|
Microsoft » Windows 10 : Security Vulnerabilities (CVSS score between 2 and 2.99)
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2019-0569 |
200 |
|
+Info |
2019-01-08 |
2019-01-15 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0536, CVE-2019-0549, CVE-2019-0554. |
2 |
CVE-2019-0554 |
200 |
|
+Info |
2019-01-08 |
2019-01-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0536, CVE-2019-0549, CVE-2019-0569. |
3 |
CVE-2019-0553 |
200 |
|
+Info |
2019-01-08 |
2019-01-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka "Windows Subsystem for Linux Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. |
4 |
CVE-2019-0549 |
200 |
|
+Info |
2019-01-08 |
2019-01-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0536, CVE-2019-0554, CVE-2019-0569. |
5 |
CVE-2019-0536 |
200 |
|
+Info |
2019-01-08 |
2019-01-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0549, CVE-2019-0554, CVE-2019-0569. |
6 |
CVE-2018-8638 |
200 |
|
+Info |
2018-12-11 |
2019-01-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 10, Windows Server 2019. |
7 |
CVE-2018-8637 |
200 |
|
Bypass +Info |
2018-12-11 |
2019-01-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass, aka "Win32k Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. |
8 |
CVE-2018-8612 |
20 |
|
DoS |
2018-12-11 |
2019-01-04 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values, aka "Connected User Experiences and Telemetry Service Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. |
9 |
CVE-2018-8566 |
254 |
|
Bypass |
2018-11-13 |
2018-12-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption, aka "BitLocker Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. |
10 |
CVE-2018-8565 |
200 |
|
+Info |
2018-11-13 |
2018-12-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka "Win32k Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
11 |
CVE-2018-8549 |
254 |
|
Bypass |
2018-11-13 |
2018-12-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. |
12 |
CVE-2018-8514 |
200 |
|
+Info |
2018-12-11 |
2018-12-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory, aka "Remote Procedure Call runtime Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
13 |
CVE-2018-8486 |
200 |
|
+Info |
2018-10-10 |
2018-11-28 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
14 |
CVE-2018-8482 |
200 |
|
+Info |
2018-10-10 |
2018-12-03 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8481. |
15 |
CVE-2018-8481 |
200 |
|
+Info |
2018-10-10 |
2018-12-03 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8482. |
16 |
CVE-2018-8477 |
200 |
|
+Info |
2018-12-11 |
2018-12-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8621, CVE-2018-8622. |
17 |
CVE-2018-8472 |
200 |
|
+Info |
2018-10-10 |
2018-12-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
18 |
CVE-2018-8454 |
200 |
|
+Info |
2018-11-13 |
2018-12-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when Windows Audio Service fails to properly handle objects in memory, aka "Windows Audio Service Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. |
19 |
CVE-2018-8449 |
254 |
|
Bypass |
2018-09-12 |
2018-11-20 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |
20 |
CVE-2018-8446 |
200 |
|
+Info |
2018-09-12 |
2018-11-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419, CVE-2018-8442, CVE-2018-8443, CVE-2018-8445. |
21 |
CVE-2018-8445 |
200 |
|
+Info |
2018-09-12 |
2018-11-01 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419, CVE-2018-8442, CVE-2018-8443, CVE-2018-8446. |
22 |
CVE-2018-8443 |
200 |
|
+Info |
2018-09-12 |
2018-11-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419, CVE-2018-8442, CVE-2018-8445, CVE-2018-8446. |
23 |
CVE-2018-8442 |
200 |
|
+Info |
2018-09-12 |
2018-11-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419, CVE-2018-8443, CVE-2018-8445, CVE-2018-8446. |
24 |
CVE-2018-8435 |
254 |
|
Bypass |
2018-09-12 |
2018-11-07 |
2.3 |
None |
Local Network |
Medium |
Single system |
None |
Partial |
None |
A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |
25 |
CVE-2018-8419 |
200 |
|
+Info |
2018-09-12 |
2018-11-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8442, CVE-2018-8443, CVE-2018-8445, CVE-2018-8446. |
26 |
CVE-2018-8408 |
200 |
|
+Info |
2018-11-13 |
2018-12-13 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
27 |
CVE-2018-8407 |
200 |
|
+Info |
2018-11-13 |
2018-12-13 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider" driver improperly initializes objects in memory, aka "MSRPC Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
28 |
CVE-2018-8330 |
200 |
|
+Info |
2018-10-10 |
2018-11-23 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
29 |
CVE-2018-8271 |
200 |
|
+Info |
2018-09-12 |
2018-11-06 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory, aka "Windows Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
30 |
CVE-2018-8253 |
264 |
|
|
2018-08-15 |
2018-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka "Microsoft Cortana Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10. |
31 |
CVE-2018-8209 |
255 |
|
|
2018-06-14 |
2018-08-06 |
2.7 |
None |
Local Network |
Low |
Single system |
Partial |
None |
None |
An information disclosure vulnerability exists when Windows allows a normal user to access the Wireless LAN profile of an administrative user, aka "Windows Wireless Network Profile Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |
32 |
CVE-2018-8127 |
200 |
|
+Info |
2018-05-09 |
2018-06-13 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8141. |
33 |
CVE-2018-8116 |
119 |
|
DoS Overflow |
2018-04-11 |
2018-05-23 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
A denial of service vulnerability exists in the way that Windows handles objects in memory, aka "Microsoft Graphics Component Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
34 |
CVE-2018-0975 |
200 |
|
Bypass +Info |
2018-04-11 |
2018-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974. |
35 |
CVE-2018-0974 |
200 |
|
Bypass +Info |
2018-04-11 |
2018-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0975. |
36 |
CVE-2018-0973 |
200 |
|
Bypass +Info |
2018-04-11 |
2018-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0974, CVE-2018-0975. |
37 |
CVE-2018-0972 |
200 |
|
Bypass +Info |
2018-04-11 |
2018-05-16 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
38 |
CVE-2018-0971 |
200 |
|
Bypass +Info |
2018-04-11 |
2018-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
39 |
CVE-2018-0970 |
200 |
|
Bypass +Info |
2018-04-11 |
2018-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
40 |
CVE-2018-0969 |
200 |
|
Bypass +Info |
2018-04-11 |
2018-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
41 |
CVE-2018-0968 |
200 |
|
Bypass +Info |
2018-04-11 |
2018-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0960, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
42 |
CVE-2018-0966 |
254 |
|
Bypass |
2018-04-11 |
2018-08-08 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |
43 |
CVE-2018-0960 |
200 |
|
+Info |
2018-04-11 |
2018-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0887, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
44 |
CVE-2018-0926 |
200 |
|
+Info |
2018-03-14 |
2018-04-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0901. |
45 |
CVE-2018-0887 |
200 |
|
+Info |
2018-04-11 |
2018-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
46 |
CVE-2018-0878 |
611 |
|
|
2018-03-14 |
2018-08-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how XML External Entities (XXE) are processed, aka "Windows Remote Assistance Information Disclosure Vulnerability". |
47 |
CVE-2018-0814 |
200 |
|
+Info |
2018-03-14 |
2018-04-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are initialized in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0901 and CVE-2018-0926. |
48 |
CVE-2018-0813 |
200 |
|
+Info |
2018-03-14 |
2018-04-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are initialized in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0901 and CVE-2018-0926. |
49 |
CVE-2018-0811 |
200 |
|
+Info |
2018-03-14 |
2018-04-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are initialized in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901 and CVE-2018-0926. |
50 |
CVE-2018-0754 |
200 |
|
+Info |
2018-01-04 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "OpenType Font Driver Information Disclosure Vulnerability". |
Total number of vulnerabilities : 110
Page :
1
(This Page) 2
3
|
|