Windows 10 1909
by Microsoft
CVEs (3,253)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-1004 | Hig | 0.59 | 8.8 | 0.19 | Apr 12, 2018 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server… | ||
| CVE-2017-11763 | Hig | 0.59 | 8.8 | 0.17 | Oct 13, 2017 | The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way… | ||
| CVE-2017-11762 | Hig | 0.59 | 8.8 | 0.17 | Oct 13, 2017 | The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way… | ||
| CVE-2017-8527 | Hig | 0.59 | 8.8 | 0.19 | Jun 15, 2017 | Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it handles objects in memory, aka… | ||
| CVE-2017-0021 | Cri | 0.59 | 9.0 | 0.02 | Mar 17, 2017 | Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is different from that described in… | ||
| CVE-2016-7273 | Hig | 0.59 | 8.8 | 0.19 | Dec 20, 2016 | The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability." | ||
| CVE-2016-7217 | Hig | 0.59 | 8.8 | 0.22 | Nov 10, 2016 | Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Media Foundation Memory Corruption Vulnerability." | ||
| CVE-2016-7205 | Hig | 0.59 | 8.8 | 0.22 | Nov 10, 2016 | Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows… | ||
| CVE-2016-3368 | Hig | 0.59 | 8.8 | 0.18 | Sep 14, 2016 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging a domain account to make a… | ||
| CVE-2016-3352 | Hig | 0.59 | 8.8 | 0.21 | Sep 14, 2016 | Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via a brute-force attack on NTLM password hashes, aka "Microsoft Information… | ||
| CVE-2016-0195 | Hig | 0.59 | 8.8 | 0.18 | May 11, 2016 | The Imaging Component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka… | ||
| CVE-2016-0184 | Hig | 0.59 | 8.8 | 0.19 | May 11, 2016 | Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted… | ||
| CVE-2016-0178 | Hig | 0.59 | 8.8 | 0.17 | May 11, 2016 | The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles free operations, which allows remote attackers to execute arbitrary code… | ||
| CVE-2016-0101 | Hig | 0.59 | 8.8 | 0.20 | Mar 9, 2016 | Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution… | ||
| CVE-2016-0098 | Hig | 0.59 | 8.8 | 0.20 | Mar 9, 2016 | Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution Vulnerability." | ||
| CVE-2023-35641 | Hig | 0.58 | 8.8 | 0.07 | Dec 12, 2023 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | ||
| CVE-2023-35630 | Hig | 0.58 | 8.8 | 0.06 | Dec 12, 2023 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | ||
| CVE-2023-36400 | Hig | 0.58 | 8.8 | 0.04 | Nov 14, 2023 | Windows HMAC Key Derivation Elevation of Privilege Vulnerability | ||
| CVE-2023-28229 | Hig | 0.58 | 7.0 | 0.02 | KEV | Apr 11, 2023 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | |
| CVE-2022-26927 | Hig | 0.58 | 8.8 | 0.04 | May 10, 2022 | Windows Graphics Component Remote Code Execution Vulnerability |
- risk 0.59cvss 8.8epss 0.19
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server…
- risk 0.59cvss 8.8epss 0.17
The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way…
- risk 0.59cvss 8.8epss 0.17
The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way…
- risk 0.59cvss 8.8epss 0.19
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it handles objects in memory, aka…
- risk 0.59cvss 9.0epss 0.02
Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is different from that described in…
- risk 0.59cvss 8.8epss 0.19
The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability."
- risk 0.59cvss 8.8epss 0.22
Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Media Foundation Memory Corruption Vulnerability."
- risk 0.59cvss 8.8epss 0.22
Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows…
- risk 0.59cvss 8.8epss 0.18
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging a domain account to make a…
- risk 0.59cvss 8.8epss 0.21
Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via a brute-force attack on NTLM password hashes, aka "Microsoft Information…
- risk 0.59cvss 8.8epss 0.18
The Imaging Component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka…
- risk 0.59cvss 8.8epss 0.19
Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted…
- risk 0.59cvss 8.8epss 0.17
The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles free operations, which allows remote attackers to execute arbitrary code…
- risk 0.59cvss 8.8epss 0.20
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution…
- risk 0.59cvss 8.8epss 0.20
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution Vulnerability."
- risk 0.58cvss 8.8epss 0.07
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
- risk 0.58cvss 8.8epss 0.06
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
- risk 0.58cvss 8.8epss 0.04
Windows HMAC Key Derivation Elevation of Privilege Vulnerability
- risk 0.58cvss 7.0epss 0.02
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
- risk 0.58cvss 8.8epss 0.04
Windows Graphics Component Remote Code Execution Vulnerability
Page 10 of 163