Windows 10 1909
by Microsoft
CVEs (3,248)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-8438 | Med | 0.45 | 6.8 | 0.07 | Sep 13, 2018 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2,… | ||
| CVE-2017-8623 | Med | 0.45 | 6.8 | 0.07 | Aug 8, 2017 | Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability". | ||
| CVE-2017-0038 | Med | 0.45 | 5.5 | 0.82 | Feb 20, 2017 | gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive… | ||
| CVE-2025-48818 | Med | 0.44 | 6.8 | 0.00 | Jul 8, 2025 | Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | ||
| CVE-2025-48811 | Med | 0.44 | 6.7 | 0.00 | Jul 8, 2025 | Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-48804 | Med | 0.44 | 6.8 | 0.01 | Jul 8, 2025 | Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | ||
| CVE-2025-48803 | Med | 0.44 | 6.7 | 0.00 | Jul 8, 2025 | Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-48800 | Med | 0.44 | 6.8 | 0.01 | Jul 8, 2025 | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | ||
| CVE-2025-48001 | Med | 0.44 | 6.8 | 0.00 | Jul 8, 2025 | Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | ||
| CVE-2025-26637 | Med | 0.44 | 6.8 | 0.01 | Apr 8, 2025 | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | ||
| CVE-2025-21377 | Med | 0.44 | 6.5 | 0.22 | Feb 11, 2025 | NTLM Hash Disclosure Spoofing Vulnerability | ||
| CVE-2025-21349 | Med | 0.44 | 6.8 | 0.01 | Feb 11, 2025 | Windows Remote Desktop Configuration Service Tampering Vulnerability | ||
| CVE-2025-21211 | Med | 0.44 | 6.8 | 0.01 | Jan 14, 2025 | Secure Boot Security Feature Bypass Vulnerability | ||
| CVE-2024-49082 | Med | 0.44 | 6.8 | 0.02 | Dec 12, 2024 | Windows File Explorer Information Disclosure Vulnerability | ||
| CVE-2024-43645 | Med | 0.44 | 6.7 | 0.01 | Nov 12, 2024 | Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability | ||
| CVE-2024-43643 | Med | 0.44 | 6.8 | 0.01 | Nov 12, 2024 | Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||
| CVE-2024-43638 | Med | 0.44 | 6.8 | 0.01 | Nov 12, 2024 | Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||
| CVE-2024-43637 | Med | 0.44 | 6.8 | 0.01 | Nov 12, 2024 | Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||
| CVE-2024-43634 | Med | 0.44 | 6.8 | 0.01 | Nov 12, 2024 | Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||
| CVE-2024-43449 | Med | 0.44 | 6.8 | 0.01 | Nov 12, 2024 | Windows USB Video Class System Driver Elevation of Privilege Vulnerability |
- risk 0.45cvss 6.8epss 0.07
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2,…
- risk 0.45cvss 6.8epss 0.07
Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability".
- risk 0.45cvss 5.5epss 0.82
gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive…
- risk 0.44cvss 6.8epss 0.00
Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
- risk 0.44cvss 6.7epss 0.00
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
- risk 0.44cvss 6.8epss 0.01
Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
- risk 0.44cvss 6.7epss 0.00
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
- risk 0.44cvss 6.8epss 0.01
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
- risk 0.44cvss 6.8epss 0.00
Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
- risk 0.44cvss 6.8epss 0.01
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
- risk 0.44cvss 6.5epss 0.22
NTLM Hash Disclosure Spoofing Vulnerability
- risk 0.44cvss 6.8epss 0.01
Windows Remote Desktop Configuration Service Tampering Vulnerability
- risk 0.44cvss 6.8epss 0.01
Secure Boot Security Feature Bypass Vulnerability
- risk 0.44cvss 6.8epss 0.02
Windows File Explorer Information Disclosure Vulnerability
- risk 0.44cvss 6.7epss 0.01
Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability
- risk 0.44cvss 6.8epss 0.01
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
- risk 0.44cvss 6.8epss 0.01
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
- risk 0.44cvss 6.8epss 0.01
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
- risk 0.44cvss 6.8epss 0.01
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
- risk 0.44cvss 6.8epss 0.01
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Page 109 of 163