Vulnerabilities > Microsoft > Windows 10 > High

DATE CVE VULNERABILITY TITLE RISK
2018-10-10 CVE-2018-8413 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
7.8
2018-10-10 CVE-2018-8411 Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft products
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
low complexity
microsoft CWE-732
7.8
2018-10-10 CVE-2018-8333 Improper Resource Shutdown or Release vulnerability in Microsoft products
An Elevation of Privilege vulnerability exists in Filter Manager when it improperly handles objects in memory, aka "Microsoft Filter Manager Elevation Of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
high complexity
microsoft CWE-404
7.0
2018-10-10 CVE-2018-8329 Improper Resource Shutdown or Release vulnerability in Microsoft Windows 10 and Windows Server 2016
An Elevation of Privilege vulnerability exists in Windows Subsystem for Linux when it fails to properly handle objects in memory, aka "Linux On Windows Elevation Of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.
local
low complexity
microsoft CWE-404
7.8
2018-09-13 CVE-2018-8475 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
network
low complexity
microsoft
8.8
2018-09-13 CVE-2018-8462 Improper Resource Shutdown or Release vulnerability in Microsoft Windows 10 and Windows Server 2016
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
local
low complexity
microsoft CWE-404
7.8
2018-09-13 CVE-2018-8455 Improper Resource Shutdown or Release vulnerability in Microsoft products
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
local
low complexity
microsoft CWE-404
7.8
2018-09-13 CVE-2018-8441 Integer Overflow or Wraparound vulnerability in Microsoft Windows 10 and Windows Server 2016
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.
local
low complexity
microsoft CWE-190
7.8
2018-09-13 CVE-2018-8440 Unspecified vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
7.8
2018-09-13 CVE-2018-8439 Improper Input Validation vulnerability in Microsoft products
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
low complexity
microsoft CWE-20
8.4