Microsoft Windows 10 vulnerabilities
2,804 known vulnerabilities affecting microsoft/windows_10.
Total CVEs
2,804
CISA KEV
7
actively exploited
Public exploits
216
Exploited in wild
26
Severity breakdown
CRITICAL68HIGH1907MEDIUM802LOW27
Vulnerabilities
Page 107 of 141
CVE-2019-0536MEDIUMCVSS 5.5v1607v1703+18 more2019-01-08
CVE-2019-0536 [MEDIUM] CVE-2019-0536: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows
nvd
CVE-2019-0553MEDIUMCVSS 5.5v1703v1709+13 more2019-01-08
CVE-2019-0553 [MEDIUM] CVE-2019-0553: An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles o
An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka "Windows Subsystem for Linux Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019.
nvd
CVE-2019-0549MEDIUMCVSS 5.5v1607v1703+3 more2019-01-08
CVE-2019-0549 [MEDIUM] CVE-2019-0549: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows
nvd
CVE-2019-0569MEDIUMCVSS 5.5v1607v1703+3 more2019-01-08
CVE-2019-0569 [MEDIUM] CVE-2019-0569: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows
nvd
CVE-2018-8626CRITICALCVSS 9.8v1607v1709+13 more2018-12-12
CVE-2018-8626 [CRITICAL] CWE-787 CVE-2018-8626: A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they f
A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests, aka "Windows DNS Server Heap Overflow Vulnerability." This affects Windows Server 2012 R2, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers.
nvd
CVE-2018-8599HIGHCVSS 7.8v1607v1703+18 more2018-12-12
CVE-2018-8599 [HIGH] CWE-273 CVE-2018-8599: An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service i
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability." This affects Microsoft Visual Studio, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers.
nvd
CVE-2018-8641HIGHCVSS 7.8v1607v1703+3 more2018-12-12
CVE-2018-8641 [HIGH] CVE-2018-8641: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server
nvd
CVE-2018-8611HIGHCVSS 7.8KEVv32-bit SystemsvVersion 1607 for 32-bit Systems+13 more2018-12-12
CVE-2018-8611 [HIGH] CWE-404 CVE-2018-8611: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obje
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008
nvd
CVE-2018-8634HIGHCVSS 8.8v1607v1703+18 more2018-12-12
CVE-2018-8634 [HIGH] CVE-2018-8634: A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to prop
A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory, aka "Microsoft Text-To-Speech Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.
nvd
CVE-2018-8639HIGHCVSS 7.8KEVv32-bit SystemsvVersion 1607 for 32-bit Systems+13 more2018-12-12
CVE-2018-8639 [HIGH] CWE-404 CVE-2018-8639: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server
nvd
CVE-2018-8638MEDIUMCVSS 5.5Exploitedv1809vVersion 1809 for 32-bit Systems+2 more2018-12-12
CVE-2018-8638 [MEDIUM] CVE-2018-8638: An information disclosure vulnerability exists when DirectX improperly handles objects in memory, ak
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 10, Windows Server 2019.
nvd
CVE-2018-8637MEDIUMCVSS 5.5Exploitedv1803v1809+6 more2018-12-12
CVE-2018-8637 [MEDIUM] CVE-2018-8637: An information disclosure vulnerability exists in Windows kernel that could allow an attacker to ret
An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass, aka "Win32k Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019.
nvd
CVE-2018-8477MEDIUMCVSS 5.5Exploitedv1607v1703+3 more2018-12-12
CVE-2018-8477 [MEDIUM] CVE-2018-8477: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows
nvd
CVE-2018-8612MEDIUMCVSS 5.5v1607v1703+16 more2018-12-12
CVE-2018-8612 [MEDIUM] CWE-20 CVE-2018-8612: A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values, aka "Connected User Experiences and Telemetry Service Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.
nvd
CVE-2018-8649MEDIUMCVSS 5.5v1809vVersion 1809 for 32-bit Systems+2 more2018-12-12
CVE-2018-8649 [MEDIUM] CVE-2018-8649: A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Win
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 10, Windows Server 2019.
nvd
CVE-2018-8514MEDIUMCVSS 5.5Exploitedv1607v1703+18 more2018-12-12
CVE-2018-8514 [MEDIUM] CWE-665 CVE-2018-8514: An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initial
An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory, aka "Remote Procedure Call runtime Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server
nvd
CVE-2018-8596MEDIUMCVSS 6.5Exploitedv1607v1703+3 more2018-12-12
CVE-2018-8596 [MEDIUM] CVE-2018-8596: An information disclosure vulnerability exists when the Windows GDI component improperly discloses t
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 20
nvd
CVE-2018-8595MEDIUMCVSS 6.5Exploitedv1607v1703+18 more2018-12-12
CVE-2018-8595 [MEDIUM] CVE-2018-8595: An information disclosure vulnerability exists when the Windows GDI component improperly discloses t
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 20
nvd
CVE-2018-8562HIGHCVSS 7.8v1607v1703+18 more2018-11-14
CVE-2018-8562 [HIGH] CWE-404 CVE-2018-8562: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properl
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server
nvd
CVE-2018-8450HIGHCVSS 8.8v1607v1703+10 more2018-11-14
CVE-2018-8450 [HIGH] CWE-404 CVE-2018-8450: A remote code execution vulnerability exists when Windows Search handles objects in memory, aka "Win
A remote code execution vulnerability exists when Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
nvd