Vulnerabilities > Microsoft > Windows 10 > 1803

DATE CVE VULNERABILITY TITLE RISK
2020-07-14 CVE-2020-1352 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows USO Core Worker improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows USO Core Worker Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
4.6
2020-07-14 CVE-2020-1351 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-07-14 CVE-2020-1347 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations, aka 'Windows Storage Services Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
4.6
2020-07-14 CVE-2020-1346 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows Modules Installer improperly handles file operations, aka 'Windows Modules Installer Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
4.6
2020-07-14 CVE-2020-1344 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
4.6
2020-07-14 CVE-2020-1336 Unspecified vulnerability in Microsoft products
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory.
local
low complexity
microsoft
7.8
2020-07-14 CVE-2020-1333 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points, aka 'Group Policy Services Policy Processing Elevation of Privilege Vulnerability'.
local
high complexity
microsoft CWE-269
3.7
2020-07-14 CVE-2020-1267 Improper Input Validation vulnerability in Microsoft products
This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service Denial of Service Vulnerability'.
network
low complexity
microsoft CWE-20
4.0
2020-07-14 CVE-2020-1249 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
4.6
2020-07-14 CVE-2020-1085 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
4.6