Windows 10 1809
by Microsoft
CVEs (3,332)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-35250 | 0.19 | — | 0.25 | KEV | Jun 11, 2024 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||
| CVE-2023-36025 | 0.19 | — | 0.88 | KEV | Nov 14, 2023 | Windows SmartScreen Security Feature Bypass Vulnerability | ||
| CVE-2023-23376 | 0.19 | — | 0.11 | KEV | Feb 14, 2023 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2022-41091 | 0.19 | — | 0.02 | KEV | Nov 9, 2022 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2022-24521 | 0.19 | — | 0.07 | KEV | Apr 15, 2022 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2022-21971 | 0.19 | — | 0.54 | KEV | Feb 9, 2022 | Windows Runtime Remote Code Execution Vulnerability | ||
| CVE-2021-31956 | 0.19 | — | 0.20 | KEV | Jun 8, 2021 | Windows NTFS Elevation of Privilege Vulnerability | ||
| CVE-2019-1064 | 0.19 | — | 0.07 | KEV | Jun 12, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view,… | ||
| CVE-2025-29824 | 0.18 | — | 0.18 | KEV | Apr 8, 2025 | Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2023-36802 | 0.18 | — | 0.26 | KEV | Sep 12, 2023 | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability | ||
| CVE-2022-41073 | 0.18 | — | 0.02 | KEV | Nov 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2021-41379 | 0.18 | — | 0.20 | KEV | Nov 10, 2021 | Windows Installer Elevation of Privilege Vulnerability | ||
| CVE-2021-33742 | 0.18 | — | 0.59 | KEV | Jun 8, 2021 | Windows MSHTML Platform Remote Code Execution Vulnerability | ||
| CVE-2025-30397 | 0.17 | — | 0.22 | KEV | May 13, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network. | ||
| CVE-2024-38213 | 0.17 | — | 0.13 | KEV | Aug 13, 2024 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2024-29988 | 0.17 | — | 0.45 | KEV | Apr 9, 2024 | SmartScreen Prompt Security Feature Bypass Vulnerability | ||
| CVE-2022-26904 | 0.17 | — | 0.10 | KEV | Apr 15, 2022 | Windows User Profile Service Elevation of Privilege Vulnerability | ||
| CVE-2025-24054 | 0.16 | — | 0.59 | KEV | Mar 11, 2025 | External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2024-43572 | 0.16 | — | 0.61 | KEV | Oct 8, 2024 | Microsoft Management Console Remote Code Execution Vulnerability | ||
| CVE-2021-28310 | 0.16 | — | 0.08 | KEV | Apr 13, 2021 | Win32k Elevation of Privilege Vulnerability |
- risk 0.19cvss —epss 0.25
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.88
Windows SmartScreen Security Feature Bypass Vulnerability
- risk 0.19cvss —epss 0.11
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.02
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.19cvss —epss 0.07
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.54
Windows Runtime Remote Code Execution Vulnerability
- risk 0.19cvss —epss 0.20
Windows NTFS Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.07
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view,…
- risk 0.18cvss —epss 0.18
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- risk 0.18cvss —epss 0.26
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
- risk 0.18cvss —epss 0.02
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.18cvss —epss 0.20
Windows Installer Elevation of Privilege Vulnerability
- risk 0.18cvss —epss 0.59
Windows MSHTML Platform Remote Code Execution Vulnerability
- risk 0.17cvss —epss 0.22
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
- risk 0.17cvss —epss 0.13
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.17cvss —epss 0.45
SmartScreen Prompt Security Feature Bypass Vulnerability
- risk 0.17cvss —epss 0.10
Windows User Profile Service Elevation of Privilege Vulnerability
- risk 0.16cvss —epss 0.59
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
- risk 0.16cvss —epss 0.61
Microsoft Management Console Remote Code Execution Vulnerability
- risk 0.16cvss —epss 0.08
Win32k Elevation of Privilege Vulnerability
Page 16 of 167