Windows 10 1809
by Microsoft
CVEs (3,332)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-38144 | 0.06 | — | 0.32 | Aug 13, 2024 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | |||
| CVE-2023-21752 | 0.06 | — | 0.05 | Jan 10, 2023 | Windows Backup Service Elevation of Privilege Vulnerability | |||
| CVE-2021-1678 | 0.06 | — | 0.09 | Jan 12, 2021 | Windows Print Spooler Spoofing Vulnerability | |||
| CVE-2019-1181 | 0.06 | — | 0.75 | Aug 14, 2019 | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and… | |||
| CVE-2019-1152 | 0.06 | — | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-1144 | 0.06 | — | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-1149 | 0.06 | — | 0.14 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-1145 | 0.06 | — | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-0948 | 0.06 | — | 0.13 | Jun 12, 2019 | An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external… | |||
| CVE-2025-50154 | 0.05 | — | 0.26 | Aug 12, 2025 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2024-43532 | 0.05 | — | 0.12 | Oct 8, 2024 | Remote Registry Service Elevation of Privilege Vulnerability | |||
| CVE-2024-38030 | 0.05 | — | 0.51 | Jul 9, 2024 | Windows Themes Spoofing Vulnerability | |||
| CVE-2024-21320 | 0.05 | — | 0.23 | Jan 9, 2024 | Windows Themes Spoofing Vulnerability | |||
| CVE-2019-1125 | 0.05 | — | 0.05 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would… | |||
| CVE-2019-1151 | 0.05 | — | 0.15 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-1150 | 0.05 | — | 0.29 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-0888 | 0.05 | — | 0.11 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that… | |||
| CVE-2025-47987 | 0.04 | — | 0.02 | Jul 8, 2025 | Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-32724 | 0.04 | — | 0.02 | Jun 10, 2025 | Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | |||
| CVE-2024-30038 | 0.04 | — | 0.03 | May 14, 2024 | Win32k Elevation of Privilege Vulnerability |
- CVE-2024-38144Aug 13, 2024risk 0.06cvss —epss 0.32
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2023-21752Jan 10, 2023risk 0.06cvss —epss 0.05
Windows Backup Service Elevation of Privilege Vulnerability
- CVE-2021-1678Jan 12, 2021risk 0.06cvss —epss 0.09
Windows Print Spooler Spoofing Vulnerability
- CVE-2019-1181Aug 14, 2019risk 0.06cvss —epss 0.75
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and…
- CVE-2019-1152Aug 14, 2019risk 0.06cvss —epss 0.13
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-1144Aug 14, 2019risk 0.06cvss —epss 0.13
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-1149Aug 14, 2019risk 0.06cvss —epss 0.14
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-1145Aug 14, 2019risk 0.06cvss —epss 0.13
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-0948Jun 12, 2019risk 0.06cvss —epss 0.13
An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external…
- CVE-2025-50154Aug 12, 2025risk 0.05cvss —epss 0.26
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
- CVE-2024-43532Oct 8, 2024risk 0.05cvss —epss 0.12
Remote Registry Service Elevation of Privilege Vulnerability
- CVE-2024-38030Jul 9, 2024risk 0.05cvss —epss 0.51
Windows Themes Spoofing Vulnerability
- CVE-2024-21320Jan 9, 2024risk 0.05cvss —epss 0.23
Windows Themes Spoofing Vulnerability
- CVE-2019-1125Sep 3, 2019risk 0.05cvss —epss 0.05
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would…
- CVE-2019-1151Aug 14, 2019risk 0.05cvss —epss 0.15
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-1150Aug 14, 2019risk 0.05cvss —epss 0.29
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-0888Jun 12, 2019risk 0.05cvss —epss 0.11
A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that…
- CVE-2025-47987Jul 8, 2025risk 0.04cvss —epss 0.02
Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
- CVE-2025-32724Jun 10, 2025risk 0.04cvss —epss 0.02
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
- CVE-2024-30038May 14, 2024risk 0.04cvss —epss 0.03
Win32k Elevation of Privilege Vulnerability
Page 21 of 167