Windows 10 1809
by Microsoft
CVEs (3,332)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-17057 | Hig | 0.46 | 7.0 | 0.02 | Nov 11, 2020 | Windows Win32k Elevation of Privilege Vulnerability | ||
| CVE-2020-17007 | Hig | 0.46 | 7.0 | 0.01 | Nov 11, 2020 | Windows Error Reporting Elevation of Privilege Vulnerability | ||
| CVE-2020-16998 | Hig | 0.46 | 7.0 | 0.01 | Nov 11, 2020 | DirectX Elevation of Privilege Vulnerability | ||
| CVE-2020-16900 | Hig | 0.46 | 7.0 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | ||
| CVE-2020-16877 | Hig | 0.46 | 7.1 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions. To exploit… | ||
| CVE-2020-16876 | Hig | 0.46 | 7.1 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an… | ||
| CVE-2020-1308 | Hig | 0.46 | 7.0 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or… | ||
| CVE-2020-1245 | Hig | 0.46 | 7.0 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,… | ||
| CVE-2020-0912 | Hig | 0.46 | 7.0 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially… | ||
| CVE-2020-1488 | Hig | 0.46 | 7.0 | 0.01 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files. To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to… | ||
| CVE-2020-1477 | Hig | 0.46 | 7.0 | 0.03 | Aug 17, 2020 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are… | ||
| CVE-2020-1473 | Hig | 0.46 | 7.0 | 0.03 | Aug 17, 2020 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | ||
| CVE-2019-1186 | Hig | 0.46 | 7.0 | 0.01 | Aug 14, 2019 | An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could… | ||
| CVE-2019-1180 | Hig | 0.46 | 7.0 | 0.01 | Aug 14, 2019 | An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could… | ||
| CVE-2019-1179 | Hig | 0.46 | 7.0 | 0.01 | Aug 14, 2019 | An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could… | ||
| CVE-2019-1178 | Hig | 0.46 | 7.0 | 0.01 | Aug 14, 2019 | An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could… | ||
| CVE-2019-1177 | Hig | 0.46 | 7.0 | 0.01 | Aug 14, 2019 | An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run… | ||
| CVE-2019-1176 | Hig | 0.46 | 7.0 | 0.01 | Aug 14, 2019 | An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create… | ||
| CVE-2019-1175 | Hig | 0.46 | 7.0 | 0.01 | Aug 14, 2019 | An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could… | ||
| CVE-2019-1174 | Hig | 0.46 | 7.0 | 0.01 | Aug 14, 2019 | An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated… |
- risk 0.46cvss 7.0epss 0.02
Windows Win32k Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Error Reporting Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
DirectX Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- risk 0.46cvss 7.1epss 0.01
An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions. To exploit…
- risk 0.46cvss 7.1epss 0.01
An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files. To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to…
- risk 0.46cvss 7.0epss 0.03
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are…
- risk 0.46cvss 7.0epss 0.03
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated…
Page 106 of 167