Vulnerabilities > Microsoft > Windows 10 > High

DATE CVE VULNERABILITY TITLE RISK
2018-04-12 CVE-2018-1003 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10.
local
low complexity
microsoft CWE-119
7.8
2018-04-12 CVE-2018-0963 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
7.8
2018-04-12 CVE-2018-0956 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
network
low complexity
microsoft
7.5
2018-03-14 CVE-2018-0983 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Storage Services Elevation of Privilege Vulnerability".
local
high complexity
microsoft
7.0
2018-03-14 CVE-2018-0977 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka "Win32k Elevation of Privilege Vulnerability".
local
high complexity
microsoft
7.0
2018-03-14 CVE-2018-0902 Unspecified vulnerability in Microsoft Windows 10, Windows Server and Windows Server 2016
The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709.
local
low complexity
microsoft
7.8
2018-03-14 CVE-2018-0886 Improper Authentication vulnerability in Microsoft products
The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".
local
high complexity
microsoft CWE-287
7.0
2018-03-14 CVE-2018-0884 Unspecified vulnerability in Microsoft Windows 10, Windows Server and Windows Server 2016
Windows Scripting Host (WSH) in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to how objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability".
local
low complexity
microsoft
7.8
2018-03-14 CVE-2018-0883 Unspecified vulnerability in Microsoft products
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how file copy destinations are validated, aka "Windows Shell Remote Code Execution Vulnerability".
network
high complexity
microsoft
7.5
2018-03-14 CVE-2018-0882 Unspecified vulnerability in Microsoft Windows 10, Windows Server and Windows Server 2016
The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability".
local
high complexity
microsoft
7.0