Vulnerabilities > Microsoft > Windows 10 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-11 | CVE-2020-0658 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. | 5.5 |
| 2020-01-24 | CVE-2019-1454 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. | 5.5 |
| 2020-01-14 | CVE-2020-0643 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'. | 5.5 |
| 2020-01-14 | CVE-2020-0639 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. | 5.5 |
| 2020-01-14 | CVE-2020-0622 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. | 5.5 |
| 2020-01-14 | CVE-2020-0621 | Insufficient Session Expiration vulnerability in Microsoft products A security feature bypass vulnerability exists in Windows 10 when third party filters are called during a password update, aka 'Windows Security Feature Bypass Vulnerability'. | 4.4 |
| 2020-01-14 | CVE-2020-0617 | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Virtual PCI on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Hyper-V Denial of Service Vulnerability'. | 6.0 |
| 2020-01-14 | CVE-2020-0616 | Link Following vulnerability in Microsoft products A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'. | 5.5 |
| 2020-01-14 | CVE-2020-0615 | Out-of-bounds Read vulnerability in Microsoft products An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. | 5.5 |
| 2020-01-14 | CVE-2020-0608 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. | 5.5 |