Vulnerabilities > Microsoft > Windows 10

DATE CVE VULNERABILITY TITLE RISK
2018-04-12 CVE-2018-0970 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
5.5
2018-04-12 CVE-2018-0969 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
5.5
2018-04-12 CVE-2018-0968 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
5.5
2018-04-12 CVE-2018-0967 Unspecified vulnerability in Microsoft products
A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps, aka "Windows SNMP Service Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
network
high complexity
microsoft
5.3
2018-04-12 CVE-2018-0966 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows 10 and Windows Server 2016
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
local
low complexity
microsoft CWE-367
3.3
2018-04-12 CVE-2018-0964 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers.
local
high complexity
microsoft
6.1
2018-04-12 CVE-2018-0963 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
7.8
2018-04-12 CVE-2018-0960 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
5.5
2018-04-12 CVE-2018-0957 Improper Input Validation vulnerability in Microsoft products
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
local
high complexity
microsoft CWE-20
5.3
2018-04-12 CVE-2018-0956 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
network
low complexity
microsoft
7.5