Vulnerabilities > Microsoft > Windows 10 > High

DATE CVE VULNERABILITY TITLE RISK
2020-02-11 CVE-2020-0655 Improper Input Validation vulnerability in Microsoft products
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
network
microsoft CWE-20
8.5
2020-01-15 CVE-2019-9510 Improper Handling of Exceptional Conditions vulnerability in Microsoft Windows 10 and Windows Server 2019
A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to user sessions without needing to interact with the Windows lock screen.
local
low complexity
microsoft CWE-755
7.8
2020-01-14 CVE-2020-0644 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names, aka 'Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
7.2
2020-01-14 CVE-2020-0642 Use After Free vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-416
7.2
2020-01-14 CVE-2020-0641 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
7.2
2020-01-14 CVE-2020-0635 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links, aka 'Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
7.2
2020-01-14 CVE-2020-0634 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
7.2
2019-12-10 CVE-2019-1483 Link Following vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-59
7.2
2019-12-10 CVE-2019-1477 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019
An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
7.2
2019-12-10 CVE-2019-1476 Unspecified vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft
7.2