Vulnerabilities > Microsoft > Windows 10 > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-06-09 CVE-2020-1307 Improper Privilege Management vulnerability in Microsoft Windows 10 and Windows Server 2016
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
network
microsoft CWE-269
critical
9.3
2020-06-09 CVE-2020-1317 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.
network
low complexity
microsoft CWE-269
critical
9.0
2020-05-21 CVE-2020-1028 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.
network
microsoft CWE-119
critical
9.3
2020-05-21 CVE-2020-1051 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.
network
microsoft CWE-119
critical
9.3
2020-05-21 CVE-2020-1061 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A remote code execution vulnerability exists in the way that the Microsoft Script Runtime handles objects in memory, aka 'Microsoft Script Runtime Remote Code Execution Vulnerability'.
network
microsoft CWE-119
critical
9.3
2020-05-21 CVE-2020-1067 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-119
critical
9.0
2020-05-21 CVE-2020-1112 Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
network
low complexity
microsoft CWE-434
critical
9.0
2020-05-21 CVE-2020-1113 Improper Certificate Validation vulnerability in Microsoft products
A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'.
network
microsoft CWE-295
critical
9.3
2020-05-21 CVE-2020-1117 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A remote code execution vulnerability exists in the way that the Color Management Module (ICM32.dll) handles objects in memory, aka 'Microsoft Color Management Remote Code Execution Vulnerability'.
network
microsoft CWE-119
critical
9.3
2020-05-21 CVE-2020-1126 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.
network
microsoft CWE-119
critical
9.3