Windows 10

CVEs (29)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2015-6175	Microsoft Windows 10	Hig	0.63	7.8	0.05	KEV	Dec 9, 2015	The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability."
CVE-2018-8350	Microsoft Windows 10	Hig	0.59	8.8	0.19		Aug 15, 2018	A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.
CVE-2016-3219	Microsoft Windows 10	Hig	0.54	7.8	0.06		Jun 16, 2016	The kernel-mode driver in Microsoft Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
CVE-2016-3237	Microsoft Windows	Hig	0.53	7.5	0.17		Aug 9, 2016	Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a…
CVE-2016-3203	Microsoft Windows Server 2012	Hig	0.53	7.8	0.33		Jun 16, 2016	Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability."
CVE-2018-8209	Microsoft Windows Server 2016	Hig	0.52	8.0	0.03		Jun 14, 2018	An information disclosure vulnerability exists when Windows allows a normal user to access the Wireless LAN profile of an administrative user, aka "Windows Wireless Network Profile Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10…
CVE-2018-8400	Microsoft Windows 10	Hig	0.51	7.8	0.02		Aug 15, 2018	An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from…
CVE-2018-0902	Microsoft Windows Server	Hig	0.51	7.8	0.01		Mar 14, 2018	The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709. Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver validates and enforces…
CVE-2018-0956	Microsoft Windows Server 2016	Hig	0.50	7.5	0.14		Apr 12, 2018	A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2018-8399	Microsoft Windows 10 Servers	Hig	0.46	7.0	0.01		Aug 15, 2018	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8404.
CVE-2018-8170	Microsoft Windows 10	Hig	0.46	7.0	0.01		May 9, 2018	An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka "Windows Image Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.
CVE-2018-8175	Microsoft Windows 10	Med	0.43	6.5	0.07		Jun 14, 2018	An denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory, aka "WEBDAV Denial of Service Vulnerability." This affects Windows 10 Servers, Windows 10.
CVE-2018-8445	Microsoft Windows 10	Med	0.36	5.5	0.03		Sep 13, 2018	An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419,…
CVE-2018-8200	Microsoft Windows Server 2016	Med	0.35	5.3	0.01		Aug 15, 2018	A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10,…
CVE-2018-8222	Microsoft Windows Server 2016	Med	0.35	5.3	0.02		Jul 11, 2018	A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10,…
CVE-2018-8217	Microsoft Windows Server 2016	Med	0.35	5.3	0.02		Jun 14, 2018	A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10.…
CVE-2018-8216	Microsoft Windows Server 2016	Med	0.35	5.3	0.02		Jun 14, 2018	A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10.…
CVE-2018-8211	Microsoft Windows 10 Servers	Med	0.35	5.3	0.02		Jun 14, 2018	A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows 10 Servers, Windows 10.…
CVE-2018-8129	Microsoft Windows Server 2016	Med	0.35	5.3	0.01		May 9, 2018	A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0854,…
CVE-2018-1035	Microsoft Windows 10	Med	0.35	5.3	0.01		Apr 19, 2018	A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows 10, Windows 10 Servers.

CVE-2015-6175HigKEVDec 9, 2015
Microsoft
Windows 10
risk 0.63cvss 7.8epss 0.05
The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability."
CVE-2018-8350HigAug 15, 2018
Microsoft
Windows 10
risk 0.59cvss 8.8epss 0.19
A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.
CVE-2016-3219HigJun 16, 2016
Microsoft
Windows 10
risk 0.54cvss 7.8epss 0.06
The kernel-mode driver in Microsoft Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
CVE-2016-3237HigAug 9, 2016
Microsoft
Windows
risk 0.53cvss 7.5epss 0.17
Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a…
CVE-2016-3203HigJun 16, 2016
Microsoft
Windows Server 2012
risk 0.53cvss 7.8epss 0.33
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability."
CVE-2018-8209HigJun 14, 2018
Microsoft
Windows Server 2016
risk 0.52cvss 8.0epss 0.03
An information disclosure vulnerability exists when Windows allows a normal user to access the Wireless LAN profile of an administrative user, aka "Windows Wireless Network Profile Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10…
CVE-2018-8400HigAug 15, 2018
Microsoft
Windows 10
risk 0.51cvss 7.8epss 0.02
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from…
CVE-2018-0902HigMar 14, 2018
Microsoft
Windows Server
risk 0.51cvss 7.8epss 0.01
The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709. Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver validates and enforces…
CVE-2018-0956HigApr 12, 2018
Microsoft
Windows Server 2016
risk 0.50cvss 7.5epss 0.14
A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2018-8399HigAug 15, 2018
Microsoft
Windows 10 Servers
risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8404.
CVE-2018-8170HigMay 9, 2018
Microsoft
Windows 10
risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka "Windows Image Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.
CVE-2018-8175MedJun 14, 2018
Microsoft
Windows 10
risk 0.43cvss 6.5epss 0.07
An denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory, aka "WEBDAV Denial of Service Vulnerability." This affects Windows 10 Servers, Windows 10.
CVE-2018-8445MedSep 13, 2018
Microsoft
Windows 10
risk 0.36cvss 5.5epss 0.03
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419,…
CVE-2018-8200MedAug 15, 2018
Microsoft
Windows Server 2016
risk 0.35cvss 5.3epss 0.01
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10,…
CVE-2018-8222MedJul 11, 2018
Microsoft
Windows Server 2016
risk 0.35cvss 5.3epss 0.02
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10,…
CVE-2018-8217MedJun 14, 2018
Microsoft
Windows Server 2016
risk 0.35cvss 5.3epss 0.02
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10.…
CVE-2018-8216MedJun 14, 2018
Microsoft
Windows Server 2016
risk 0.35cvss 5.3epss 0.02
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10.…
CVE-2018-8211MedJun 14, 2018
Microsoft
Windows 10 Servers
risk 0.35cvss 5.3epss 0.02
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows 10 Servers, Windows 10.…
CVE-2018-8129MedMay 9, 2018
Microsoft
Windows Server 2016
risk 0.35cvss 5.3epss 0.01
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0854,…
CVE-2018-1035MedApr 19, 2018
Microsoft
Windows 10
risk 0.35cvss 5.3epss 0.01
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows 10, Windows 10 Servers.

Page 1 of 2