Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 10
Total 4111 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-1085 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory, aka 'Windows WLAN Service Elevation of Privilege Vulnerability'.
CVE-2019-1083 1 Microsoft 9 .net Framework, Windows 10, Windows 7 and 6 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests, aka '.NET Denial of Service Vulnerability'.
CVE-2019-1082 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2024-11-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists in Microsoft Windows where a certain DLL, with Local Service privilege, is vulnerable to race planting a customized DLL.An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM.The update addresses this vulnerability by requiring SYSTEM privileges for a certain DLL., aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1074.
CVE-2019-1081 1 Microsoft 10 Edge, Internet Explorer, Windows 10 and 7 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka 'Microsoft Browser Information Disclosure Vulnerability'.
CVE-2019-1080 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2024-11-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-0988, CVE-2019-1005, CVE-2019-1055.
CVE-2019-1078 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2024-11-21 2.1 LOW 5.5 MEDIUM
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory.
CVE-2019-1074 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2024-11-21 2.1 LOW 5.5 MEDIUM
An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vulnerability by not allowing symbolic links in these scenarios., aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1082.
CVE-2019-1073 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2024-11-21 2.1 LOW 5.5 MEDIUM
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071.
CVE-2019-1071 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2024-11-21 2.1 LOW 5.5 MEDIUM
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1073.
CVE-2019-1067 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2024-11-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
CVE-2019-1065 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2024-11-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1041.
CVE-2019-1064 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2024-11-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'.
CVE-2019-1063 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2024-11-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.
CVE-2019-1062 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2024-11-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107.
CVE-2019-1060 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2024-11-21 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'.
CVE-2019-1059 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2024-11-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1001, CVE-2019-1004, CVE-2019-1056.
CVE-2019-1057 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2024-11-21 9.3 HIGH 7.5 HIGH
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input.
CVE-2019-1056 1 Microsoft 8 Internet Explorer, Windows 10, Windows 7 and 5 more 2024-11-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1001, CVE-2019-1004, CVE-2019-1059.
CVE-2019-1055 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2024-11-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-0988, CVE-2019-1005, CVE-2019-1080.
CVE-2019-1054 1 Microsoft 4 Edge, Windows 10, Windows Server 2016 and 1 more 2024-11-21 5.1 MEDIUM 5.0 MEDIUM
A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW), aka 'Microsoft Edge Security Feature Bypass Vulnerability'.