Windows 10 1909
by Microsoft
CVEs (3,251)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-30080 | 0.01 | — | 0.43 | Jun 11, 2024 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||
| CVE-2024-30050 | 0.01 | — | 0.11 | May 14, 2024 | Windows Mark of the Web Security Feature Bypass Vulnerability | |||
| CVE-2024-30017 | 0.01 | — | 0.02 | May 14, 2024 | Windows Hyper-V Remote Code Execution Vulnerability | |||
| CVE-2024-26211 | 0.01 | — | 0.04 | Apr 9, 2024 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | |||
| CVE-2024-26209 | 0.01 | — | 0.15 | Apr 9, 2024 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | |||
| CVE-2024-26183 | 0.01 | — | 0.02 | Apr 9, 2024 | Windows Kerberos Denial of Service Vulnerability | |||
| CVE-2024-20678 | 0.01 | — | 0.03 | Apr 9, 2024 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||
| CVE-2024-26158 | 0.01 | — | 0.12 | Apr 9, 2024 | Microsoft Install Service Elevation of Privilege Vulnerability | |||
| CVE-2024-21407 | 0.01 | — | 0.16 | Mar 12, 2024 | Windows Hyper-V Remote Code Execution Vulnerability | |||
| CVE-2024-21357 | 0.01 | — | 0.27 | Feb 13, 2024 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |||
| CVE-2015-6107 | 0.01 | — | 0.18 | Dec 9, 2015 | The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10 Gold and 1511, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for… | |||
| CVE-2015-6111 | 0.01 | — | 0.08 | Nov 11, 2015 | IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated users to cause a denial of service (system hang) via crafted IP traffic, aka… | |||
| CVE-2015-2530 | 0.01 | — | 0.16 | Sep 9, 2015 | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka… | |||
| CVE-2015-2519 | 0.01 | — | 0.14 | Sep 9, 2015 | Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted… | |||
| CVE-2015-2516 | 0.01 | — | 0.12 | Sep 9, 2015 | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (data loss) via a crafted .jnt… | |||
| CVE-2015-2514 | 0.01 | — | 0.15 | Sep 9, 2015 | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka… | |||
| CVE-2015-2506 | 0.01 | — | 0.16 | Sep 9, 2015 | atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service… | |||
| CVE-2025-64680 | 0.00 | — | 0.00 | Dec 9, 2025 | Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-64679 | 0.00 | — | 0.00 | Dec 9, 2025 | Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-62209 | 0.00 | — | 0.00 | Nov 11, 2025 | Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. |
- CVE-2024-30080Jun 11, 2024risk 0.01cvss —epss 0.43
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
- CVE-2024-30050May 14, 2024risk 0.01cvss —epss 0.11
Windows Mark of the Web Security Feature Bypass Vulnerability
- CVE-2024-30017May 14, 2024risk 0.01cvss —epss 0.02
Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2024-26211Apr 9, 2024risk 0.01cvss —epss 0.04
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- CVE-2024-26209Apr 9, 2024risk 0.01cvss —epss 0.15
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
- CVE-2024-26183Apr 9, 2024risk 0.01cvss —epss 0.02
Windows Kerberos Denial of Service Vulnerability
- CVE-2024-20678Apr 9, 2024risk 0.01cvss —epss 0.03
Remote Procedure Call Runtime Remote Code Execution Vulnerability
- CVE-2024-26158Apr 9, 2024risk 0.01cvss —epss 0.12
Microsoft Install Service Elevation of Privilege Vulnerability
- CVE-2024-21407Mar 12, 2024risk 0.01cvss —epss 0.16
Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2024-21357Feb 13, 2024risk 0.01cvss —epss 0.27
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
- CVE-2015-6107Dec 9, 2015risk 0.01cvss —epss 0.18
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10 Gold and 1511, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for…
- CVE-2015-6111Nov 11, 2015risk 0.01cvss —epss 0.08
IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated users to cause a denial of service (system hang) via crafted IP traffic, aka…
- CVE-2015-2530Sep 9, 2015risk 0.01cvss —epss 0.16
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka…
- CVE-2015-2519Sep 9, 2015risk 0.01cvss —epss 0.14
Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted…
- CVE-2015-2516Sep 9, 2015risk 0.01cvss —epss 0.12
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (data loss) via a crafted .jnt…
- CVE-2015-2514Sep 9, 2015risk 0.01cvss —epss 0.15
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka…
- CVE-2015-2506Sep 9, 2015risk 0.01cvss —epss 0.16
atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service…
- CVE-2025-64680Dec 9, 2025risk 0.00cvss —epss 0.00
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2025-64679Dec 9, 2025risk 0.00cvss —epss 0.00
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2025-62209Nov 11, 2025risk 0.00cvss —epss 0.00
Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.
Page 128 of 163