Microsoft Windows 10 Servers vulnerabilities
206 known vulnerabilities affecting microsoft/windows_10_servers.
Total CVEs
206
CISA KEV
9
actively exploited
Public exploits
30
Exploited in wild
13
Severity breakdown
CRITICAL3HIGH111MEDIUM88LOW4
Vulnerabilities
Page 5 of 11
CVE-2018-8332HIGHCVSS 8.8vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8332 [HIGH] CVE-2018-8332: A remote code execution vulnerability exists when the Windows font library improperly handles specia
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2016, Windows
cvelistv5nvd
CVE-2018-0965HIGHCVSS 8.4vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-0965 [HIGH] CWE-20 CVE-2018-0965: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8439.
cvelistv5nvd
CVE-2018-8462HIGHCVSS 7.8vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8462 [HIGH] CWE-404 CVE-2018-8462: An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver imp
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
cvelistv5nvd
CVE-2018-8440HIGHCVSS 7.8KEVvversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8440 [HIGH] CVE-2018-8440: An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Loc
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Wind
cvelistv5nvd
CVE-2018-8441HIGHCVSS 7.8vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8441 [HIGH] CWE-190 CVE-2018-8441: An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for L
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.
cvelistv5nvd
CVE-2018-8393HIGHCVSS 7.8vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8393 [HIGH] CVE-2018-8393: A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microso
A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 20
cvelistv5
CVE-2018-8439HIGHCVSS 8.4vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8439 [HIGH] CVE-2018-8439: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a gu
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows
cvelistv5
CVE-2018-8336MEDIUMCVSS 5.5vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8336 [MEDIUM] CWE-200 CVE-2018-8336: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8419, CVE-2018-8442, CVE-2018-8443, CVE-2018-8445, CVE-2018-8446.
nvd
CVE-2018-8424MEDIUMCVSS 6.5vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8424 [MEDIUM] CVE-2018-8424: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Inform
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows S
cvelistv5
CVE-2018-8436MEDIUMCVSS 6.2vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8436 [MEDIUM] CWE-20 CVE-2018-8436: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fail
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8437, CVE-2018-8438.
cvelistv5nvd
CVE-2018-8442MEDIUMCVSS 5.5vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8442 [MEDIUM] CVE-2018-8442: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosur
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Win
cvelistv5
CVE-2018-8437MEDIUMCVSS 6.2vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8437 [MEDIUM] CVE-2018-8437: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE
cvelistv5
CVE-2018-8468MEDIUMCVSS 4.7PoCvversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8468 [MEDIUM] CVE-2018-8468: An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
cvelistv5nvd
CVE-2018-8446MEDIUMCVSS 5.5vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8446 [MEDIUM] CVE-2018-8446: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosur
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Win
cvelistv5
CVE-2018-8337MEDIUMCVSS 5.3vversion 1709 (Server Core Installation)2018-09-13
CVE-2018-8337 [MEDIUM] CWE-178 CVE-2018-8337: A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles c
A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles case sensitivity, aka "Windows Subsystem for Linux Security Feature Bypass Vulnerability." This affects Windows 10, Windows 10 Servers.
cvelistv5nvd
CVE-2018-8438MEDIUMCVSS 6.2vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8438 [MEDIUM] CVE-2018-8438: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, W
cvelistv5
CVE-2018-8422MEDIUMCVSS 6.5vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8422 [MEDIUM] CWE-200 CVE-2018-8422: An information disclosure vulnerability exists when the Windows GDI component improperly discloses t
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8424.
nvd
CVE-2018-8271MEDIUMCVSS 5.5vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8271 [MEDIUM] CWE-200 CVE-2018-8271: An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode dr
An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory, aka "Windows Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Serv
cvelistv5nvd
CVE-2018-8435MEDIUMCVSS 4.2vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8435 [MEDIUM] CWE-331 CVE-2018-8435: A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a h
A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
cvelistv5nvd
CVE-2018-8433MEDIUMCVSS 4.7vversion 1709 (Server Core Installation)vversion 1803 (Server Core Installation)2018-09-13
CVE-2018-8433 [MEDIUM] CWE-200 CVE-2018-8433: An information disclosure vulnerability exists when the Windows Graphics component improperly handle
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008
cvelistv5nvd