Windows 10 1809
by Microsoft
CVEs (3,332)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-22040 | Hig | 0.48 | 7.3 | 0.01 | Jul 12, 2022 | Internet Information Services Dynamic Compression Module Denial of Service Vulnerability | ||
| CVE-2022-26913 | Hig | 0.48 | 7.4 | 0.02 | May 10, 2022 | Windows Authentication Information Disclosure Vulnerability | ||
| CVE-2022-21881 | Hig | 0.48 | 7.0 | 0.25 | Jan 11, 2022 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2021-43219 | Hig | 0.48 | 7.4 | 0.04 | Dec 15, 2021 | DirectX Graphics Kernel File Denial of Service Vulnerability | ||
| CVE-2021-31186 | Hig | 0.48 | 7.4 | 0.03 | May 11, 2021 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | ||
| CVE-2021-27070 | Hig | 0.48 | 7.3 | 0.03 | Mar 11, 2021 | Windows 10 Update Assistant Elevation of Privilege Vulnerability | ||
| CVE-2021-1706 | Hig | 0.48 | 7.3 | 0.02 | Jan 12, 2021 | Windows LUAFV Elevation of Privilege Vulnerability | ||
| CVE-2021-1704 | Hig | 0.48 | 7.3 | 0.01 | Jan 12, 2021 | Windows Hyper-V Elevation of Privilege Vulnerability | ||
| CVE-2021-1685 | Hig | 0.48 | 7.3 | 0.01 | Jan 12, 2021 | Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | ||
| CVE-2020-17103 | Hig | 0.48 | 7.0 | 0.27 | Dec 10, 2020 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||
| CVE-2020-1471 | Hig | 0.48 | 7.3 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker… | ||
| CVE-2020-1319 | Hig | 0.48 | 7.3 | 0.05 | Sep 11, 2020 | A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change,… | ||
| CVE-2020-1571 | Hig | 0.48 | 7.3 | 0.01 | Aug 17, 2020 | An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs;… | ||
| CVE-2020-1557 | Hig | 0.48 | 7.3 | 0.04 | Aug 17, 2020 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | ||
| CVE-2026-32202 | Med | 0.47 | 4.3 | 0.64 | KEV | Apr 14, 2026 | Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network. | |
| CVE-2026-32149 | Hig | 0.47 | 7.3 | 0.00 | Apr 14, 2026 | Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. | ||
| CVE-2025-49680 | Hig | 0.47 | 7.3 | 0.00 | Jul 8, 2025 | Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally. | ||
| CVE-2025-32721 | Hig | 0.47 | 7.3 | 0.01 | Jun 10, 2025 | Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-24071 | Med | 0.47 | 6.5 | 0.25 | Mar 11, 2025 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2024-49089 | Hig | 0.47 | 7.2 | 0.02 | Dec 12, 2024 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
- risk 0.48cvss 7.3epss 0.01
Internet Information Services Dynamic Compression Module Denial of Service Vulnerability
- risk 0.48cvss 7.4epss 0.02
Windows Authentication Information Disclosure Vulnerability
- risk 0.48cvss 7.0epss 0.25
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.48cvss 7.4epss 0.04
DirectX Graphics Kernel File Denial of Service Vulnerability
- risk 0.48cvss 7.4epss 0.03
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
- risk 0.48cvss 7.3epss 0.03
Windows 10 Update Assistant Elevation of Privilege Vulnerability
- risk 0.48cvss 7.3epss 0.02
Windows LUAFV Elevation of Privilege Vulnerability
- risk 0.48cvss 7.3epss 0.01
Windows Hyper-V Elevation of Privilege Vulnerability
- risk 0.48cvss 7.3epss 0.01
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
- risk 0.48cvss 7.0epss 0.27
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
- risk 0.48cvss 7.3epss 0.01
An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker…
- risk 0.48cvss 7.3epss 0.05
A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change,…
- risk 0.48cvss 7.3epss 0.01
An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs;…
- risk 0.48cvss 7.3epss 0.04
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- risk 0.47cvss 4.3epss 0.64
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
- risk 0.47cvss 7.3epss 0.00
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.
- risk 0.47cvss 7.3epss 0.00
Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally.
- risk 0.47cvss 7.3epss 0.01
Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally.
- risk 0.47cvss 6.5epss 0.25
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
- risk 0.47cvss 7.2epss 0.02
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Page 97 of 167