Windows 10 1909
by Microsoft
CVEs (3,248)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-42284 | Med | 0.44 | 6.8 | 0.03 | Nov 10, 2021 | Windows Hyper-V Denial of Service Vulnerability | ||
| CVE-2021-41342 | Med | 0.44 | 6.8 | 0.02 | Oct 13, 2021 | Windows MSHTML Platform Remote Code Execution Vulnerability | ||
| CVE-2021-34534 | Med | 0.44 | 6.8 | 0.02 | Aug 12, 2021 | Windows MSHTML Platform Remote Code Execution Vulnerability | ||
| CVE-2021-34447 | Med | 0.44 | 6.8 | 0.02 | Jul 16, 2021 | Windows MSHTML Platform Remote Code Execution Vulnerability | ||
| CVE-2021-34497 | Med | 0.44 | 6.8 | 0.02 | Jul 14, 2021 | Windows MSHTML Platform Remote Code Execution Vulnerability | ||
| CVE-2021-34493 | Med | 0.44 | 6.7 | 0.01 | Jul 14, 2021 | Windows Partition Management Driver Elevation of Privilege Vulnerability | ||
| CVE-2021-31971 | Med | 0.44 | 6.8 | 0.02 | Jun 8, 2021 | Windows HTML Platforms Security Feature Bypass Vulnerability | ||
| CVE-2021-27092 | Med | 0.44 | 6.8 | 0.03 | Apr 13, 2021 | Azure AD Web Sign-in Security Feature Bypass Vulnerability | ||
| CVE-2020-17099 | Med | 0.44 | 6.8 | 0.01 | Dec 10, 2020 | Windows Lock Screen Security Feature Bypass Vulnerability | ||
| CVE-2020-16905 | Med | 0.44 | 6.8 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it. An attacker who successfully exploited the… | ||
| CVE-2020-0951 | Med | 0.44 | 6.7 | 0.07 | Sep 11, 2020 | A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by… | ||
| CVE-2019-0713 | Med | 0.44 | 6.8 | 0.02 | Jun 12, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,… | ||
| CVE-2019-0711 | Med | 0.44 | 6.8 | 0.02 | Jun 12, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,… | ||
| CVE-2019-0710 | Med | 0.44 | 6.8 | 0.02 | Jun 12, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,… | ||
| CVE-2018-8140 | Med | 0.44 | 6.8 | 0.02 | Jun 14, 2018 | An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status, aka "Cortana Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. | ||
| CVE-2018-3639 | Med | 0.44 | 5.5 | 0.61 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,… | ||
| CVE-2017-8628 | Med | 0.44 | 6.8 | 0.02 | Sep 13, 2017 | Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability". | ||
| CVE-2016-7210 | Med | 0.44 | 6.5 | 0.21 | Nov 10, 2016 | atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from… | ||
| CVE-2016-3374 | Med | 0.44 | 6.5 | 0.26 | Sep 14, 2016 | The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a… | ||
| CVE-2016-3370 | Med | 0.44 | 6.5 | 0.22 | Sep 14, 2016 | The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a… |
- risk 0.44cvss 6.8epss 0.03
Windows Hyper-V Denial of Service Vulnerability
- risk 0.44cvss 6.8epss 0.02
Windows MSHTML Platform Remote Code Execution Vulnerability
- risk 0.44cvss 6.8epss 0.02
Windows MSHTML Platform Remote Code Execution Vulnerability
- risk 0.44cvss 6.8epss 0.02
Windows MSHTML Platform Remote Code Execution Vulnerability
- risk 0.44cvss 6.8epss 0.02
Windows MSHTML Platform Remote Code Execution Vulnerability
- risk 0.44cvss 6.7epss 0.01
Windows Partition Management Driver Elevation of Privilege Vulnerability
- risk 0.44cvss 6.8epss 0.02
Windows HTML Platforms Security Feature Bypass Vulnerability
- risk 0.44cvss 6.8epss 0.03
Azure AD Web Sign-in Security Feature Bypass Vulnerability
- risk 0.44cvss 6.8epss 0.01
Windows Lock Screen Security Feature Bypass Vulnerability
- risk 0.44cvss 6.8epss 0.01
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successfully exploit it. An attacker who successfully exploited the…
- risk 0.44cvss 6.7epss 0.07
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by…
- risk 0.44cvss 6.8epss 0.02
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,…
- risk 0.44cvss 6.8epss 0.02
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,…
- risk 0.44cvss 6.8epss 0.02
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,…
- risk 0.44cvss 6.8epss 0.02
An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status, aka "Cortana Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10.
- risk 0.44cvss 5.5epss 0.61
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,…
- risk 0.44cvss 6.8epss 0.02
Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability".
- risk 0.44cvss 6.5epss 0.21
atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from…
- risk 0.44cvss 6.5epss 0.26
The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a…
- risk 0.44cvss 6.5epss 0.22
The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a…
Page 112 of 163