VYPR

Windows 10 1809

by Microsoft

CVEs (3,332)

  • CVE-2026-20930HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

  • CVE-2026-26128HigMar 10, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

  • CVE-2026-25187HigMar 10, 2026
    risk 0.51cvss 7.8epss 0.03

    Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.

  • CVE-2026-20864HigJan 13, 2026
    risk 0.51cvss 7.8epss 0.01

    Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.

  • CVE-2025-30388HigMay 13, 2025
    risk 0.51cvss 7.8epss 0.03

    Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

  • CVE-2025-21338HigJan 14, 2025
    risk 0.51cvss 7.8epss 0.00

    GDI+ Remote Code Execution Vulnerability

  • CVE-2024-38250HigSep 10, 2024
    risk 0.51cvss 7.8epss 0.01

    Windows Graphics Component Elevation of Privilege Vulnerability

  • CVE-2022-26926HigMay 10, 2022
    risk 0.51cvss 7.8epss 0.03

    Windows Address Book Remote Code Execution Vulnerability

  • CVE-2022-26795HigApr 15, 2022
    risk 0.51cvss 7.8epss 0.01

    Windows Print Spooler Elevation of Privilege Vulnerability

  • CVE-2017-0082HigMar 17, 2017
    risk 0.51cvss 7.8epss 0.02

    The kernel-mode drivers in Microsoft Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0024, CVE-2017-0026, CVE-2017-0056,…

  • CVE-2017-0080HigMar 17, 2017
    risk 0.51cvss 7.8epss 0.02

    The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0024,…

  • CVE-2017-0026HigMar 17, 2017
    risk 0.51cvss 7.8epss 0.02

    The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0024,…

  • CVE-2013-3900MedKEVDec 11, 2013
    risk 0.51cvss 5.5epss 0.45

    Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows…

  • CVE-2016-3369HigSep 14, 2016
    risk 0.50cvss 7.5epss 0.12

    Microsoft Windows 10 Gold and 1511 allows attackers to cause a denial of service via unspecified vectors, aka "Windows Denial of Service Vulnerability."

  • CVE-2026-48563HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.01

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-44801HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-42992HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-42909HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-40406HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.01

    Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-35424HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.01

    Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.

Page 7 of 167