Vulnerabilities > Microsoft > Windows 10 > 1803
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-11 | CVE-2020-0657 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. | 4.6 |
| 2020-02-11 | CVE-2020-0655 | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | 8.5 |
| 2020-01-24 | CVE-2019-1454 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. | 3.6 |
| 2020-01-15 | CVE-2019-9510 | Improper Handling of Exceptional Conditions vulnerability in Microsoft Windows 10 and Windows Server 2019 A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to user sessions without needing to interact with the Windows lock screen. | 7.8 |
| 2020-01-14 | CVE-2020-0644 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names, aka 'Windows Elevation of Privilege Vulnerability'. | 7.2 |
| 2020-01-14 | CVE-2020-0643 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'. | 2.1 |
| 2020-01-14 | CVE-2020-0642 | Use After Free vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. | 7.2 |
| 2020-01-14 | CVE-2020-0641 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. | 7.2 |
| 2020-01-14 | CVE-2020-0639 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. | 2.1 |
| 2020-01-14 | CVE-2020-0638 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'. | 4.6 |