Windows 10 1909
by Microsoft
CVEs (3,248)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-28319 | Hig | 0.49 | 7.5 | 0.09 | Apr 13, 2021 | Windows TCP/IP Driver Denial of Service Vulnerability | ||
| CVE-2021-26881 | Hig | 0.49 | 7.5 | 0.02 | Mar 11, 2021 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | ||
| CVE-2021-26879 | Hig | 0.49 | 7.5 | 0.03 | Mar 11, 2021 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | ||
| CVE-2021-1734 | Hig | 0.49 | 7.5 | 0.04 | Feb 25, 2021 | Windows Remote Procedure Call Information Disclosure Vulnerability | ||
| CVE-2021-1694 | Hig | 0.49 | 7.5 | 0.03 | Jan 12, 2021 | Windows Update Stack Elevation of Privilege Vulnerability | ||
| CVE-2020-16927 | Hig | 0.49 | 7.5 | 0.05 | Oct 16, 2020 | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system… | ||
| CVE-2020-1031 | Hig | 0.49 | 7.5 | 0.05 | Sep 11, 2020 | An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory. To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server. … | ||
| CVE-2020-1013 | Hig | 0.49 | 7.5 | 0.06 | Sep 11, 2020 | An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine. To… | ||
| CVE-2020-0908 | Hig | 0.49 | 7.5 | 0.03 | Sep 11, 2020 | A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system. An attacker could host a specially crafted website that is… | ||
| CVE-2020-1565 | Hig | 0.49 | 7.5 | 0.03 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | ||
| CVE-2020-1459 | Hig | 0.49 | 7.5 | 0.04 | Aug 17, 2020 | An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation." To exploit this vulnerability, an attacker with local privileges would need to run a… | ||
| CVE-2020-1378 | Hig | 0.49 | 7.5 | 0.04 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit… | ||
| CVE-2019-1224 | Hig | 0.49 | 7.5 | 0.08 | Aug 14, 2019 | An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an… | ||
| CVE-2019-1223 | Hig | 0.49 | 7.5 | 0.05 | Aug 14, 2019 | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to… | ||
| CVE-2019-1188 | Hig | 0.49 | 7.5 | 0.04 | Aug 14, 2019 | A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured… | ||
| CVE-2019-1057 | Hig | 0.49 | 7.5 | 0.03 | Aug 14, 2019 | A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability,… | ||
| CVE-2019-0909 | Hig | 0.49 | 7.5 | 0.04 | Jun 12, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | ||
| CVE-2018-8493 | Hig | 0.49 | 7.5 | 0.08 | Oct 10, 2018 | An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10,… | ||
| CVE-2018-8335 | Hig | 0.49 | 7.5 | 0.09 | Sep 13, 2018 | A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,… | ||
| CVE-2018-8251 | Hig | 0.49 | 7.5 | 0.07 | Jun 14, 2018 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server… |
- risk 0.49cvss 7.5epss 0.09
Windows TCP/IP Driver Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.02
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.03
Windows Network Address Translation (NAT) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.04
Windows Remote Procedure Call Information Disclosure Vulnerability
- risk 0.49cvss 7.5epss 0.03
Windows Update Stack Elevation of Privilege Vulnerability
- risk 0.49cvss 7.5epss 0.05
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system…
- risk 0.49cvss 7.5epss 0.05
An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory. To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server. …
- risk 0.49cvss 7.5epss 0.06
An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine. To…
- risk 0.49cvss 7.5epss 0.03
A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system. An attacker could host a specially crafted website that is…
- risk 0.49cvss 7.5epss 0.03
An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- risk 0.49cvss 7.5epss 0.04
An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation." To exploit this vulnerability, an attacker with local privileges would need to run a…
- risk 0.49cvss 7.5epss 0.04
An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit…
- risk 0.49cvss 7.5epss 0.08
An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an…
- risk 0.49cvss 7.5epss 0.05
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to…
- risk 0.49cvss 7.5epss 0.04
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured…
- risk 0.49cvss 7.5epss 0.03
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability,…
- risk 0.49cvss 7.5epss 0.04
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- risk 0.49cvss 7.5epss 0.08
An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10,…
- risk 0.49cvss 7.5epss 0.09
A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,…
- risk 0.49cvss 7.5epss 0.07
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server…
Page 96 of 163