Windows 10 1909
by Microsoft
CVEs (3,249)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-24911 | Med | 0.28 | 4.3 | 0.01 | Mar 14, 2023 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||
| CVE-2022-37981 | Med | 0.28 | 4.3 | 0.02 | Oct 11, 2022 | Windows Event Logging Service Denial of Service Vulnerability | ||
| CVE-2021-24082 | Med | 0.28 | 4.3 | 0.02 | Feb 25, 2021 | Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability | ||
| CVE-2019-1172 | Med | 0.28 | 4.3 | 0.04 | Aug 14, 2019 | An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account. To exploit the vulnerability, an attacker would… | ||
| CVE-2018-8320 | Med | 0.28 | 4.3 | 0.05 | Oct 10, 2018 | A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka "Windows DNS Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008… | ||
| CVE-2017-8648 | Med | 0.28 | 4.3 | 0.06 | Sep 13, 2017 | Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from… | ||
| CVE-2017-8597 | Med | 0.28 | 4.3 | 0.06 | Sep 13, 2017 | Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique… | ||
| CVE-2017-0192 | Med | 0.28 | 4.3 | 0.06 | Apr 12, 2017 | The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive… | ||
| CVE-2022-29127 | Med | 0.27 | 4.2 | 0.01 | May 10, 2022 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2022-24466 | Med | 0.27 | 4.1 | 0.01 | May 10, 2022 | Windows Hyper-V Security Feature Bypass Vulnerability | ||
| CVE-2021-42279 | Med | 0.27 | 4.2 | 0.02 | Nov 10, 2021 | Chakra Scripting Engine Memory Corruption Vulnerability | ||
| CVE-2021-28316 | Med | 0.27 | 4.2 | 0.01 | Apr 13, 2021 | Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability | ||
| CVE-2020-1566 | Med | 0.27 | 4.2 | 0.02 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete… | ||
| CVE-2018-8435 | Med | 0.27 | 4.2 | 0.01 | Sep 13, 2018 | A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | ||
| CVE-2020-1033 | Med | 0.26 | 4.0 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could… | ||
| CVE-2025-26633 | 0.25 | — | 0.32 | KEV | Mar 11, 2025 | Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. | ||
| CVE-2024-30088 | 0.25 | — | 0.68 | KEV | Jun 11, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2018-8449 | Low | 0.25 | 3.3 | 0.03 | Sep 13, 2018 | A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | ||
| CVE-2018-0966 | Low | 0.25 | 3.3 | 0.02 | Apr 12, 2018 | A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | ||
| CVE-2017-0159 | Low | 0.24 | 3.7 | 0.04 | Apr 12, 2017 | A security feature bypass vulnerability exists in Windows 10 1607, Windows Server 2012 R2, and Windows 2016 when ADFS incorrectly treats requests coming from Extranet clients as Intranet requests, aka "ADFS Security Feature Bypass Vulnerability." |
- risk 0.28cvss 4.3epss 0.01
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.02
Windows Event Logging Service Denial of Service Vulnerability
- risk 0.28cvss 4.3epss 0.02
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
- risk 0.28cvss 4.3epss 0.04
An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account. To exploit the vulnerability, an attacker would…
- risk 0.28cvss 4.3epss 0.05
A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka "Windows DNS Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008…
- risk 0.28cvss 4.3epss 0.06
Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from…
- risk 0.28cvss 4.3epss 0.06
Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique…
- risk 0.28cvss 4.3epss 0.06
The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive…
- risk 0.27cvss 4.2epss 0.01
BitLocker Security Feature Bypass Vulnerability
- risk 0.27cvss 4.1epss 0.01
Windows Hyper-V Security Feature Bypass Vulnerability
- risk 0.27cvss 4.2epss 0.02
Chakra Scripting Engine Memory Corruption Vulnerability
- risk 0.27cvss 4.2epss 0.01
Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
- risk 0.27cvss 4.2epss 0.02
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete…
- risk 0.27cvss 4.2epss 0.01
A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
- risk 0.26cvss 4.0epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could…
- risk 0.25cvss —epss 0.32
Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
- risk 0.25cvss —epss 0.68
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.25cvss 3.3epss 0.03
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
- risk 0.25cvss 3.3epss 0.02
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
- risk 0.24cvss 3.7epss 0.04
A security feature bypass vulnerability exists in Windows 10 1607, Windows Server 2012 R2, and Windows 2016 when ADFS incorrectly treats requests coming from Extranet clients as Intranet requests, aka "ADFS Security Feature Bypass Vulnerability."
Page 122 of 163