Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 10
Total 4164 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-0838 1 Microsoft 7 Windows 10, Windows 8.1, Windows Rt 8.1 and 4 more 2021-07-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka 'NTFS Elevation of Privilege Vulnerability'.
CVE-2020-1131 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1185, CVE-2020-1186, CVE-2020-1187, CVE-2020-1188, CVE-2020-1189, CVE-2020-1190, CVE-2020-1191.
CVE-2020-0839 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory, aka 'Windows dnsrslvr.dll Elevation of Privilege Vulnerability'.
CVE-2020-0837 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 4.0 MEDIUM 5.3 MEDIUM
A spoofing vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'ADFS Spoofing Vulnerability'.
CVE-2020-1409 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-07-21 9.3 HIGH 7.8 HIGH
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'.
CVE-2020-16914 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-07-21 2.1 LOW 5.5 MEDIUM
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'.
CVE-2020-1184 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1185, CVE-2020-1186, CVE-2020-1187, CVE-2020-1188, CVE-2020-1189, CVE-2020-1190, CVE-2020-1191.
CVE-2020-1072 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-07-21 2.1 LOW 5.5 MEDIUM
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.
CVE-2020-1084 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 2.1 LOW 5.5 MEDIUM
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values.An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the Connected User Experiences and Telemetry Service validates certain function values., aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-1123.
CVE-2020-1520 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-07-21 7.2 HIGH 7.8 HIGH
A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by correcting how the Windows Font Driver Host handles memory., aka 'Windows Font Driver Host Remote Code Execution Vulnerability'.
CVE-2020-1067 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-07-21 9.0 HIGH 8.8 HIGH
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
CVE-2020-1086 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1149, CVE-2020-1151, CVE-2020-1155, CVE-2020-1156, CVE-2020-1157, CVE-2020-1158, CVE-2020-1164.
CVE-2020-1075 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 2.1 LOW 5.5 MEDIUM
An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'.
CVE-2020-1239 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-07-21 6.8 MEDIUM 8.8 HIGH
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1238.
CVE-2020-1080 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory, aka 'Windows Hyper-V Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1047.
CVE-2020-1078 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-07-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'.
CVE-2020-1238 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 6.8 MEDIUM 8.8 HIGH
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1239.
CVE-2020-1034 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2021-07-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
CVE-2020-1037 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.
CVE-2020-1187 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2021-07-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1185, CVE-2020-1186, CVE-2020-1188, CVE-2020-1189, CVE-2020-1190, CVE-2020-1191.