Windows 10 1909
by Microsoft
CVEs (3,248)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-21227 | Med | 0.43 | 6.6 | 0.01 | Jan 14, 2025 | Windows Digital Media Elevation of Privilege Vulnerability | ||
| CVE-2025-21226 | Med | 0.43 | 6.6 | 0.01 | Jan 14, 2025 | Windows Digital Media Elevation of Privilege Vulnerability | ||
| CVE-2024-38049 | Med | 0.43 | 6.6 | 0.02 | Jul 9, 2024 | Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability | ||
| CVE-2024-20666 | Med | 0.43 | 6.6 | 0.03 | Jan 9, 2024 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2023-21560 | Med | 0.43 | 6.6 | 0.01 | Jan 10, 2023 | Windows Boot Manager Security Feature Bypass Vulnerability | ||
| CVE-2022-38032 | Med | 0.43 | 6.6 | 0.01 | Oct 11, 2022 | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | ||
| CVE-2022-30205 | Med | 0.43 | 6.6 | 0.01 | Jul 12, 2022 | Windows Group Policy Elevation of Privilege Vulnerability | ||
| CVE-2022-22023 | Med | 0.43 | 6.6 | 0.01 | Jul 12, 2022 | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | ||
| CVE-2021-43216 | Med | 0.43 | 6.5 | 0.03 | Dec 15, 2021 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | ||
| CVE-2021-28442 | Med | 0.43 | 6.5 | 0.06 | Apr 13, 2021 | Windows TCP/IP Information Disclosure Vulnerability | ||
| CVE-2021-28323 | Med | 0.43 | 6.5 | 0.04 | Apr 13, 2021 | Windows DNS Information Disclosure Vulnerability | ||
| CVE-2021-1679 | Med | 0.43 | 6.5 | 0.03 | Jan 12, 2021 | Windows CryptoAPI Denial of Service Vulnerability | ||
| CVE-2021-1646 | Med | 0.43 | 6.6 | 0.01 | Jan 12, 2021 | Windows WLAN Service Elevation of Privilege Vulnerability | ||
| CVE-2020-1590 | Med | 0.43 | 6.6 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the… | ||
| CVE-2020-1159 | Med | 0.43 | 6.6 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a… | ||
| CVE-2020-1146 | Med | 0.43 | 6.6 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to… | ||
| CVE-2020-1130 | Med | 0.43 | 6.6 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this… | ||
| CVE-2020-1097 | Med | 0.43 | 6.5 | 0.05 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple… | ||
| CVE-2020-1091 | Med | 0.43 | 6.5 | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple… | ||
| CVE-2019-1025 | Med | 0.43 | 6.5 | 0.05 | Jun 12, 2019 | A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected… |
- risk 0.43cvss 6.6epss 0.01
Windows Digital Media Elevation of Privilege Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Digital Media Elevation of Privilege Vulnerability
- risk 0.43cvss 6.6epss 0.02
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
- risk 0.43cvss 6.6epss 0.03
BitLocker Security Feature Bypass Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Boot Manager Security Feature Bypass Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Group Policy Elevation of Privilege Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
- risk 0.43cvss 6.5epss 0.03
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.06
Windows TCP/IP Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.04
Windows DNS Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.03
Windows CryptoAPI Denial of Service Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows WLAN Service Elevation of Privilege Vulnerability
- risk 0.43cvss 6.6epss 0.01
An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the…
- risk 0.43cvss 6.6epss 0.01
An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a…
- risk 0.43cvss 6.6epss 0.01
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to…
- risk 0.43cvss 6.6epss 0.01
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this…
- risk 0.43cvss 6.5epss 0.05
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple…
- risk 0.43cvss 6.5epss 0.04
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple…
- risk 0.43cvss 6.5epss 0.05
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected…
Page 114 of 163