Vulnerabilities > Microsoft > Windows 10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-17 | CVE-2020-1490 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. | 7.8 |
| 2020-08-17 | CVE-2020-1484 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. | 7.8 |
| 2020-08-17 | CVE-2020-1479 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. | 7.8 |
| 2020-08-17 | CVE-2020-1383 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled. | 5.5 |
| 2020-07-29 | CVE-2020-15707 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. | 6.4 |
| 2020-07-29 | CVE-2020-15706 | Use After Free vulnerability in multiple products GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. | 6.4 |
| 2020-07-29 | CVE-2020-15705 | Improper Verification of Cryptographic Signature vulnerability in multiple products GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. | 6.4 |
| 2020-07-27 | CVE-2020-1457 | Out-of-bounds Write vulnerability in Microsoft Windows 10 A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. | 7.8 |
| 2020-07-27 | CVE-2020-1425 | Unspecified vulnerability in Microsoft Windows 10 A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. | 7.8 |
| 2020-07-14 | CVE-2020-1468 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |