Vulnerabilities > Microsoft > Windows 10 > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-15 | CVE-2017-8492 | Information Exposure vulnerability in Microsoft products The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. | 1.9 |
| 2017-06-15 | CVE-2017-8493 | Improper Handling of Case Sensitivity vulnerability in Microsoft products Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to set variables that are either read-only or require authentication when Windows fails to enforce case sensitivity for certain variable checks, aka "Windows Security Feature Bypass Vulnerability". | 2.1 |
| 2017-06-15 | CVE-2017-8544 | Information Exposure vulnerability in Microsoft products Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to obtain information to further compromise the user's system when Windows Search fails to handle objects in memory, aka "Windows Search Information Disclosure Vulnerability". | 2.1 |
| 2017-05-12 | CVE-2017-0190 | Information Exposure vulnerability in Microsoft products The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure Vulnerability." | 2.1 |
| 2017-05-12 | CVE-2017-0213 | Local Privilege Escalation vulnerability in Microsoft Windows COM Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". local microsoft | 1.9 |
| 2017-05-12 | CVE-2017-0258 | Information Exposure vulnerability in Microsoft products The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0259. | 1.9 |
| 2017-05-12 | CVE-2017-0259 | Information Exposure vulnerability in Microsoft products The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0258. | 1.9 |
| 2017-05-12 | CVE-2017-8360 | Information Exposure vulnerability in Conexant Mictray64 Conexant Systems mictray64 task, as used on HP Elite, EliteBook, ProBook, and ZBook systems, leaks sensitive data (keystrokes) to any process. | 2.1 |
| 2017-04-12 | CVE-2017-0058 | Information Exposure vulnerability in Microsoft products A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. | 1.9 |
| 2017-04-12 | CVE-2017-0164 | Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016 A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability." | 3.5 |