Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_10
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3013 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-05-16 | CVE-2019-0733 | A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. | Windows_10, Windows_server_2016, Windows_server_2019 | 5.3 | ||
| 2019-05-16 | CVE-2019-0707 | An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to elevate the attacker's privilege level, aka 'Windows NDIS Elevation of Privilege Vulnerability'. | Windows_10, Windows_8\.1, Windows_rt_8\.1, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 7.0 | ||
| 2016-08-09 | CVE-2016-3237 | Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a fallback to NTLM authentication during a domain account password change, aka "Kerberos Security Feature Bypass Vulnerability." | Windows_10, Windows_7, Windows_8\.1, Windows_rt, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_vista | 7.5 | ||
| 2019-05-16 | CVE-2019-0942 | An elevation of privilege vulnerability exists in the Unified Write Filter (UWF) feature for Windows 10 when it improperly restricts access to the registry, aka 'Unified Write Filter Elevation of Privilege Vulnerability'. | Windows_10, Windows_server_2016, Windows_server_2019 | 5.5 | ||
| 2019-05-16 | CVE-2019-0936 | An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0734. | Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 7.8 | ||
| 2019-05-16 | CVE-2019-0931 | An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'. | Windows_10, Windows_server_2016, Windows_server_2019 | 7.0 | ||
| 2019-05-16 | CVE-2019-0758 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0882, CVE-2019-0961. | Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 6.5 | ||
| 2019-05-16 | CVE-2019-0734 | An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully decode and replace authentication request using Kerberos, allowing an attacker to be validated as an Administrator.The update addresses this vulnerability by changing how these requests are validated., aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0936. | Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 8.1 | ||
| 2016-01-13 | CVE-2016-0015 | DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "DirectShow Heap Corruption Remote Code Execution Vulnerability." | Windows_10, Windows_7, Windows_8, Windows_8\.1, Windows_server_2008, Windows_server_2012, Windows_vista | 7.8 | ||
| 2016-01-13 | CVE-2016-0007 | The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0006. | Windows_10, Windows_7, Windows_8, Windows_8\.1, Windows_rt, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_vista | 7.8 |