Microsoft: >> Windows 10 1607 Security Vulnerabilities
CVE-2019-0863
An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.
Known exploited
CVSS Score
7.8
EPSS Score
0.062
Published
2019-05-16
CVE-2019-0859
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.
Known exploited
CVSS Score
7.8
EPSS Score
0.106
Published
2019-04-09
CVE-2019-0803
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.
Known exploited
CVSS Score
7.8
EPSS Score
0.898
Published
2019-04-09
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.
CVSS Score
7.5
EPSS Score
0.141
Published
2019-04-09
CVE-2019-0752
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862.
Known exploited
CVSS Score
7.5
EPSS Score
0.918
Published
2019-04-09
CVE-2019-0797
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.
Known exploited
CVSS Score
7.8
EPSS Score
0.045
Published
2019-04-09
CVE-2019-0703
An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0704, CVE-2019-0821.
Known exploited
CVSS Score
6.5
EPSS Score
0.232
Published
2019-04-09
CVE-2019-0676
An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.An attacker who successfully exploited this vulnerability could test for the presence of files on disk, aka 'Internet Explorer Information Disclosure Vulnerability'.
Known exploited
CVSS Score
6.5
EPSS Score
0.238
Published
2019-03-05
CVE-2019-0541
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus.
Known exploited
CVSS Score
8.8
EPSS Score
0.834
Published
2019-01-08
CVE-2019-0543
An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
Known exploited
CVSS Score
7.8
EPSS Score
0.245
Published
2019-01-08