Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 10
Total 4164 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-1311 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2020-08-24 9.3 HIGH 7.8 HIGH
A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory, aka 'Windows Imaging API Remote Code Execution Vulnerability'.
CVE-2018-0836 1 Microsoft 3 Chakracore, Edge, Windows 10 2020-08-24 7.6 HIGH 7.5 HIGH
Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.
CVE-2018-0835 1 Microsoft 4 Chakracore, Edge, Windows 10 and 1 more 2020-08-24 7.6 HIGH 7.5 HIGH
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.
CVE-2019-1307 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1308, CVE-2019-1335, CVE-2019-1366.
CVE-2019-1308 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1335, CVE-2019-1366.
CVE-2018-0834 1 Microsoft 4 Chakracore, Edge, Windows 10 and 1 more 2020-08-24 9.3 HIGH 7.5 HIGH
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.
CVE-2019-1303 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2020-08-24 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1253, CVE-2019-1278.
CVE-2019-1300 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1298.
CVE-2018-0832 1 Microsoft 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more 2020-08-24 1.9 LOW 4.7 MEDIUM
The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0829 and CVE-2018-0830.
CVE-2019-1299 1 Microsoft 3 Edge, Windows 10, Windows Server 2019 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'.
CVE-2019-1298 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1300.
CVE-2019-1294 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2020-08-24 2.1 LOW 4.6 MEDIUM
A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'.
CVE-2019-1292 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2020-08-24 6.8 MEDIUM 4.9 MEDIUM
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.
CVE-2019-1291 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2020-08-24 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-0788, CVE-2019-1290.
CVE-2019-1290 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2020-08-24 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-0788, CVE-2019-1291.
CVE-2019-1289 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2020-08-24 3.6 LOW 5.5 MEDIUM
An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions, aka 'Windows Update Delivery Optimization Elevation of Privilege Vulnerability'.
CVE-2019-1287 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2020-08-24 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists in the way that the Windows Network Connectivity Assistant handles objects in memory, aka 'Windows Network Connectivity Assistant Elevation of Privilege Vulnerability'.
CVE-2019-1285 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2020-08-24 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1256.
CVE-2019-1282 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2020-08-24 2.1 LOW 5.5 MEDIUM
An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.
CVE-2019-1280 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2020-08-24 9.3 HIGH 7.8 HIGH
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.