Vulnerabilities > Microsoft > Windows 10 > 1809

DATE CVE VULNERABILITY TITLE RISK
2020-05-21 CVE-2020-1068 Unspecified vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
7.8
2020-05-21 CVE-2020-1067 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
network
low complexity
microsoft
8.8
2020-05-21 CVE-2020-1061 Out-of-bounds Write vulnerability in Microsoft products
A remote code execution vulnerability exists in the way that the Microsoft Script Runtime handles objects in memory, aka 'Microsoft Script Runtime Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-787
8.8
2020-05-21 CVE-2020-1055 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability'.
network
low complexity
microsoft CWE-79
6.1
2020-05-21 CVE-2020-1054 Out-of-bounds Write vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-787
7.8
2020-05-21 CVE-2020-1051 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.
local
low complexity
microsoft
7.8
2020-05-21 CVE-2020-1048 Incorrect Resource Transfer Between Spheres vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-669
7.8
2020-05-21 CVE-2020-1028 Out-of-bounds Write vulnerability in Microsoft products
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.
local
low complexity
microsoft CWE-787
7.8
2020-05-21 CVE-2020-1021 Race Condition vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-362
7.8
2020-05-21 CVE-2020-1010 Unspecified vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
7.8