 p.m.•93 views

CVE-2018-0881

The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled i...

7CVSS6.2AI score0.00565EPSS

CVE•added 2018/06/14 12:29 p.m.•93 views

CVE-2018-8201

4.5CVSS5.2AI score0.01097EPSS

CVE•added 2018/06/14 12:29 p.m.•93 views

CVE-2018-8219

An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

8.8CVSS8.6AI score0.0056EPSS

CVE•added 2018/06/14 12:29 p.m.•93 views

CVE-2018-8221

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/10/10 1:29 p.m.•93 views

CVE-2018-8497

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

7.8CVSS7.6AI score0.00245EPSS

CVE•added 2018/03/14 5:29 p.m.•92 views

CVE-2018-0902

The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709. Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver validates and enforces impersonation levels, ...

7.8CVSS7.3AI score0.00517EPSS

CVE•added 2018/06/14 12:29 p.m.•92 views

CVE-2018-8121

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8207.

4.7CVSS5.3AI score0.01934EPSS

CVE•added 2018/05/09 7:29 p.m.•92 views

CVE-2018-8141

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8127.

4.7CVSS5.3AI score0.02721EPSS

CVE•added 2018/09/13 12:29 a.m.•92 views

CVE-2018-8435

A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

4.2CVSS5.4AI score0.0031EPSS

CVE•added 2018/03/14 5:29 p.m.•91 views

CVE-2018-0885

The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows a denial of service vulnerability due to how input from a pri...

6.3CVSS5.7AI score0.01134EPSS

CVE•added 2018/07/11 12:29 a.m.•91 views

CVE-2018-8222

5.3CVSS6.6AI score0.00233EPSS

CVE•added 2018/03/14 5:29 p.m.•90 views

CVE-2018-0926

5.5CVSS4.7AI score0.06807EPSS

CVE•added 2018/04/12 1:29 a.m.•90 views

CVE-2018-1009

An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Wind...

7.8CVSS6.6AI score0.00491EPSS

CVE•added 2018/06/14 12:29 p.m.•90 views

CVE-2018-8212

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/06/14 12:29 p.m.•90 views

CVE-2018-8231

A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

9.3CVSS8.6AI score0.51157EPSS

CVE•added 2018/08/15 5:29 p.m.•90 views

CVE-2018-8347

An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

7.8CVSS7.8AI score0.00375EPSS

CVE•added 2018/06/14 12:29 p.m.•89 views

CVE-2018-8215

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/03/14 5:29 p.m.•87 views

CVE-2018-0899

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/06/14 12:29 p.m.•87 views

CVE-2018-8218

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows 10, Windows 10 Servers.

7.7CVSS7.6AI score0.01415EPSS

CVE•added 2018/09/13 12:29 a.m.•87 views

CVE-2018-8337

A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles case sensitivity, aka "Windows Subsystem for Linux Security Feature Bypass Vulnerability." This affects Windows 10, Windows 10 Servers.

5.3CVSS6.3AI score0.0029EPSS

CVE•added 2018/12/12 12:29 a.m.•87 views

CVE-2018-8637

An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass, aka "Win32k Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Window...

5.5CVSS6.2AI score0.01202EPSS

CVE•added 2018/08/15 5:29 p.m.•83 views

CVE-2018-8253

An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka "Microsoft Cortana Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10.

4.6CVSS6.3AI score0.01532EPSS

CVE•added 2018/02/15 2:29 a.m.•80 views

CVE-2018-0828

Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability".

7.8CVSS7AI score0.00814EPSS

CVE•added 2018/09/13 12:29 a.m.•77 views

CVE-2018-8441

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

7.8CVSS7.8AI score0.01988EPSS

CVE•added 2018/12/12 12:29 a.m.•76 views

CVE-2018-8649

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 10, Windows Server 2019.

5.5CVSS7AI score0.00288EPSS

CVE•added 2018/06/14 12:29 p.m.•74 views

CVE-2018-8216

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/09/13 12:29 a.m.•74 views

CVE-2018-8444

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka "Windows SMB Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2.

5.9CVSS5.8AI score0.03758EPSS

CVE•added 2018/08/15 5:29 p.m.•73 views

CVE-2018-8399

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8404.

7CVSS6.7AI score0.00945EPSS

CVE•added 2018/09/13 12:29 a.m.•73 views

CVE-2018-8436

6.2CVSS6.2AI score0.00513EPSS

CVE•added 2018/06/14 12:29 p.m.•72 views

CVE-2018-8217

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/09/13 12:29 a.m.•72 views

CVE-2018-8445

5.5CVSS5.7AI score0.04881EPSS

CVE•added 2018/07/11 12:29 a.m.•70 views

CVE-2018-8314

An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2, Wi...

4.7CVSS6.1AI score0.00563EPSS

CVE•added 2018/04/12 1:29 a.m.•69 views

CVE-2018-1004

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windo...

9.3CVSS7.3AI score0.15983EPSS

CVE•added 2018/12/12 12:29 a.m.•69 views

CVE-2018-8638

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 10, Windows Server 2019.

5.5CVSS6.6AI score0.01202EPSS

CVE•added 2018/09/13 12:29 a.m.•68 views

CVE-2018-8437

6.2CVSS6.2AI score0.00513EPSS

CVE•added 2018/06/14 12:29 p.m.•67 views

CVE-2018-8233

7.8CVSS8.1AI score0.00951EPSS

CVE•added 2018/10/10 1:29 p.m.•67 views

CVE-2018-8329

An Elevation of Privilege vulnerability exists in Windows Subsystem for Linux when it fails to properly handle objects in memory, aka "Linux On Windows Elevation Of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

7.8CVSS7.3AI score0.00477EPSS

CVE•added 2018/08/15 5:29 p.m.•64 views

CVE-2018-8350

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.

9.3CVSS8.8AI score0.16701EPSS

CVE•added 2018/02/28 10:29 p.m.•55 views

CVE-2018-6947

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.

7.8CVSS7.4AI score0.00834EPSS

Total number of security vulnerabilities249