Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 10
Total 4164 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-0838 1 Microsoft 7 Windows 10, Windows 8.1, Windows Rt 8.1 and 4 more 2021-07-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka 'NTFS Elevation of Privilege Vulnerability'.
CVE-2020-0833 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0848.
CVE-2020-0826 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
CVE-2020-0805 1 Microsoft 2 Windows 10, Windows Server 2016 2021-07-21 2.1 LOW 5.5 MEDIUM
A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly handles file redirections, aka 'Projected Filesystem Security Feature Bypass Vulnerability'.
CVE-2020-0834 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2021-07-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'.
CVE-2020-0967 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2021-07-21 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0966.
CVE-2020-0824 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.
CVE-2020-1001 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1006, CVE-2020-1017.
CVE-2020-1009 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-07-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists in the way that the Microsoft Store Install Service handles file operations in protected locations, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1011, CVE-2020-1015.
CVE-2020-0837 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 4.0 MEDIUM 5.3 MEDIUM
A spoofing vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'ADFS Spoofing Vulnerability'.
CVE-2020-1035 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1058, CVE-2020-1060, CVE-2020-1093.
CVE-2020-0910 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 7.7 HIGH 8.4 HIGH
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.
CVE-2020-1293 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2021-07-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1278.
CVE-2020-1056 1 Microsoft 4 Edge, Windows 10, Windows Server 2016 and 1 more 2021-07-21 5.8 MEDIUM 8.1 HIGH
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.
CVE-2020-0669 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0668, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.
CVE-2020-0948 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 9.3 HIGH 8.8 HIGH
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0949, CVE-2020-0950.
CVE-2020-1294 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 6.8 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1287.
CVE-2020-10649 2 Asus, Microsoft 2 Device Activation, Windows 10 2021-07-21 7.2 HIGH 7.8 HIGH
DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name.
CVE-2020-1556 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1533.
CVE-2020-1034 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2021-07-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.