Windows 10 1809
by Microsoft
CVEs (3,332)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-1047 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability… | |||
| CVE-2020-1080 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability… | |||
| CVE-2020-16975 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | |||
| CVE-2020-16976 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | |||
| CVE-2020-16973 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | |||
| CVE-2020-16974 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | |||
| CVE-2020-16972 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | |||
| CVE-2020-16940 | 0.00 | — | 0.02 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this… | |||
| CVE-2020-16936 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | |||
| CVE-2020-16935 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have… | |||
| CVE-2020-16922 | 0.00 | — | 0.01 | Oct 16, 2020 | A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security… | |||
| CVE-2020-16921 | 0.00 | — | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this… | |||
| CVE-2020-16919 | 0.00 | — | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files. An attacker with unprivileged access to a… | |||
| CVE-2020-16916 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have… | |||
| CVE-2020-16914 | 0.00 | — | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code… | |||
| CVE-2020-16913 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install… | |||
| CVE-2020-16912 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | |||
| CVE-2020-16910 | 0.00 | — | 0.03 | Oct 16, 2020 | A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location. To exploit this vulnerability, an… | |||
| CVE-2020-16908 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists in Windows Setup in the way it handles directories. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install… | |||
| CVE-2020-16909 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it. An attacker who successfully exploited the… |
- CVE-2020-1047Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability…
- CVE-2020-1080Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability…
- CVE-2020-16975Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- CVE-2020-16976Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- CVE-2020-16973Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- CVE-2020-16974Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- CVE-2020-16972Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- CVE-2020-16940Oct 16, 2020risk 0.00cvss —epss 0.02
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this…
- CVE-2020-16936Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- CVE-2020-16935Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have…
- CVE-2020-16922Oct 16, 2020risk 0.00cvss —epss 0.01
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security…
- CVE-2020-16921Oct 16, 2020risk 0.00cvss —epss 0.01
An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this…
- CVE-2020-16919Oct 16, 2020risk 0.00cvss —epss 0.01
An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files. An attacker with unprivileged access to a…
- CVE-2020-16916Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have…
- CVE-2020-16914Oct 16, 2020risk 0.00cvss —epss 0.01
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code…
- CVE-2020-16913Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install…
- CVE-2020-16912Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- CVE-2020-16910Oct 16, 2020risk 0.00cvss —epss 0.03
A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location. To exploit this vulnerability, an…
- CVE-2020-16908Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in Windows Setup in the way it handles directories. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install…
- CVE-2020-16909Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it. An attacker who successfully exploited the…
Page 157 of 167