Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows 10 1809
Subscriptions
Total
2291 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-50172 | 1 Microsoft | 16 Server, Windows, Windows 10 and 13 more | 2025-09-17 | 6.5 Medium |
| Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a network. | ||||
| CVE-2025-50170 | 1 Microsoft | 14 Server, Windows, Windows 10 1809 and 11 more | 2025-09-17 | 7.8 High |
| Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50167 | 1 Microsoft | 20 Hyper-v, Windows, Windows 10 and 17 more | 2025-09-17 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50166 | 1 Microsoft | 18 Distributed Transaction Coordinator, Windows 10 1507, Windows 10 1607 and 15 more | 2025-09-17 | 6.5 Medium |
| Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose information over a network. | ||||
| CVE-2025-50161 | 1 Microsoft | 19 Windows, Windows 10 1507, Windows 10 1607 and 16 more | 2025-09-17 | 7.3 High |
| Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50159 | 1 Microsoft | 19 Windows, Windows 10, Windows 10 1507 and 16 more | 2025-09-17 | 7.3 High |
| Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50158 | 1 Microsoft | 19 Windows, Windows 10 1507, Windows 10 1607 and 16 more | 2025-09-17 | 7 High |
| Time-of-check time-of-use (toctou) race condition in Windows NTFS allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-50153 | 1 Microsoft | 19 Server, Windows, Windows 10 and 16 more | 2025-09-17 | 7.8 High |
| Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49762 | 1 Microsoft | 21 Windows, Windows 10, Windows 10 1507 and 18 more | 2025-09-17 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49761 | 1 Microsoft | 21 Server, Windows, Windows 10 1507 and 18 more | 2025-09-17 | 7.8 High |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49743 | 1 Microsoft | 21 Windows, Windows 10, Windows 10 1507 and 18 more | 2025-09-17 | 6.7 Medium |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49751 | 1 Microsoft | 19 Hyper-v, Server, Windows and 16 more | 2025-09-17 | 6.8 Medium |
| Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network. | ||||
| CVE-2025-33053 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-16 | 8.8 High |
| External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-32706 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-16 | 7.8 High |
| Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2019-1064 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1703, Windows 10 1709 and 8 more | 2025-09-15 | 7.8 High |
| An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows AppX Deployment Service handles hard links. | ||||
| CVE-2019-1069 | 1 Microsoft | 12 Windows 10, Windows 10 1507, Windows 10 1607 and 9 more | 2025-09-15 | 7.8 High |
| An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system. To exploit the vulnerability, an attacker would require unprivileged code execution on a victim system. The security update addresses the vulnerability by correctly validating file operations. | ||||
| CVE-2025-33073 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-15 | 8.8 High |
| Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2024-30078 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-09-15 | 8.8 High |
| Windows Wi-Fi Driver Remote Code Execution Vulnerability | ||||
| CVE-2025-48799 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 5 more | 2025-09-15 | 7.8 High |
| Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-47981 | 1 Microsoft | 18 Windows, Windows 10, Windows 10 1507 and 15 more | 2025-09-15 | 9.8 Critical |
| Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network. | ||||