Windows 10 1909
by Microsoft
CVEs (3,249)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-33755 | Med | 0.41 | 6.3 | 0.03 | Jul 14, 2021 | Windows Hyper-V Denial of Service Vulnerability | ||
| CVE-2020-16910 | Med | 0.41 | 6.2 | 0.03 | Oct 16, 2020 | A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location. To exploit this vulnerability, an… | ||
| CVE-2019-1053 | Med | 0.41 | 6.3 | 0.01 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require… | ||
| CVE-2019-0986 | Med | 0.41 | 6.3 | 0.02 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker… | ||
| CVE-2017-0055 | Med | 0.41 | 6.1 | 0.16 | Mar 17, 2017 | Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to perform cross-site… | ||
| CVE-2016-3302 | Med | 0.41 | 6.3 | 0.02 | Sep 14, 2016 | Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607, when the lock screen is enabled, do not properly restrict the loading of web content, which allows physically proximate attackers to execute arbitrary code via a (1) crafted Wi-Fi… | ||
| CVE-2025-29957 | Med | 0.40 | 6.2 | 0.01 | May 13, 2025 | Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally. | ||
| CVE-2025-21278 | Med | 0.40 | 6.2 | 0.01 | Jan 14, 2025 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | ||
| CVE-2025-21202 | Med | 0.40 | 6.1 | 0.01 | Jan 14, 2025 | Windows Recovery Environment Agent Elevation of Privilege Vulnerability | ||
| CVE-2024-38203 | Med | 0.40 | 6.2 | 0.01 | Nov 12, 2024 | Windows Package Library Manager Information Disclosure Vulnerability | ||
| CVE-2024-29064 | Med | 0.40 | 6.2 | 0.01 | Apr 9, 2024 | Windows Hyper-V Denial of Service Vulnerability | ||
| CVE-2024-20665 | Med | 0.40 | 6.1 | 0.01 | Apr 9, 2024 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2023-35341 | Med | 0.40 | 6.2 | 0.01 | Jul 11, 2023 | Microsoft DirectMusic Information Disclosure Vulnerability | ||
| CVE-2023-28269 | Med | 0.40 | 6.2 | 0.01 | Apr 11, 2023 | Windows Boot Manager Security Feature Bypass Vulnerability | ||
| CVE-2023-28249 | Med | 0.40 | 6.2 | 0.01 | Apr 11, 2023 | Windows Boot Manager Security Feature Bypass Vulnerability | ||
| CVE-2023-21697 | Med | 0.40 | 6.2 | 0.01 | Feb 14, 2023 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | ||
| CVE-2022-22048 | Med | 0.40 | 6.1 | 0.01 | Jul 12, 2022 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2021-33765 | Med | 0.40 | 6.2 | 0.01 | Jul 14, 2021 | Windows Installer Spoofing Vulnerability | ||
| CVE-2021-31961 | Med | 0.40 | 6.1 | 0.01 | Jul 14, 2021 | Windows InstallService Elevation of Privilege Vulnerability | ||
| CVE-2021-26413 | Med | 0.40 | 6.2 | 0.01 | Apr 13, 2021 | Windows Installer Spoofing Vulnerability |
- risk 0.41cvss 6.3epss 0.03
Windows Hyper-V Denial of Service Vulnerability
- risk 0.41cvss 6.2epss 0.03
A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location. To exploit this vulnerability, an…
- risk 0.41cvss 6.3epss 0.01
An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require…
- risk 0.41cvss 6.3epss 0.02
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker…
- risk 0.41cvss 6.1epss 0.16
Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to perform cross-site…
- risk 0.41cvss 6.3epss 0.02
Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607, when the lock screen is enabled, do not properly restrict the loading of web content, which allows physically proximate attackers to execute arbitrary code via a (1) crafted Wi-Fi…
- risk 0.40cvss 6.2epss 0.01
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.
- risk 0.40cvss 6.2epss 0.01
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
- risk 0.40cvss 6.1epss 0.01
Windows Recovery Environment Agent Elevation of Privilege Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Package Library Manager Information Disclosure Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Hyper-V Denial of Service Vulnerability
- risk 0.40cvss 6.1epss 0.01
BitLocker Security Feature Bypass Vulnerability
- risk 0.40cvss 6.2epss 0.01
Microsoft DirectMusic Information Disclosure Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Boot Manager Security Feature Bypass Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Boot Manager Security Feature Bypass Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
- risk 0.40cvss 6.1epss 0.01
BitLocker Security Feature Bypass Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Installer Spoofing Vulnerability
- risk 0.40cvss 6.1epss 0.01
Windows InstallService Elevation of Privilege Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Installer Spoofing Vulnerability
Page 120 of 163