Vulnerabilities > Microsoft > Windows 10

DATE CVE VULNERABILITY TITLE RISK
2017-10-13 CVE-2017-8703 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 10 1703
The Microsoft Windows Subsystem for Linux on Microsoft Windows 10 1703 allows a denial of service vulnerability when it improperly handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability".
local
low complexity
microsoft CWE-119
5.5
2017-10-13 CVE-2017-8694 Unspecified vulnerability in Microsoft products
The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".
local
high complexity
microsoft
7.0
2017-10-13 CVE-2017-8693 Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016
The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Microsoft Graphics Information Disclosure Vulnerability".
local
low complexity
microsoft CWE-200
5.5
2017-10-13 CVE-2017-8689 Unspecified vulnerability in Microsoft products
The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".
local
high complexity
microsoft
7.0
2017-10-13 CVE-2017-11829 Files or Directories Accessible to External Parties vulnerability in Microsoft Windows 10 and Windows Server 2016
Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions.
local
low complexity
microsoft CWE-552
5.5
2017-10-13 CVE-2017-11824 Unspecified vulnerability in Microsoft products
The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles objects in memory, aka "Windows Graphics Component Elevation of Privilege Vulnerability".
local
high complexity
microsoft
7.0
2017-10-13 CVE-2017-11823 Race Condition vulnerability in Microsoft Windows 10 and Windows Server 2016
The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Microsoft Windows Security Feature Bypass".
local
low complexity
microsoft CWE-362
6.7
2017-10-13 CVE-2017-11818 7PK - Security Features vulnerability in Microsoft products
The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka "Windows Storage Security Feature Bypass Vulnerability".
local
high complexity
microsoft CWE-254
4.5
2017-10-13 CVE-2017-11817 Information Exposure vulnerability in Microsoft products
The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly validates objects in memory, aka "Windows Information Disclosure Vulnerability".
local
high complexity
microsoft CWE-200
4.7
2017-10-13 CVE-2017-11816 Information Exposure vulnerability in Microsoft products
The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Windows GDI Information Disclosure Vulnerability".
local
low complexity
microsoft CWE-200
5.5