Windows 10 1607
by Microsoft
CVEs (3,413)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-1554 | 0.01 | — | 0.03 | Aug 17, 2020 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are… | |||
| CVE-2020-1534 | 0.01 | — | 0.03 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to… | |||
| CVE-2020-1531 | 0.01 | — | 0.03 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate… | |||
| CVE-2020-1525 | 0.01 | — | 0.03 | Aug 17, 2020 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are… | |||
| CVE-2020-1510 | 0.01 | — | 0.05 | Aug 17, 2020 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an… | |||
| CVE-2020-1509 | 0.01 | — | 0.03 | Aug 17, 2020 | An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of… | |||
| CVE-2020-1492 | 0.01 | — | 0.03 | Aug 17, 2020 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are… | |||
| CVE-2020-1478 | 0.01 | — | 0.03 | Aug 17, 2020 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are… | |||
| CVE-2020-1339 | 0.01 | — | 0.03 | Aug 17, 2020 | A remote code execution vulnerability exists when Windows Media Audio Codec improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system. There are multiple ways an attacker could exploit the vulnerability, such as… | |||
| CVE-2019-1212 | 0.01 | — | 0.07 | Aug 14, 2019 | A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding. To exploit the vulnerability, a remote… | |||
| CVE-2019-1156 | 0.01 | — | 0.04 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2019-1172 | 0.01 | — | 0.04 | Aug 14, 2019 | An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account. To exploit the vulnerability, an attacker would… | |||
| CVE-2019-1155 | 0.01 | — | 0.04 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2019-0736 | 0.01 | — | 0.04 | Aug 14, 2019 | A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an… | |||
| CVE-2019-1146 | 0.01 | — | 0.04 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2019-1147 | 0.01 | — | 0.04 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | |||
| CVE-2019-1050 | 0.01 | — | 0.04 | Jun 12, 2019 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an… | |||
| CVE-2019-1046 | 0.01 | — | 0.04 | Jun 12, 2019 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an… | |||
| CVE-2019-1025 | 0.01 | — | 0.05 | Jun 12, 2019 | A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected… | |||
| CVE-2019-1010 | 0.01 | — | 0.04 | Jun 12, 2019 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an… |
- CVE-2020-1554Aug 17, 2020risk 0.01cvss —epss 0.03
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are…
- CVE-2020-1534Aug 17, 2020risk 0.01cvss —epss 0.03
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to…
- CVE-2020-1531Aug 17, 2020risk 0.01cvss —epss 0.03
An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate…
- CVE-2020-1525Aug 17, 2020risk 0.01cvss —epss 0.03
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are…
- CVE-2020-1510Aug 17, 2020risk 0.01cvss —epss 0.05
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an…
- CVE-2020-1509Aug 17, 2020risk 0.01cvss —epss 0.03
An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of…
- CVE-2020-1492Aug 17, 2020risk 0.01cvss —epss 0.03
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are…
- CVE-2020-1478Aug 17, 2020risk 0.01cvss —epss 0.03
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are…
- CVE-2020-1339Aug 17, 2020risk 0.01cvss —epss 0.03
A remote code execution vulnerability exists when Windows Media Audio Codec improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system. There are multiple ways an attacker could exploit the vulnerability, such as…
- CVE-2019-1212Aug 14, 2019risk 0.01cvss —epss 0.07
A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding. To exploit the vulnerability, a remote…
- CVE-2019-1156Aug 14, 2019risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2019-1172Aug 14, 2019risk 0.01cvss —epss 0.04
An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account. To exploit the vulnerability, an attacker would…
- CVE-2019-1155Aug 14, 2019risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2019-0736Aug 14, 2019risk 0.01cvss —epss 0.04
A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an…
- CVE-2019-1146Aug 14, 2019risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2019-1147Aug 14, 2019risk 0.01cvss —epss 0.04
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- CVE-2019-1050Jun 12, 2019risk 0.01cvss —epss 0.04
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an…
- CVE-2019-1046Jun 12, 2019risk 0.01cvss —epss 0.04
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an…
- CVE-2019-1025Jun 12, 2019risk 0.01cvss —epss 0.05
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected…
- CVE-2019-1010Jun 12, 2019risk 0.01cvss —epss 0.04
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an…
Page 48 of 171