Search Results (Refine Search)
- CPE Product Version: cpe:/o:microsoft:windows_10:-::~~~~x64~
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-0690 |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0695, CVE-2019-0701. Published: April 08, 2019; 8:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.8 MEDIUM V2.0: 5.5 MEDIUM |
CVE-2019-0635 |
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'. Published: March 05, 2019; 6:29:01 PM -0500 |
V4.0:(not available) V3.0: 6.2 MEDIUM V2.0: 5.5 MEDIUM |
CVE-2018-8490 |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is unique from CVE-2018-8489. Published: October 10, 2018; 9:29:03 AM -0400 |
V4.0:(not available) V3.0: 8.4 HIGH V2.0: 7.7 HIGH |
CVE-2018-8489 |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8490. Published: October 10, 2018; 9:29:03 AM -0400 |
V4.0:(not available) V3.0: 8.4 HIGH V2.0: 7.7 HIGH |
CVE-2018-8435 |
A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. Published: September 12, 2018; 8:29:03 PM -0400 |
V4.0:(not available) V3.0: 4.2 MEDIUM V2.0: 2.3 LOW |
CVE-2018-8434 |
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. Published: September 12, 2018; 8:29:03 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 5.2 MEDIUM |
CVE-2016-8223 |
During an internal security review, Lenovo identified a local privilege escalation vulnerability in Lenovo System Interface Foundation software installed on some Windows 10 PCs where a user with local privileges could run arbitrary code with administrator level privileges. Published: November 29, 2016; 3:59:01 PM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-3344 |
The Secure Kernel Mode feature in Microsoft Windows 10 Gold and 1511 allows local users to obtain sensitive information via a crafted application, aka "Windows Secure Kernel Mode Information Disclosure Vulnerability." Published: September 14, 2016; 6:59:18 AM -0400 |
V4.0:(not available) V3.0: 3.3 LOW V2.0: 2.1 LOW |
CVE-2016-3330 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3294. Published: September 14, 2016; 6:59:17 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2016-3312 |
ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows attackers to discover credentials by leveraging failure of Universal Outlook to obtain a secure connection, aka "Universal Outlook Information Disclosure Vulnerability." Published: August 09, 2016; 5:59:19 PM -0400 |
V4.0:(not available) V3.0: 9.1 CRITICAL V2.0: 5.0 MEDIUM |
CVE-2016-0019 |
The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka "Windows Remote Desktop Protocol Security Bypass Vulnerability." Published: January 13, 2016; 12:59:15 AM -0500 |
V4.0:(not available) V3.0: 8.1 HIGH V2.0: 9.3 HIGH |
CVE-2016-0009 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka "Win32k Remote Code Execution Vulnerability." Published: January 13, 2016; 12:59:07 AM -0500 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2015-2534 |
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka "Hyper-V Security Feature Bypass Vulnerability." Published: September 08, 2015; 8:59:45 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 1.9 LOW |
CVE-2015-2508 |
The Adobe Type Manager Library in Microsoft Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability." Published: September 08, 2015; 8:59:21 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |