Microsoft: >> Windows 10 1809 >> 10.0.17763.4851 Security Vulnerabilities
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVSS Score
9.8
EPSS Score
0.012
Published
2023-10-10
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Known exploited
CVSS Score
7.5
EPSS Score
0.944
Published
2023-10-10
When curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed later via the libcurl headers API.
However, curl did not have a limit in how many or how large headers it would
accept in a response, allowing a malicious server to stream an endless series
of headers and eventually cause curl to run out of heap memory.
CVSS Score
7.5
EPSS Score
0.145
Published
2023-09-15
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
CVSS Score
4.7
EPSS Score
0.006
Published
2023-08-08
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.Â
CVSS Score
5.5
EPSS Score
0.08
Published
2023-08-08
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.002
Published
2023-07-11
.NET and Visual Studio Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.011
Published
2023-02-14
.NET Framework Denial of Service Vulnerability
CVSS Score
5.0
EPSS Score
0.003
Published
2023-02-14
CVE-2020-0601
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
Known exploited
CVSS Score
8.1
EPSS Score
0.941
Published
2020-01-14
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.
CVSS Score
7.5
EPSS Score
0.085
Published
2019-04-09