Home › Vendors › Microsoft › Windows 10 1803Microsoft Windows 10 1803 — known CVE vulnerabilities Every CVE whose affected-product data names Microsoft Windows 10 1803, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (45) CVE-2018-0824 — CVSS 8.8 (high) — actively exploited : A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka…CVE-2018-8414 — CVSS 8.8 (high) — actively exploited : A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code…CVE-2019-0903 — CVSS 8.8 (high) — actively exploited : A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka…CVE-2020-1020 — CVSS 8.8 (high) — actively exploited : A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a…CVE-2020-0601 — CVSS 8.1 (high) — actively exploited : A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An…CVE-2018-8611 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel…CVE-2018-8639 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k…CVE-2019-0543 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of…CVE-2019-0797 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k…CVE-2019-0803 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k…CVE-2019-0841 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows…CVE-2019-0859 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k…CVE-2019-0863 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting…CVE-2019-0880 — CVSS 7.8 (high) — actively exploited : A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of…CVE-2019-1064 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker…CVE-2019-1069 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who…CVE-2019-1129 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows…CVE-2019-1130 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows…CVE-2019-1214 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory…CVE-2019-1215 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of…CVE-2019-1253 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this…CVE-2019-1315 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error…CVE-2019-1322 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of…CVE-2019-1385 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management…CVE-2019-1388 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka…CVE-2019-1405 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object…CVE-2022-38396 — CVSS 7.8 (high) : HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation…CVE-2018-8405 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka…CVE-2018-8406 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka…CVE-2018-8440 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows…CVE-2018-8453 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k…CVE-2020-17087 — CVSS 7.8 (high) — actively exploited : Windows Kernel Local Elevation of Privilege VulnerabilityCVE-2021-1732 — CVSS 7.8 (high) — actively exploited : Windows Win32k Elevation of Privilege VulnerabilityCVE-2021-28310 — CVSS 7.8 (high) — actively exploited : Win32k Elevation of Privilege VulnerabilityCVE-2020-0638 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an…CVE-2020-0683 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer…CVE-2020-0787 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic…CVE-2020-0938 — CVSS 7.8 (high) — actively exploited : A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a…CVE-2020-0986 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel…CVE-2020-1027 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation…CVE-2020-1054 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory…CVE-2020-1464 — CVSS 7.8 (high) — actively exploited : A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this…CVE-2018-8174 — CVSS 7.5 (high) — actively exploited : A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine…CVE-2018-8493 — CVSS 7.5 (high) : An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP…CVE-2019-0703 — CVSS 6.5 (medium) — actively exploited : An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB…