Home › Vendors › Microsoft › Windows 10 1703Microsoft Windows 10 1703 — known CVE vulnerabilities Every CVE whose affected-product data names Microsoft Windows 10 1703, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (32) CVE-2017-8543 — CVSS 9.8 (critical) — actively exploited : Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1…CVE-2017-8464 — CVSS 8.8 (high) — actively exploited : Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…CVE-2018-8414 — CVSS 8.8 (high) — actively exploited : A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code…CVE-2018-0824 — CVSS 8.8 (high) — actively exploited : A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka…CVE-2019-0903 — CVSS 8.8 (high) — actively exploited : A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka…CVE-2018-8453 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k…CVE-2022-38396 — CVSS 7.8 (high) : HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation…CVE-2017-0263 — CVSS 7.8 (high) — actively exploited : The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2…CVE-2018-8405 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka…CVE-2018-8406 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka…CVE-2018-8440 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows…CVE-2019-1214 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory…CVE-2019-1215 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of…CVE-2019-1253 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this…CVE-2019-1315 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error…CVE-2018-8611 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel…CVE-2018-8639 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k…CVE-2019-0543 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of…CVE-2019-0797 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k…CVE-2019-0803 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k…CVE-2019-0841 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows…CVE-2019-0859 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k…CVE-2019-0863 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting…CVE-2019-0880 — CVSS 7.8 (high) — actively exploited : A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of…CVE-2019-1064 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker…CVE-2019-1069 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who…CVE-2019-1129 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows…CVE-2019-1130 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows…CVE-2018-8493 — CVSS 7.5 (high) : An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP…CVE-2018-8174 — CVSS 7.5 (high) — actively exploited : A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine…CVE-2017-0213 — CVSS 7.3 (high) — actively exploited : Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and…CVE-2019-0703 — CVSS 6.5 (medium) — actively exploited : An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB…