VYPR

Windows 10 1909

by Microsoft

CVEs (3,248)

  • CVE-2017-0158HigApr 12, 2017
    risk 0.50cvss 7.5epss 0.13

    An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."

  • CVE-2017-0109HigMar 17, 2017
    risk 0.50cvss 7.6epss 0.05

    Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host OS via a crafted application,…

  • CVE-2017-0095HigMar 17, 2017
    risk 0.50cvss 7.6epss 0.04

    Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This vulnerability is different from…

  • CVE-2017-0075HigMar 17, 2017
    risk 0.50cvss 7.6epss 0.13

    Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host OS via a crafted application,…

  • CVE-2017-0014HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.18

    The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via a…

  • CVE-2016-7237MedNov 10, 2016
    risk 0.50cvss 6.5epss 0.65

    Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote…

  • CVE-2016-3375HigSep 14, 2016
    risk 0.50cvss 7.5epss 0.17

    The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow…

  • CVE-2016-3369HigSep 14, 2016
    risk 0.50cvss 7.5epss 0.12

    Microsoft Windows 10 Gold and 1511 allows attackers to cause a denial of service via unspecified vectors, aka "Windows Denial of Service Vulnerability."

  • CVE-2025-58726HigOct 14, 2025
    risk 0.49cvss 7.5epss 0.01

    Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

  • CVE-2025-49744HigJul 8, 2025
    risk 0.49cvss 7.0epss 0.01

    Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

  • CVE-2025-33056HigJun 10, 2025
    risk 0.49cvss 7.5epss 0.01

    Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network.

  • CVE-2025-32724HigJun 10, 2025
    risk 0.49cvss 7.5epss 0.02

    Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

  • CVE-2025-29969HigMay 13, 2025
    risk 0.49cvss 7.5epss 0.01

    Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

  • CVE-2025-29842HigMay 13, 2025
    risk 0.49cvss 7.5epss 0.00

    Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2025-29810HigApr 8, 2025
    risk 0.49cvss 7.5epss 0.02

    Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

  • CVE-2025-27484HigApr 8, 2025
    risk 0.49cvss 7.5epss 0.01

    Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

  • CVE-2025-27473HigApr 8, 2025
    risk 0.49cvss 7.5epss 0.02

    Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

  • CVE-2025-27469HigApr 8, 2025
    risk 0.49cvss 7.5epss 0.02

    Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

  • CVE-2025-26687HigApr 8, 2025
    risk 0.49cvss 7.5epss 0.01

    Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2025-26686HigApr 8, 2025
    risk 0.49cvss 7.5epss 0.01

    Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

Page 87 of 163