Windows 10 1909 Security Vulnerabilities and Issues — Page 18 of Windows 10 1909 CVE List

6.2CVSS7.2AI score0.00517EPSS

CVE-2021-26413

Windows Installer Spoofing Vulnerability

CVE•added 2021/03/11 4:15 p.m.•88 views

CVE-2021-26875

Windows Win32k Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00378EPSS

CVE•added 2021/03/11 4:15 p.m.•88 views

CVE-2021-26876

OpenType Font Parsing Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.14566EPSS

CVE•added 2021/03/11 4:15 p.m.•88 views

CVE-2021-27077

Windows Win32k Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.02391EPSS

7.8CVSS7.8AI score0.00513EPSS

CVE-2021-28314

Windows Hyper-V Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.00681EPSS

CVE-2021-28347

Windows Speech Runtime Elevation of Privilege Vulnerability

7.1CVSS6.6AI score0.0099EPSS

CVE-2021-28446

Windows Portmapping Information Disclosure Vulnerability

7.6CVSS8AI score0.05083EPSS

CVE-2020-0908

A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system.An attacker could host a specially crafted website that is designed to exploit the vulnerabil...

5.5CVSS4.7AI score0.00986EPSS

CVE-2020-0928

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...

8.8CVSS8.7AI score0.14862EPSS

CVE-2020-1129

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or cre...

7.8CVSS8.1AI score0.00529EPSS

CVE-2020-1491

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could...

CVE•added 2020/10/16 11:15 p.m.•87 views

CVE-2020-16973

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS8.2AI score0.00524EPSS

CVE•added 2020/11/11 7:15 a.m.•87 views

CVE-2020-17030

Windows MSCTF Server Information Disclosure Vulnerability

5.5CVSS5.9AI score0.00606EPSS

CVE•added 2020/11/11 7:15 a.m.•87 views

CVE-2020-17056

Windows Network File System Information Disclosure Vulnerability

5.5CVSS7AI score0.00448EPSS

CVE•added 2021/02/25 11:15 p.m.•87 views

CVE-2021-24076

Microsoft Windows VMSwitch Information Disclosure Vulnerability

5.5CVSS6.9AI score0.00285EPSS

CVE•added 2021/04/13 8:15 p.m.•87 views

CVE-2021-28311

Windows Application Compatibility Cache Denial of Service Vulnerability

6.5CVSS7.3AI score0.01256EPSS

CVE•added 2021/04/13 8:15 p.m.•87 views

CVE-2021-28316

Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability

4.6CVSS6.1AI score0.00314EPSS

CVE•added 2021/04/13 8:15 p.m.•87 views

CVE-2021-28436

Windows Speech Runtime Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.00513EPSS

CVE•added 2022/04/15 7:15 p.m.•87 views

CVE-2022-24486

Windows Kerberos Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00297EPSS

5.3CVSS6.7AI score0.0137EPSS

CVE-2020-0837

An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication factors.To exploit this vulnerabil...

7.8CVSS8.1AI score0.00502EPSS

CVE-2020-0839

An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially craft...

5.5CVSS6.7AI score0.01084EPSS

CVE-2020-0921

Microsoft Graphics Component Denial of Service Vulnerability

7.2CVSS7.7AI score0.02554EPSS

CVE-2020-0951

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC.To exploit the vulnerabil...

CVE•added 2020/07/14 11:15 p.m.•86 views

CVE-2020-1336

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially cra...

7.8CVSS7.8AI score0.00387EPSS

7.8CVSS7.7AI score0.01427EPSS

CVE-2020-1471

An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.To exploit the vulnerability, an attacker would have to log on to an aff...

CVE•added 2020/10/16 11:15 p.m.•86 views

CVE-2020-16912

7.8CVSS8.2AI score0.00542EPSS

CVE•added 2020/11/11 7:15 a.m.•86 views

CVE-2020-17012

Windows Bind Filter Driver Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00513EPSS

CVE•added 2020/11/11 7:15 a.m.•86 views

CVE-2020-17035

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.01827EPSS

CVE•added 2020/11/11 7:15 a.m.•86 views

CVE-2020-17077

Windows Update Stack Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00505EPSS

CVE•added 2021/01/12 8:15 p.m.•86 views

CVE-2021-1684

Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the rem...

5.5CVSS6.5AI score0.03167EPSS

CVE•added 2021/04/13 8:15 p.m.•86 views

CVE-2021-26417

Windows Overlay Filter Information Disclosure Vulnerability

5.5CVSS5.5AI score0.00488EPSS

7.8CVSS8.4AI score0.07913EPSS

CVE-2021-43228

SymCrypt Denial of Service Vulnerability

7.8CVSS8.8AI score0.01601EPSS

CVE-2021-43232

Windows Event Tracing Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.00768EPSS

CVE-2021-43234

Windows Fax Service Remote Code Execution Vulnerability