Windows 10 1909
by Microsoft
CVEs (3,249)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-38629 | Med | 0.42 | 6.5 | 0.02 | Sep 15, 2021 | Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability | ||
| CVE-2021-38624 | Med | 0.42 | 6.5 | 0.01 | Sep 15, 2021 | Windows Key Storage Provider Security Feature Bypass Vulnerability | ||
| CVE-2021-34507 | Med | 0.42 | 6.5 | 0.03 | Jul 14, 2021 | Windows Remote Assistance Information Disclosure Vulnerability | ||
| CVE-2021-33783 | Med | 0.42 | 6.5 | 0.03 | Jul 14, 2021 | Windows SMB Information Disclosure Vulnerability | ||
| CVE-2021-31959 | Med | 0.42 | 6.4 | 0.09 | Jun 8, 2021 | Scripting Engine Memory Corruption Vulnerability | ||
| CVE-2021-28441 | Med | 0.42 | 6.5 | 0.01 | Apr 13, 2021 | Windows Hyper-V Information Disclosure Vulnerability | ||
| CVE-2021-28328 | Med | 0.42 | 6.5 | 0.02 | Apr 13, 2021 | Windows DNS Information Disclosure Vulnerability | ||
| CVE-2021-28311 | Med | 0.42 | 6.5 | 0.03 | Apr 13, 2021 | Windows Application Compatibility Cache Denial of Service Vulnerability | ||
| CVE-2021-24080 | Med | 0.42 | 6.5 | 0.03 | Feb 25, 2021 | Windows Trust Verification API Denial of Service Vulnerability | ||
| CVE-2020-17040 | Med | 0.42 | 6.5 | 0.03 | Nov 11, 2020 | Windows Hyper-V Security Feature Bypass Vulnerability | ||
| CVE-2020-0904 | Med | 0.42 | 6.5 | 0.01 | Sep 11, 2020 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest… | ||
| CVE-2020-0890 | Med | 0.42 | 6.5 | 0.03 | Sep 11, 2020 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest… | ||
| CVE-2019-1198 | Med | 0.42 | 6.5 | 0.02 | Aug 14, 2019 | An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the… | ||
| CVE-2019-1043 | Med | 0.42 | 6.4 | 0.03 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the… | ||
| CVE-2018-8592 | Med | 0.42 | 6.4 | 0.01 | Nov 14, 2018 | An elevation of privilege vulnerability exists in Windows 10 version 1809 when installed from physical media (USB, DVD, etc, aka "Windows Elevation Of Privilege Vulnerability." This affects Windows 10, Windows Server 2019. | ||
| CVE-2017-0174 | Med | 0.42 | 6.5 | 0.03 | Aug 8, 2017 | Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it improperly handles NetBIOS packets, aka… | ||
| CVE-2016-3371 | Med | 0.42 | 5.5 | 0.40 | Sep 14, 2016 | The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain sensitive… | ||
| CVE-2024-28898 | Med | 0.41 | 6.3 | 0.01 | Apr 9, 2024 | Secure Boot Security Feature Bypass Vulnerability | ||
| CVE-2022-21928 | Med | 0.41 | 6.3 | 0.01 | Jan 11, 2022 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | ||
| CVE-2021-34500 | Med | 0.41 | 6.3 | 0.02 | Jul 14, 2021 | Windows Kernel Memory Information Disclosure Vulnerability |
- risk 0.42cvss 6.5epss 0.02
Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability
- risk 0.42cvss 6.5epss 0.01
Windows Key Storage Provider Security Feature Bypass Vulnerability
- risk 0.42cvss 6.5epss 0.03
Windows Remote Assistance Information Disclosure Vulnerability
- risk 0.42cvss 6.5epss 0.03
Windows SMB Information Disclosure Vulnerability
- risk 0.42cvss 6.4epss 0.09
Scripting Engine Memory Corruption Vulnerability
- risk 0.42cvss 6.5epss 0.01
Windows Hyper-V Information Disclosure Vulnerability
- risk 0.42cvss 6.5epss 0.02
Windows DNS Information Disclosure Vulnerability
- risk 0.42cvss 6.5epss 0.03
Windows Application Compatibility Cache Denial of Service Vulnerability
- risk 0.42cvss 6.5epss 0.03
Windows Trust Verification API Denial of Service Vulnerability
- risk 0.42cvss 6.5epss 0.03
Windows Hyper-V Security Feature Bypass Vulnerability
- risk 0.42cvss 6.5epss 0.01
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest…
- risk 0.42cvss 6.5epss 0.03
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest…
- risk 0.42cvss 6.5epss 0.02
An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
- risk 0.42cvss 6.4epss 0.03
A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the…
- risk 0.42cvss 6.4epss 0.01
An elevation of privilege vulnerability exists in Windows 10 version 1809 when installed from physical media (USB, DVD, etc, aka "Windows Elevation Of Privilege Vulnerability." This affects Windows 10, Windows Server 2019.
- risk 0.42cvss 6.5epss 0.03
Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it improperly handles NetBIOS packets, aka…
- risk 0.42cvss 5.5epss 0.40
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain sensitive…
- risk 0.41cvss 6.3epss 0.01
Secure Boot Security Feature Bypass Vulnerability
- risk 0.41cvss 6.3epss 0.01
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
- risk 0.41cvss 6.3epss 0.02
Windows Kernel Memory Information Disclosure Vulnerability
Page 119 of 163