Windows 10 1909 Security Vulnerabilities and Issues — Windows 10 1909 CVE List

Lucene search

MicrosoftWindows 10 1909

972 matches found

CVE•added 2013/12/11 12:55 a.m.•3072 views

CVE-2013-3900

Why is Microsoft republishing a CVE from 2013?We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the format i...

8.8CVSS7.4AI score0.72505EPSS

CVE•added 2021/06/08 11:15 p.m.•2030 views

CVE-2021-1675

Windows Print Spooler Remote Code Execution Vulnerability

9.3CVSS8.8AI score0.94349EPSS

CVE•added 2020/03/12 4:15 p.m.•2026 views

CVE-2020-0796

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

10CVSS9.1AI score0.94424EPSS

CVE•added 2021/09/15 12:15 p.m.•1455 views

CVE-2021-40444

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.An attacker could craft a malicious ActiveX c...

8.8CVSS7.3AI score0.94291EPSS

CVE•added 2020/03/12 4:15 p.m.•1387 views

CVE-2020-0787

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.60201EPSS

CVE•added 2021/10/13 1:15 a.m.•1376 views

CVE-2021-40449

Win32k Elevation of Privilege Vulnerability

7.8CVSS8AI score0.83756EPSS

CVE•added 2021/02/25 11:15 p.m.•1369 views

CVE-2021-1732

Windows Win32k Elevation of Privilege Vulnerability

7.8CVSS8AI score0.90196EPSS

CVE•added 2022/04/15 7:15 p.m.•1329 views

CVE-2022-24521

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.9AI score0.02729EPSS

CVE•added 2020/01/14 11:15 p.m.•1295 views

CVE-2020-0601

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, l...

8.1CVSS7.6AI score0.94044EPSS

CVE•added 2022/01/11 9:15 p.m.•1258 views

CVE-2022-21882

Win32k Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.87193EPSS

CVE•added 2020/06/09 8:15 p.m.•1250 views

CVE-2020-0986

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/11/11 7:15 a.m.•1247 views

CVE-2020-17087

Windows Kernel Local Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.15084EPSS

CVE•added 2022/02/09 5:15 p.m.•1212 views

CVE-2022-21971

Windows Runtime Remote Code Execution Vulnerability

9.3CVSS8.3AI score0.83939EPSS

CVE•added 2020/04/15 3:15 p.m.•1204 views

CVE-2020-1020

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

8.8CVSS8.2AI score0.8787EPSS

CVE•added 2021/07/22 7:15 a.m.•1196 views

CVE-2021-36934

An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An att...

7.8CVSS8.1AI score0.89818EPSS

CVE•added 2022/02/09 5:15 p.m.•1190 views

CVE-2022-22718

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.0674EPSS

CVE•added 2020/02/11 10:15 p.m.•1172 views

CVE-2020-0683

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.

7.8CVSS8AI score0.27418EPSS

CVE•added 2021/11/10 1:19 a.m.•1168 views

CVE-2021-41379

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS7AI score0.04121EPSS

CVE•added 2022/02/09 5:15 p.m.•1168 views

CVE-2022-21999

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.60979EPSS

CVE•added 2021/06/08 11:15 p.m.•1164 views

CVE-2021-31956

Windows NTFS Elevation of Privilege Vulnerability

9.3CVSS8.5AI score0.85551EPSS

CVE•added 2020/05/21 11:15 p.m.•1152 views

CVE-2020-1054

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.

7.8CVSS7.8AI score0.80651EPSS

CVE•added 2022/05/10 9:15 p.m.•1151 views

CVE-2022-26925

Windows LSA Spoofing Vulnerability

8.1CVSS7.5AI score0.29421EPSS

CVE•added 2021/08/12 6:15 p.m.•1147 views

CVE-2021-36948

Windows Update Medic Service Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.00129EPSS

CVE•added 2021/08/12 6:15 p.m.•1146 views

CVE-2021-34484

Windows User Profile Service Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.06173EPSS

CVE•added 2021/06/08 11:15 p.m.•1144 views

CVE-2021-33742

Windows MSHTML Platform Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.57248EPSS

CVE•added 2021/07/16 9:15 p.m.•1136 views

CVE-2021-34448

Scripting Engine Memory Corruption Vulnerability

9.3CVSS7.4AI score0.02062EPSS

CVE•added 2021/06/08 11:15 p.m.•1134 views

CVE-2021-31199

Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

7.8CVSS7.2AI score0.00462EPSS

CVE•added 2021/07/14 6:15 p.m.•1134 views

CVE-2021-31979

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.01032EPSS

CVE•added 2021/06/08 11:15 p.m.•1130 views

CVE-2021-31201

Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

7.8CVSS7.2AI score0.00172EPSS

CVE•added 2021/06/08 11:15 p.m.•1128 views

CVE-2021-31955

Windows Kernel Information Disclosure Vulnerability

5.5CVSS6.3AI score0.14639EPSS

CVE•added 2021/06/08 11:15 p.m.•1116 views

CVE-2021-33739

Microsoft DWM Core Library Elevation of Privilege Vulnerability

8.4CVSS7.8AI score0.12897EPSS

CVE•added 2021/07/14 6:15 p.m.•1109 views

CVE-2021-33771

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.01694EPSS

CVE•added 2020/08/17 7:15 p.m.•1102 views

CVE-2020-1464

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.In an attack scenario, an attacker could bypass security features intended to prevent imprope...

7.8CVSS7.3AI score0.05831EPSS

CVE•added 2022/01/11 9:15 p.m.•1102 views

CVE-2022-21919

Windows User Profile Service Elevation of Privilege Vulnerability

7CVSS8.2AI score0.00684EPSS

CVE•added 2021/04/13 8:15 p.m.•1098 views

CVE-2021-28310

Win32k Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.26523EPSS

CVE•added 2021/09/15 12:15 p.m.•1084 views

CVE-2021-36955

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8AI score0.18971EPSS

CVE•added 2022/04/15 7:15 p.m.•1072 views

CVE-2022-26904

Windows User Profile Service Elevation of Privilege Vulnerability

7CVSS8.2AI score0.27769EPSS

CVE•added 2020/04/15 3:15 p.m.•1068 views

CVE-2020-0938

7.8CVSS8.2AI score0.8787EPSS

CVE•added 2020/04/15 3:15 p.m.•1062 views

CVE-2020-1027

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.

7.8CVSS8AI score0.13396EPSS

CVE•added 2021/10/13 1:15 a.m.•1050 views

CVE-2021-40450

Win32k Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.15082EPSS

CVE•added 2021/08/12 6:15 p.m.•1044 views

CVE-2021-34486

Windows Event Tracing Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.28855EPSS

CVE•added 2022/05/10 9:15 p.m.•1024 views

CVE-2022-26923

Active Directory Domain Services Elevation of Privilege Vulnerability

9CVSS9.2AI score0.91618EPSS

CVE•added 2020/01/14 11:15 p.m.•1010 views

CVE-2020-0638

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.

7.8CVSS8.6AI score0.08245EPSS

CVE•added 2022/04/15 7:15 p.m.•626 views

CVE-2022-26809

Remote Procedure Call Runtime Remote Code Execution Vulnerability

10CVSS9.6AI score0.92281EPSS

CVE•added 2022/05/10 9:15 p.m.•583 views

CVE-2022-29130

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.06808EPSS

CVE•added 2022/05/10 9:15 p.m.•406 views

CVE-2022-22012

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability