Windows 10 1909
by Microsoft
CVEs (3,249)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-21900 | Med | 0.30 | 4.6 | 0.01 | Jan 11, 2022 | Windows Hyper-V Security Feature Bypass Vulnerability | ||
| CVE-2018-8566 | Med | 0.30 | 4.6 | 0.01 | Nov 14, 2018 | A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption, aka "BitLocker Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. | ||
| CVE-2018-8253 | Med | 0.30 | 4.6 | 0.02 | Aug 15, 2018 | An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka "Microsoft Cortana Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10. | ||
| CVE-2023-36722 | Med | 0.29 | 4.4 | 0.01 | Oct 10, 2023 | Active Directory Domain Services Information Disclosure Vulnerability | ||
| CVE-2023-28276 | Med | 0.29 | 4.4 | 0.00 | Apr 11, 2023 | Windows Group Policy Security Feature Bypass Vulnerability | ||
| CVE-2022-22010 | Med | 0.29 | 4.4 | 0.02 | Mar 9, 2022 | Media Foundation Information Disclosure Vulnerability | ||
| CVE-2022-21894 | Med | 0.29 | 4.4 | 0.07 | Jan 11, 2022 | Secure Boot Security Feature Bypass Vulnerability | ||
| CVE-2021-41371 | Med | 0.29 | 4.4 | 0.01 | Nov 10, 2021 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | ||
| CVE-2021-38631 | Med | 0.29 | 4.4 | 0.02 | Nov 10, 2021 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | ||
| CVE-2021-28447 | Med | 0.29 | 4.4 | 0.02 | Apr 13, 2021 | Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability | ||
| CVE-2021-27094 | Med | 0.29 | 4.4 | 0.01 | Apr 13, 2021 | Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability | ||
| CVE-2020-1592 | Med | 0.29 | 4.4 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this… | ||
| CVE-2020-1589 | Med | 0.29 | 4.4 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an… | ||
| CVE-2019-0941 | Med | 0.29 | 4.4 | 0.03 | Jun 12, 2019 | A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. To… | ||
| CVE-2018-8201 | Med | 0.29 | 4.5 | 0.02 | Jun 14, 2018 | A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10,… | ||
| CVE-2017-11818 | Med | 0.29 | 4.5 | 0.01 | Oct 13, 2017 | The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka… | ||
| CVE-2017-0164 | Med | 0.29 | 4.4 | 0.04 | Apr 12, 2017 | A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability." | ||
| CVE-2017-0057 | Med | 0.29 | 4.3 | 0.14 | Mar 17, 2017 | DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convincing a workstation user to… | ||
| CVE-2016-3287 | Med | 0.29 | 4.4 | 0.01 | Jul 13, 2016 | Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative access to install a crafted policy, aka "Secure Boot Security Feature Bypass." | ||
| CVE-2023-21729 | Med | 0.28 | 4.3 | 0.01 | Apr 11, 2023 | Remote Procedure Call Runtime Information Disclosure Vulnerability |
- risk 0.30cvss 4.6epss 0.01
Windows Hyper-V Security Feature Bypass Vulnerability
- risk 0.30cvss 4.6epss 0.01
A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption, aka "BitLocker Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.
- risk 0.30cvss 4.6epss 0.02
An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka "Microsoft Cortana Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10.
- risk 0.29cvss 4.4epss 0.01
Active Directory Domain Services Information Disclosure Vulnerability
- risk 0.29cvss 4.4epss 0.00
Windows Group Policy Security Feature Bypass Vulnerability
- risk 0.29cvss 4.4epss 0.02
Media Foundation Information Disclosure Vulnerability
- risk 0.29cvss 4.4epss 0.07
Secure Boot Security Feature Bypass Vulnerability
- risk 0.29cvss 4.4epss 0.01
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
- risk 0.29cvss 4.4epss 0.02
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
- risk 0.29cvss 4.4epss 0.02
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
- risk 0.29cvss 4.4epss 0.01
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
- risk 0.29cvss 4.4epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this…
- risk 0.29cvss 4.4epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an…
- risk 0.29cvss 4.4epss 0.03
A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. To…
- risk 0.29cvss 4.5epss 0.02
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10,…
- risk 0.29cvss 4.5epss 0.01
The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka…
- risk 0.29cvss 4.4epss 0.04
A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability."
- risk 0.29cvss 4.3epss 0.14
DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convincing a workstation user to…
- risk 0.29cvss 4.4epss 0.01
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative access to install a crafted policy, aka "Secure Boot Security Feature Bypass."
- risk 0.28cvss 4.3epss 0.01
Remote Procedure Call Runtime Information Disclosure Vulnerability
Page 121 of 163