Windows 10 1909 Security Vulnerabilities and Issues — Page 5 of Windows 10 1909 CVE List

Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the rem...

7.7CVSS7.8AI score0.00399EPSS

CVE•added 2021/01/12 8:15 p.m.•154 views

CVE-2021-1658

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.3AI score0.01239EPSS

CVE•added 2021/07/16 9:15 p.m.•154 views

CVE-2021-34449

Win32k Elevation of Privilege Vulnerability

7.8CVSS7.2AI score0.00302EPSS

CVE•added 2021/07/16 9:15 p.m.•154 views

CVE-2021-34459

Windows AppContainer Elevation Of Privilege Vulnerability

7.8CVSS8.1AI score0.00305EPSS

CVE•added 2021/09/15 12:15 p.m.•154 views

CVE-2021-40447

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8AI score0.0027EPSS

CVE•added 2022/05/10 9:15 p.m.•154 views

CVE-2022-26927

Windows Graphics Component Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.19611EPSS

CVE•added 2021/06/08 11:15 p.m.•153 views

CVE-2021-31959

Scripting Engine Memory Corruption Vulnerability

7.8CVSS7AI score0.0488EPSS

CVE•added 2021/07/14 6:15 p.m.•153 views

CVE-2021-33750

Windows DNS Snap-in Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01415EPSS

CVE•added 2022/04/15 7:15 p.m.•152 views

CVE-2022-24495

Windows Direct Show Remote Code Execution Vulnerability

7.5CVSS8.3AI score0.00788EPSS

CVE•added 2022/04/15 7:15 p.m.•152 views

CVE-2022-26810

Windows File Server Resource Management Service Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00271EPSS

CVE•added 2022/05/10 9:15 p.m.•152 views

CVE-2022-29127

BitLocker Security Feature Bypass Vulnerability

4.2CVSS6.5AI score0.00193EPSS

CVE•added 2021/09/15 12:15 p.m.•151 views

CVE-2021-36961

Windows Installer Denial of Service Vulnerability

6.1CVSS6.7AI score0.00276EPSS

CVE•added 2021/10/13 1:15 a.m.•151 views

CVE-2021-40454

Rich Text Edit Control Information Disclosure Vulnerability

5.5CVSS6.7AI score0.00145EPSS

CVE•added 2022/03/09 5:15 p.m.•151 views

CVE-2022-24502

Windows HTML Platforms Security Feature Bypass Vulnerability

6.5CVSS6.1AI score0.01564EPSS

CVE•added 2022/05/10 9:15 p.m.•151 views

CVE-2022-26934

Windows Graphics Component Information Disclosure Vulnerability

6.5CVSS7.6AI score0.16898EPSS

CVE•added 2021/07/14 6:15 p.m.•150 views

CVE-2021-33757

Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability

9.8CVSS6.7AI score0.01355EPSS

CVE•added 2022/01/11 9:15 p.m.•150 views

CVE-2022-21913

Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass

7.5CVSS7AI score0.00961EPSS

CVE•added 2022/05/10 9:15 p.m.•150 views

CVE-2022-22011

Windows Graphics Component Information Disclosure Vulnerability

5.5CVSS7AI score0.00618EPSS

CVE•added 2020/10/16 11:15 p.m.•149 views

CVE-2020-0764

An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victi...

7.8CVSS8.2AI score0.00542EPSS

CVE•added 2021/05/11 7:15 p.m.•149 views

CVE-2021-31187

Windows WalletService Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.01494EPSS

CVE•added 2021/05/11 7:15 p.m.•149 views

CVE-2021-31194

OLE Automation Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.06956EPSS

CVE•added 2022/01/11 9:15 p.m.•149 views

CVE-2022-21871

Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00379EPSS

CVE•added 2022/04/15 7:15 p.m.•149 views

CVE-2022-24542

Windows Win32k Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.01719EPSS

CVE•added 2020/10/16 11:15 p.m.•148 views

CVE-2020-16910

A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location.To exploit this vulnerability, an attacker could run a specia...

6.2CVSS7AI score0.02409EPSS

CVE•added 2021/08/12 6:15 p.m.•148 views

CVE-2021-26425

Windows Event Tracing Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00184EPSS

CVE•added 2021/07/14 6:15 p.m.•148 views

CVE-2021-31961

Windows InstallService Elevation of Privilege Vulnerability

6.1CVSS6.4AI score0.00323EPSS

CVE•added 2021/07/16 9:15 p.m.•148 views

CVE-2021-34457

Windows Remote Access Connection Manager Information Disclosure Vulnerability

5.5CVSS6.6AI score0.0052EPSS

CVE•added 2021/08/12 6:15 p.m.•148 views

CVE-2021-34534

Windows MSHTML Platform Remote Code Execution Vulnerability

7.5CVSS7.2AI score0.01445EPSS

CVE•added 2020/08/17 7:15 p.m.•147 views

CVE-2020-1509

An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the targ...

8.8CVSS8.1AI score0.06869EPSS

CVE•added 2021/07/14 6:15 p.m.•147 views

CVE-2021-31183

Windows TCP/IP Driver Denial of Service Vulnerability

7.5CVSS7.9AI score0.14302EPSS

CVE•added 2021/07/14 6:15 p.m.•147 views

CVE-2021-33749

Windows DNS Snap-in Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.03544EPSS

CVE•added 2021/08/12 6:15 p.m.•147 views

CVE-2021-36937

Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.00453EPSS

CVE•added 2022/05/10 9:15 p.m.•147 views

CVE-2022-29140

Windows Print Spooler Information Disclosure Vulnerability

5.5CVSS7.1AI score0.0133EPSS

CVE•added 2021/06/08 11:15 p.m.•146 views

CVE-2021-31971

Windows HTML Platforms Security Feature Bypass Vulnerability

8.8CVSS7.7AI score0.01378EPSS

CVE•added 2021/08/12 6:15 p.m.•146 views

CVE-2021-34533

Windows Graphics Component Font Parsing Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.00508EPSS

CVE•added 2021/12/15 3:15 p.m.•146 views

CVE-2021-43215

iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution

9.8CVSS9.6AI score0.01082EPSS

CVE•added 2022/04/15 7:15 p.m.•146 views

CVE-2022-24483

Windows Kernel Information Disclosure Vulnerability

5.5CVSS7AI score0.06681EPSS

CVE•added 2021/02/25 11:15 p.m.•145 views

CVE-2021-24094

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.14023EPSS

CVE•added 2021/07/16 9:15 p.m.•145 views

CVE-2021-34440

GDI+ Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00309EPSS

CVE•added 2022/04/15 7:15 p.m.•145 views

CVE-2022-26789

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00408EPSS

CVE•added 2020/08/17 7:15 p.m.•144 views

CVE-2020-1577

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit the vulnerabil...

7.8CVSS6.9AI score0.17285EPSS

CVE•added 2021/08/12 6:15 p.m.•144 views

CVE-2021-26426

Windows User Account Profile Picture Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00644EPSS

Total number of security vulnerabilities972