Windows 10 21h1
by Microsoft
CVEs (782)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-26926 | Hig | 0.51 | 7.8 | 0.03 | May 10, 2022 | Windows Address Book Remote Code Execution Vulnerability | ||
| CVE-2022-26795 | Hig | 0.51 | 7.8 | 0.01 | Apr 15, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2013-3900 | Med | 0.51 | 5.5 | 0.45 | KEV | Dec 11, 2013 | Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows… | |
| CVE-2022-26826 | Hig | 0.47 | 7.2 | 0.04 | Apr 15, 2022 | Windows DNS Server Remote Code Execution Vulnerability | ||
| CVE-2022-26934 | Med | 0.44 | 6.5 | 0.03 | May 10, 2022 | Windows Graphics Component Information Disclosure Vulnerability | ||
| CVE-2021-40444 | 0.29 | — | 0.97 | KEV | Sep 15, 2021 | Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker… | ||
| CVE-2021-1675 | 0.29 | — | 0.86 | KEV | Jun 8, 2021 | Windows Print Spooler Remote Code Execution Vulnerability | ||
| CVE-2022-30190 | 0.28 | — | 0.99 | KEV | Jun 1, 2022 | A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then… | ||
| CVE-2021-40449 | 0.28 | — | 0.73 | KEV | Oct 13, 2021 | Win32k Elevation of Privilege Vulnerability | ||
| CVE-2022-21999 | 0.27 | — | 0.42 | KEV | Feb 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2022-44698 | 0.23 | — | 0.76 | KEV | Dec 13, 2022 | Windows SmartScreen Security Feature Bypass Vulnerability | ||
| CVE-2022-26923 | 0.22 | — | 0.83 | KEV | May 10, 2022 | Active Directory Domain Services Elevation of Privilege Vulnerability | ||
| CVE-2022-21882 | 0.22 | — | 0.56 | KEV | Jan 11, 2022 | Win32k Elevation of Privilege Vulnerability | ||
| CVE-2021-36934 | 0.22 | — | 0.67 | KEV | Jul 22, 2021 | An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with… | ||
| CVE-2021-36955 | 0.20 | — | 0.03 | KEV | Sep 15, 2021 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2022-41091 | 0.19 | — | 0.02 | KEV | Nov 9, 2022 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2022-24521 | 0.19 | — | 0.07 | KEV | Apr 15, 2022 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2022-21971 | 0.19 | — | 0.54 | KEV | Feb 9, 2022 | Windows Runtime Remote Code Execution Vulnerability | ||
| CVE-2021-31956 | 0.19 | — | 0.20 | KEV | Jun 8, 2021 | Windows NTFS Elevation of Privilege Vulnerability | ||
| CVE-2022-41073 | 0.18 | — | 0.02 | KEV | Nov 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability |
- risk 0.51cvss 7.8epss 0.03
Windows Address Book Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.51cvss 5.5epss 0.45
Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows…
- risk 0.47cvss 7.2epss 0.04
Windows DNS Server Remote Code Execution Vulnerability
- risk 0.44cvss 6.5epss 0.03
Windows Graphics Component Information Disclosure Vulnerability
- risk 0.29cvss —epss 0.97
Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker…
- risk 0.29cvss —epss 0.86
Windows Print Spooler Remote Code Execution Vulnerability
- risk 0.28cvss —epss 0.99
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then…
- risk 0.28cvss —epss 0.73
Win32k Elevation of Privilege Vulnerability
- risk 0.27cvss —epss 0.42
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.23cvss —epss 0.76
Windows SmartScreen Security Feature Bypass Vulnerability
- risk 0.22cvss —epss 0.83
Active Directory Domain Services Elevation of Privilege Vulnerability
- risk 0.22cvss —epss 0.56
Win32k Elevation of Privilege Vulnerability
- risk 0.22cvss —epss 0.67
An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with…
- risk 0.20cvss —epss 0.03
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.02
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.19cvss —epss 0.07
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.54
Windows Runtime Remote Code Execution Vulnerability
- risk 0.19cvss —epss 0.20
Windows NTFS Elevation of Privilege Vulnerability
- risk 0.18cvss —epss 0.02
Windows Print Spooler Elevation of Privilege Vulnerability
Page 1 of 40