Windows 10 1809 Security Vulnerabilities and Issues — Page 5 of Windows 10 1809 CVE List

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process o...

7.8CVSS7.7AI score0.00187EPSS

CVE•added 2023/03/14 5:15 p.m.•321 views

CVE-2023-21708

Remote Procedure Call Runtime Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.04719EPSS

CVE•added 2025/01/14 6:15 p.m.•321 views

CVE-2025-21189

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00189EPSS

CVE•added 2023/05/09 6:15 p.m.•314 views

CVE-2023-29325

Windows OLE Remote Code Execution Vulnerability

8.1CVSS8.8AI score0.2384EPSS

CVE•added 2025/02/11 6:15 p.m.•310 views

CVE-2025-21418

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.04314EPSS

In wild

CVE•added 2023/11/14 6:15 p.m.•307 views

CVE-2023-36705

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00162EPSS

CVE•added 2024/05/14 5:17 p.m.•305 views

CVE-2024-30040

Windows MSHTML Platform Security Feature Bypass Vulnerability

8.8CVSS6.3AI score0.51138EPSS

In wild

CVE•added 2025/06/10 5:22 p.m.•304 views

CVE-2025-33065

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2025/06/10 5:22 p.m.•300 views

CVE-2025-33052

Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally.

5.5CVSS5.3AI score0.00144EPSS

CVE•added 2023/11/28 7:15 a.m.•297 views

CVE-2023-24023

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.

6.8CVSS6.8AI score0.00176EPSS

CVE•added 2023/05/09 6:15 p.m.•297 views

CVE-2023-24943

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.01302EPSS

CVE•added 2025/03/11 5:16 p.m.•296 views

CVE-2025-24054

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.5AI score0.28518EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•294 views

CVE-2024-21408

Windows Hyper-V Denial of Service Vulnerability

5.5CVSS6.8AI score0.00478EPSS

CVE•added 2023/11/14 6:15 p.m.•292 views

CVE-2023-36394

Windows Search Service Elevation of Privilege Vulnerability

7CVSS8.1AI score0.01054EPSS

CVE•added 2018/12/12 12:29 a.m.•286 views

CVE-2018-8639

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server...

8.4CVSS8.5AI score0.28596EPSS

In wild

CVE•added 2024/04/09 5:15 p.m.•281 views

CVE-2024-26229

Windows CSC Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.83008EPSS

CVE•added 2023/05/09 6:15 p.m.•279 views

CVE-2023-29324

Windows MSHTML Platform Security Feature Bypass Vulnerability

6.5CVSS8AI score0.02256EPSS

CVE•added 2024/01/09 6:15 p.m.•279 views

CVE-2024-20674

Windows Kerberos Security Feature Bypass Vulnerability

8.8CVSS8.4AI score0.15936EPSS

CVE•added 2024/08/13 6:15 p.m.•279 views

CVE-2024-38193

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.66421EPSS

In wild

CVE•added 2024/08/13 6:15 p.m.•279 views

CVE-2024-38213

Windows Mark of the Web Security Feature Bypass Vulnerability

6.5CVSS6.5AI score0.75065EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•277 views

CVE-2024-21407

Windows Hyper-V Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.05403EPSS

CVE•added 2023/11/14 6:15 p.m.•274 views

CVE-2023-36719

Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability

7.8CVSS8.5AI score0.00134EPSS

CVE•added 2024/08/13 6:15 p.m.•272 views

CVE-2024-38178

Scripting Engine Memory Corruption Vulnerability

7.5CVSS7.4AI score0.25932EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•270 views

CVE-2024-21438

Microsoft AllJoyn API Denial of Service Vulnerability

7.5CVSS7.6AI score0.03412EPSS

CVE•added 2024/09/10 5:15 p.m.•268 views

CVE-2024-21416

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9AI score0.05887EPSS

CVE•added 2025/06/10 5:23 p.m.•268 views

CVE-2025-33073

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

8.8CVSS8.7AI score0.03645EPSS

CVE•added 2023/02/28 6:15 p.m.•264 views

CVE-2023-1018

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.

5.5CVSS6.5AI score0.00151EPSS

CVE•added 2023/04/11 9:15 p.m.•262 views

CVE-2023-28293

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.07282EPSS

CVE•added 2024/04/09 5:15 p.m.•259 views

CVE-2024-26207

Windows Remote Access Connection Manager Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00465EPSS

Total number of security vulnerabilities1479