Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 10
Total 4164 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-1021 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2020-08-24 4.6 MEDIUM 7.8 HIGH
An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1007, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028.
CVE-2019-1019 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2020-08-24 6.0 MEDIUM 8.5 HIGH
A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'Microsoft Windows Security Feature Bypass Vulnerability'.
CVE-2019-1018 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2020-08-24 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.
CVE-2019-1017 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2020-08-24 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0960, CVE-2019-1014.
CVE-2019-1014 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2020-08-24 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0960, CVE-2019-1017.
CVE-2019-1007 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2020-08-24 4.6 MEDIUM 7.8 HIGH
An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1021, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028.
CVE-2019-1006 1 Microsoft 13 .net Framework, Identitymodel, Sharepoint Enterprise Server and 10 more 2020-08-24 5.0 MEDIUM 7.5 HIGH
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
CVE-2019-1005 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-0988, CVE-2019-1055, CVE-2019-1080.
CVE-2019-1004 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1001, CVE-2019-1056, CVE-2019-1059.
CVE-2019-1003 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
CVE-2019-1002 1 Microsoft 3 Edge, Windows 10, Windows Server 2016 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
CVE-2019-1001 1 Microsoft 11 Chakracore, Edge, Internet Explorer and 8 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1004, CVE-2019-1056, CVE-2019-1059.
CVE-2019-0999 1 Microsoft 2 Windows 10, Windows Server 2016 2020-08-24 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.
CVE-2019-0998 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2020-08-24 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0983.
CVE-2019-0995 1 Microsoft 2 Internet Explorer, Windows 10 2020-08-24 6.8 MEDIUM 8.8 HIGH
A security feature bypass vulnerability exists when urlmon.dll improperly handles certain Mark of the Web queries, aka 'Internet Explorer Security Feature Bypass Vulnerability'.
CVE-2019-0993 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0992, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
CVE-2019-0992 1 Microsoft 4 Edge, Windows 10, Windows Server 2016 and 1 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0991, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
CVE-2019-0991 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0989, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
CVE-2019-0989 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0991, CVE-2019-0992, CVE-2019-0993, CVE-2019-1002, CVE-2019-1003, CVE-2019-1024, CVE-2019-1051, CVE-2019-1052.
CVE-2019-0986 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2020-08-24 3.6 LOW 7.1 HIGH
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.