Microsoft: >> Windows 10 1809 Security Vulnerabilities
CVE-2019-0863
An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.
Known exploited
CVSS Score
7.8
EPSS Score
0.062
Published
2019-05-16
CVE-2019-0859
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.
Known exploited
CVSS Score
7.8
EPSS Score
0.106
Published
2019-04-09
CVE-2019-0803
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.
Known exploited
CVSS Score
7.8
EPSS Score
0.898
Published
2019-04-09
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861.
CVSS Score
7.5
EPSS Score
0.141
Published
2019-04-09
CVE-2019-0841
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.
Known exploited
CVSS Score
7.8
EPSS Score
0.827
Published
2019-04-09
CVE-2019-0752
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862.
Known exploited
CVSS Score
7.5
EPSS Score
0.918
Published
2019-04-09
CVE-2019-0797
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808.
Known exploited
CVSS Score
7.8
EPSS Score
0.045
Published
2019-04-09
CVE-2019-0703
An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0704, CVE-2019-0821.
Known exploited
CVSS Score
6.5
EPSS Score
0.232
Published
2019-04-09
CVE-2019-0676
An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.An attacker who successfully exploited this vulnerability could test for the presence of files on disk, aka 'Internet Explorer Information Disclosure Vulnerability'.
Known exploited
CVSS Score
6.5
EPSS Score
0.238
Published
2019-03-05
CVE-2019-0541
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus.
Known exploited
CVSS Score
8.8
EPSS Score
0.834
Published
2019-01-08