Vulnerabilities > Microsoft > Windows 10 > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-04-12 | CVE-2018-1003 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10. | 7.8 |
2018-04-12 | CVE-2018-0963 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | 7.8 |
2018-04-12 | CVE-2018-0956 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | 7.5 |
2018-03-14 | CVE-2018-0983 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Storage Services Elevation of Privilege Vulnerability". | 7.0 |
2018-03-14 | CVE-2018-0977 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka "Win32k Elevation of Privilege Vulnerability". | 7.0 |
2018-03-14 | CVE-2018-0902 | Unspecified vulnerability in Microsoft Windows 10, Windows Server and Windows Server 2016 The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709. | 7.8 |
2018-03-14 | CVE-2018-0886 | Improper Authentication vulnerability in Microsoft products The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability". | 7.0 |
2018-03-14 | CVE-2018-0884 | Unspecified vulnerability in Microsoft Windows 10, Windows Server and Windows Server 2016 Windows Scripting Host (WSH) in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to how objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability". | 7.8 |
2018-03-14 | CVE-2018-0883 | Unspecified vulnerability in Microsoft products Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how file copy destinations are validated, aka "Windows Shell Remote Code Execution Vulnerability". | 7.5 |
2018-03-14 | CVE-2018-0882 | Unspecified vulnerability in Microsoft Windows 10, Windows Server and Windows Server 2016 The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". | 7.0 |