Windows 10 1909
by Microsoft
CVEs (3,249)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-49112 | 0.07 | — | 0.71 | Dec 10, 2024 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||
| CVE-2024-38063 | 0.07 | — | 0.71 | Aug 13, 2024 | Windows TCP/IP Remote Code Execution Vulnerability | |||
| CVE-2024-26229 | 0.07 | — | 0.09 | Apr 9, 2024 | Windows CSC Service Elevation of Privilege Vulnerability | |||
| CVE-2025-21298 | 0.06 | — | 0.81 | Jan 14, 2025 | Windows OLE Remote Code Execution Vulnerability | |||
| CVE-2024-38144 | 0.06 | — | 0.32 | Aug 13, 2024 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | |||
| CVE-2015-6104 | 0.06 | — | 0.35 | Nov 11, 2015 | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via… | |||
| CVE-2015-6103 | 0.06 | — | 0.35 | Nov 11, 2015 | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via… | |||
| CVE-2015-2525 | 0.06 | — | 0.33 | Sep 9, 2015 | Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass intended filesystem restrictions and delete arbitrary… | |||
| CVE-2015-2462 | 0.06 | — | 0.36 | Aug 15, 2015 | ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5,… | |||
| CVE-2015-2461 | 0.06 | — | 0.36 | Aug 15, 2015 | ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary… | |||
| CVE-2015-2459 | 0.06 | — | 0.32 | Aug 15, 2015 | ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary… | |||
| CVE-2015-2458 | 0.06 | — | 0.32 | Aug 15, 2015 | ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary… | |||
| CVE-2015-2456 | 0.06 | — | 0.36 | Aug 15, 2015 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1,… | |||
| CVE-2015-2455 | 0.06 | — | 0.37 | Aug 15, 2015 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1,… | |||
| CVE-2025-50154 | 0.05 | — | 0.26 | Aug 12, 2025 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2024-43532 | 0.05 | — | 0.12 | Oct 8, 2024 | Remote Registry Service Elevation of Privilege Vulnerability | |||
| CVE-2024-38030 | 0.05 | — | 0.51 | Jul 9, 2024 | Windows Themes Spoofing Vulnerability | |||
| CVE-2025-47987 | 0.04 | — | 0.02 | Jul 8, 2025 | Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-32724 | 0.04 | — | 0.02 | Jun 10, 2025 | Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | |||
| CVE-2024-30038 | 0.04 | — | 0.03 | May 14, 2024 | Win32k Elevation of Privilege Vulnerability |
- CVE-2024-49112Dec 10, 2024risk 0.07cvss —epss 0.71
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
- CVE-2024-38063Aug 13, 2024risk 0.07cvss —epss 0.71
Windows TCP/IP Remote Code Execution Vulnerability
- CVE-2024-26229Apr 9, 2024risk 0.07cvss —epss 0.09
Windows CSC Service Elevation of Privilege Vulnerability
- CVE-2025-21298Jan 14, 2025risk 0.06cvss —epss 0.81
Windows OLE Remote Code Execution Vulnerability
- CVE-2024-38144Aug 13, 2024risk 0.06cvss —epss 0.32
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2015-6104Nov 11, 2015risk 0.06cvss —epss 0.35
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via…
- CVE-2015-6103Nov 11, 2015risk 0.06cvss —epss 0.35
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via…
- CVE-2015-2525Sep 9, 2015risk 0.06cvss —epss 0.33
Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass intended filesystem restrictions and delete arbitrary…
- CVE-2015-2462Aug 15, 2015risk 0.06cvss —epss 0.36
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5,…
- CVE-2015-2461Aug 15, 2015risk 0.06cvss —epss 0.36
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary…
- CVE-2015-2459Aug 15, 2015risk 0.06cvss —epss 0.32
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary…
- CVE-2015-2458Aug 15, 2015risk 0.06cvss —epss 0.32
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary…
- CVE-2015-2456Aug 15, 2015risk 0.06cvss —epss 0.36
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1,…
- CVE-2015-2455Aug 15, 2015risk 0.06cvss —epss 0.37
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1,…
- CVE-2025-50154Aug 12, 2025risk 0.05cvss —epss 0.26
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
- CVE-2024-43532Oct 8, 2024risk 0.05cvss —epss 0.12
Remote Registry Service Elevation of Privilege Vulnerability
- CVE-2024-38030Jul 9, 2024risk 0.05cvss —epss 0.51
Windows Themes Spoofing Vulnerability
- CVE-2025-47987Jul 8, 2025risk 0.04cvss —epss 0.02
Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
- CVE-2025-32724Jun 10, 2025risk 0.04cvss —epss 0.02
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
- CVE-2024-30038May 14, 2024risk 0.04cvss —epss 0.03
Win32k Elevation of Privilege Vulnerability
Page 123 of 163