Vulnerabilities > Microsoft > Windows 10 > 1803
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-10 | CVE-2019-1319 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. | 7.2 |
| 2019-10-10 | CVE-2019-1318 | Authentication Bypass by Spoofing vulnerability in Microsoft products A spoofing vulnerability exists when Transport Layer Security (TLS) accesses non- Extended Master Secret (EMS) sessions, aka 'Microsoft Windows Transport Layer Security Spoofing Vulnerability'. | 4.3 |
| 2019-10-10 | CVE-2019-1317 | Link Following vulnerability in Microsoft products A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'. | 5.6 |
| 2019-10-10 | CVE-2019-1316 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists in Microsoft Windows Setup when it does not properly handle privileges, aka 'Microsoft Windows Setup Elevation of Privilege Vulnerability'. | 7.2 |
| 2019-10-10 | CVE-2019-1315 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. | 7.2 |
| 2019-10-10 | CVE-2019-1311 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory, aka 'Windows Imaging API Remote Code Execution Vulnerability'. | 9.3 |
| 2019-10-10 | CVE-2019-1230 | Improper Input Validation vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows Hyper-V Network Switch on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Information Disclosure Vulnerability'. | 4.0 |
| 2019-10-10 | CVE-2019-1166 | Improper Validation of Integrity Check Value vulnerability in Microsoft products A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'. | 4.3 |
| 2019-10-10 | CVE-2019-1060 | XXE vulnerability in Microsoft products A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. | 9.3 |
| 2019-09-23 | CVE-2019-1367 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. | 7.6 |