Windows 10 Security Vulnerabilities and Issues — Page 11 of Windows 10 CVE List

Lucene search

MicrosoftWindows 10

2979 matches found

CVE•added 2019/06/12 2:29 p.m.•144 views

CVE-2019-0959

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have ...

7.8CVSS7.7AI score0.04708EPSS

CVE•added 2019/09/11 10:15 p.m.•144 views

CVE-2019-1269

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulne...

7.8CVSS8AI score0.00372EPSS

CVE•added 2019/09/11 10:15 p.m.•144 views

CVE-2019-1280

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

9.3CVSS8.2AI score0.19713EPSS

CVE•added 2020/10/16 11:15 p.m.•144 views

CVE-2020-16911

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or dele...

9.3CVSS8.7AI score0.15789EPSS

CVE•added 2021/07/16 9:15 p.m.•144 views

CVE-2021-34441

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

7.8CVSS8.2AI score0.00769EPSS

CVE•added 2021/07/16 9:15 p.m.•144 views

CVE-2021-34456

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00323EPSS

CVE•added 2021/08/12 6:15 p.m.•144 views

CVE-2021-34483

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.8AI score0.00324EPSS

CVE•added 2021/11/10 1:19 a.m.•144 views

CVE-2021-42279

Chakra Scripting Engine Memory Corruption Vulnerability

7.5CVSS6.2AI score0.03267EPSS

CVE•added 2022/01/11 9:15 p.m.•144 views

CVE-2022-21885

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

7.8CVSS8.5AI score0.00492EPSS

CVE•added 2022/02/09 5:15 p.m.•144 views

CVE-2022-21995

Windows Hyper-V Remote Code Execution Vulnerability

7.9CVSS8.1AI score0.00841EPSS

CVE•added 2022/04/15 7:15 p.m.•144 views

CVE-2022-26917

Windows Fax Compose Form Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.01141EPSS

CVE•added 2022/06/15 10:15 p.m.•144 views

CVE-2022-30147

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.01667EPSS

CVE•added 2022/07/12 11:15 p.m.•144 views

CVE-2022-30211

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability

7.5CVSS8.2AI score0.03645EPSS

CVE•added 2022/08/09 8:15 p.m.•144 views

CVE-2022-35820

Windows Bluetooth Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.01214EPSS

CVE•added 2022/10/11 7:15 p.m.•144 views

CVE-2022-38041

Windows Secure Channel Denial of Service Vulnerability

7.5CVSS7.9AI score0.0506EPSS

CVE•added 2023/03/14 5:15 p.m.•144 views

CVE-2023-24859

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability

7.5CVSS7.4AI score0.05725EPSS

CVE•added 2017/06/15 1:29 a.m.•143 views

CVE-2017-0283

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for Busi...

9.3CVSS6.4AI score0.55105EPSS

CVE•added 2019/01/08 9:29 p.m.•143 views

CVE-2019-0574

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is uni...

7.8CVSS7.5AI score0.14942EPSS

CVE•added 2019/08/14 9:15 p.m.•143 views

CVE-2019-1184

An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions.To exploit this vulnerabil...

7.2CVSS7AI score0.05965EPSS

CVE•added 2020/08/17 7:15 p.m.•143 views

CVE-2020-1470

An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The sec...

7.8CVSS8.1AI score0.00936EPSS

CVE•added 2021/11/10 1:16 a.m.•143 views

CVE-2021-26443

Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability

9CVSS9.1AI score0.0055EPSS

CVE•added 2021/07/14 6:15 p.m.•143 views

CVE-2021-33756

Windows DNS Snap-in Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01128EPSS

CVE•added 2022/09/13 7:15 p.m.•143 views

CVE-2022-35835

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.5AI score0.11769EPSS

CVE•added 2022/10/11 7:15 p.m.•143 views

CVE-2022-38047

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.00263EPSS

CVE•added 2019/01/08 9:29 p.m.•142 views

CVE-2019-0569

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Wind...

5.5CVSS5.6AI score0.01077EPSS

CVE•added 2020/04/15 3:15 p.m.•142 views

CVE-2020-1015

An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011.

7.8CVSS7.8AI score0.11588EPSS

CVE•added 2022/01/11 9:15 p.m.•142 views

CVE-2022-21869

Clipboard User Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00462EPSS

CVE•added 2022/01/11 9:15 p.m.•142 views

CVE-2022-21890

Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability

7.5CVSS8.2AI score0.10382EPSS

CVE•added 2022/05/10 9:15 p.m.•142 views

CVE-2022-29115

Windows Fax Service Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.03165EPSS

CVE•added 2018/07/11 12:29 a.m.•141 views

CVE-2018-8206

A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol (FTP) connections, aka "Windows FTP Server Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows...

7.8CVSS6.4AI score0.12158EPSS

CVE•added 2018/08/15 5:29 p.m.•141 views

CVE-2018-8344

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Win...

9.3CVSS7.2AI score0.26277EPSS

CVE•added 2019/05/16 7:29 p.m.•141 views

CVE-2019-0727

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Diagnostic Hub Standard Collector, ...

7.8CVSS7.3AI score0.00327EPSS

CVE•added 2019/08/14 9:15 p.m.•141 views

CVE-2019-0736

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine.To exploit the vulnerability, an attacker could send speci...

9.8CVSS9.2AI score0.1289EPSS

CVE•added 2019/09/11 10:15 p.m.•141 views

CVE-2019-1256

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1285.

7.8CVSS8AI score0.01395EPSS

CVE•added 2020/08/17 7:15 p.m.•141 views

CVE-2020-1561

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted f...

9.3CVSS8.2AI score0.15375EPSS

CVE•added 2020/08/17 7:15 p.m.•141 views

CVE-2020-1585

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or cre...

8.8CVSS8.8AI score0.1665EPSS

CVE•added 2021/08/12 6:15 p.m.•141 views

CVE-2021-26431

Windows Recovery Environment Agent Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00385EPSS

CVE•added 2021/07/16 9:15 p.m.•141 views

CVE-2021-34455

Windows File History Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00164EPSS

CVE•added 2021/07/14 6:15 p.m.•141 views

CVE-2021-34492

Windows Certificate Spoofing Vulnerability

8.1CVSS8.3AI score0.01018EPSS

CVE•added 2022/01/11 9:15 p.m.•141 views

CVE-2022-21851

Remote Desktop Client Remote Code Execution Vulnerability

9.3CVSS9.3AI score0.07943EPSS

CVE•added 2022/02/09 5:15 p.m.•141 views

CVE-2022-21997

Windows Print Spooler Elevation of Privilege Vulnerability

7.1CVSS7.2AI score0.0029EPSS

CVE•added 2022/10/11 7:15 p.m.•141 views

CVE-2022-38026

Windows DHCP Client Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00201EPSS

CVE•added 2017/05/12 2:29 p.m.•140 views

CVE-2017-0277

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it ...

7CVSS7.7AI score0.05522EPSS

CVE•added 2017/06/15 1:29 a.m.•140 views

CVE-2017-8527

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it handles objects in memory, aka "Windows Graphics Rem...

9.3CVSS6AI score0.28831EPSS

CVE•added 2017/09/13 1:29 a.m.•140 views

CVE-2017-8695

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; L...

5.3CVSS6AI score0.25671EPSS

CVE•added 2018/09/13 12:29 a.m.•140 views

CVE-2018-8475

A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server ...

8.8CVSS8.3AI score0.25078EPSS

CVE•added 2018/12/12 12:29 a.m.•140 views

CVE-2018-8634

A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory, aka "Microsoft Text-To-Speech Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

9.3CVSS9.3AI score0.32912EPSS

CVE•added 2019/01/08 9:29 p.m.•140 views

CVE-2019-0552

An elevation of privilege exists in Windows COM Desktop Broker, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

8.8CVSS7.6AI score0.00868EPSS

CVE•added 2019/01/08 9:29 p.m.•140 views

CVE-2019-0577

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Se...

9.3CVSS8AI score0.35437EPSS

CVE•added 2019/04/09 9:29 p.m.•140 views

CVE-2019-0844

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0840.

5.5CVSS6.1AI score0.00978EPSS

Total number of security vulnerabilities2979