Microsoft: >> Windows 10 >> 1803 Security Vulnerabilities
A security feature bypass vulnerability exists when Windows Kernel fails to properly sanitize certain parameters.To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a targeted system.The update addresses the vulnerability by correcting how Windows Kernel handles parameter sanitization., aka 'Windows Kernel Security Feature Bypass Vulnerability'.
CVSS Score
7.8
EPSS Score
0.07
Published
2020-06-09
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.
CVSS Score
5.3
EPSS Score
0.037
Published
2020-06-09
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.
CVSS Score
7.8
EPSS Score
0.006
Published
2020-06-09
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1251, CVE-2020-1253, CVE-2020-1310.
CVSS Score
7.8
EPSS Score
0.004
Published
2020-06-09
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1253, CVE-2020-1310.
CVSS Score
6.7
EPSS Score
0.003
Published
2020-06-09
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1251, CVE-2020-1310.
CVSS Score
6.7
EPSS Score
0.004
Published
2020-06-09
An elevation of privilege vulnerability exists when Windows Modules Installer Service improperly handles class object members.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Modules Installer Service Elevation of Privilege Vulnerability'.
CVSS Score
7.8
EPSS Score
0.004
Published
2020-06-09
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
CVSS Score
8.8
EPSS Score
0.142
Published
2020-06-09
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1278, CVE-2020-1293.
CVSS Score
7.8
EPSS Score
0.005
Published
2020-06-09
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.
CVSS Score
6.7
EPSS Score
0.006
Published
2020-06-09