Microsoft Windows 10 1903 — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Windows 10 1903, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
- CVE-2020-0796 — CVSS 10.0 (critical) — actively exploited: A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain…
- CVE-2019-0903 — CVSS 8.8 (high) — actively exploited: A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka…
- CVE-2020-1020 — CVSS 8.8 (high) — actively exploited: A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a…
- CVE-2020-0601 — CVSS 8.1 (high) — actively exploited: A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An…
- CVE-2019-1129 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows…
- CVE-2019-1130 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows…
- CVE-2019-1214 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory…
- CVE-2019-1215 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of…
- CVE-2019-1253 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this…
- CVE-2019-1315 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error…
- CVE-2019-1322 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of…
- CVE-2019-1385 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management…
- CVE-2019-1388 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka…
- CVE-2019-1405 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object…
- CVE-2020-0638 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an…
- CVE-2020-0683 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer…
- CVE-2020-0787 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic…
- CVE-2020-0938 — CVSS 7.8 (high) — actively exploited: A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a…
- CVE-2020-0986 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel…
- CVE-2020-1027 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation…
- CVE-2020-1054 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory…
- CVE-2020-1464 — CVSS 7.8 (high) — actively exploited: A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this…
- CVE-2019-0863 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting…
- CVE-2020-17087 — CVSS 7.8 (high) — actively exploited: Windows Kernel Local Elevation of Privilege Vulnerability
- CVE-2019-0880 — CVSS 7.8 (high) — actively exploited: A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of…
- CVE-2019-1064 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker…
- CVE-2019-1069 — CVSS 7.8 (high) — actively exploited: An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who…