Windows 10@1909 Security Vulnerabilities and Issues — Windows 10@1909 CVE List

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802...

3.5CVSS6.4AI score0.00848EPSS

CVE•added 2022/05/10 9:15 p.m.•406 views

CVE-2022-22012

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.07142EPSS

CVE•added 2020/06/09 8:15 p.m.•380 views

CVE-2020-1206

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'.

7.5CVSS7.4AI score0.47718EPSS

CVE•added 2022/03/09 5:15 p.m.•380 views

CVE-2022-21990

Remote Desktop Client Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.15329EPSS

CVE•added 2020/03/12 4:15 p.m.•369 views

CVE-2020-0645

A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.

7.5CVSS8.2AI score0.08197EPSS

CVE•added 2022/03/09 5:15 p.m.•359 views

CVE-2022-24503

Remote Desktop Protocol Client Information Disclosure Vulnerability

5.4CVSS6.6AI score0.00575EPSS

CVE•added 2022/03/09 5:15 p.m.•343 views

CVE-2022-23288

Windows DWM Core Library Elevation of Privilege Vulnerability

7CVSS7.6AI score0.00356EPSS

CVE•added 2022/07/12 11:15 p.m.•338 views

CVE-2022-22048

BitLocker Security Feature Bypass Vulnerability

6.6CVSS7.2AI score0.00265EPSS

CVE•added 2022/04/15 7:15 p.m.•332 views

CVE-2022-24481

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.4425EPSS

CVE•added 2021/07/16 9:15 p.m.•325 views

CVE-2021-34481

<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or...

9.8CVSS8.6AI score0.30378EPSS

CVE•added 2020/07/29 6:15 p.m.•318 views

CVE-2020-15707

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extrem...

6.4CVSS7.6AI score0.00033EPSS

CVE•added 2022/01/11 9:15 p.m.•317 views

CVE-2022-21894

Secure Boot Security Feature Bypass Vulnerability

4.9CVSS6.2AI score0.45082EPSS

CVE•added 2021/06/08 11:15 p.m.•315 views

CVE-2021-26414

Windows DCOM Server Security Feature Bypass

6.5CVSS6.9AI score0.08955EPSS

CVE•added 2021/01/12 8:15 p.m.•291 views

CVE-2021-1648

Microsoft splwow64 Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00979EPSS

CVE•added 2020/06/09 8:15 p.m.•288 views

CVE-2020-1269

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/07/29 6:15 p.m.•285 views

CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 ...

6.4CVSS7.7AI score0.00064EPSS

CVE•added 2022/03/09 5:15 p.m.•285 views

CVE-2022-24505

Windows ALPC Elevation of Privilege Vulnerability

7CVSS7.6AI score0.00118EPSS

CVE•added 2020/07/29 6:15 p.m.•284 views

CVE-2020-15705

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. Thi...

6.4CVSS7.1AI score0.00018EPSS

CVE•added 2021/07/14 6:15 p.m.•275 views

CVE-2021-34514

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.00403EPSS

CVE•added 2022/04/15 7:15 p.m.•272 views

CVE-2022-24491

Windows Network File System Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.42379EPSS

CVE•added 2020/01/14 11:15 p.m.•270 views

CVE-2020-0611

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

7.5CVSS8.8AI score0.14967EPSS

CVE•added 2022/04/15 7:15 p.m.•270 views

CVE-2022-24528

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.01418EPSS

CVE•added 2022/04/15 7:15 p.m.•268 views

CVE-2022-24500

Windows SMB Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.38179EPSS

CVE•added 2022/03/09 5:15 p.m.•267 views

CVE-2022-21977

Media Foundation Information Disclosure Vulnerability

4.3CVSS5.7AI score0.01025EPSS

CVE•added 2022/07/12 11:15 p.m.•265 views

CVE-2022-22049

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.00202EPSS

CVE•added 2022/04/15 7:15 p.m.•265 views

CVE-2022-24547

Windows Digital Media Receiver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00229EPSS

CVE•added 2022/05/10 9:15 p.m.•264 views

CVE-2022-21972

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

9.3CVSS9AI score0.56635EPSS

CVE•added 2020/05/21 11:15 p.m.•263 views

CVE-2020-1048

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.

7.8CVSS7.7AI score0.72379EPSS

CVE•added 2020/01/14 11:15 p.m.•262 views

CVE-2020-0624

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0642.

7.8CVSS7.7AI score0.15527EPSS

CVE•added 2022/04/15 7:15 p.m.•261 views

CVE-2022-24545

Windows Kerberos Remote Code Execution Vulnerability

8.1CVSS9AI score0.04077EPSS

CVE•added 2021/08/12 6:15 p.m.•257 views

CVE-2021-26424

Windows TCP/IP Remote Code Execution Vulnerability

9.9CVSS8.8AI score0.09829EPSS

CVE•added 2022/05/10 9:15 p.m.•256 views

CVE-2022-26931

Windows Kerberos Elevation of Privilege Vulnerability

7.5CVSS8.5AI score0.00786EPSS

CVE•added 2022/04/15 7:15 p.m.•255 views

CVE-2022-24497

Windows Network File System Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.39064EPSS

CVE•added 2021/09/15 12:15 p.m.•253 views

CVE-2021-38633

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00426EPSS

CVE•added 2022/03/09 5:15 p.m.•252 views

CVE-2022-23284

Windows Print Spooler Elevation of Privilege Vulnerability

9CVSS7.7AI score0.09081EPSS

CVE•added 2021/09/15 12:15 p.m.•245 views

CVE-2021-36963

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00307EPSS

CVE•added 2020/08/17 7:15 p.m.•243 views

CVE-2020-1337

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...

7.8CVSS7.8AI score0.53476EPSS

CVE•added 2022/03/09 5:15 p.m.•243 views

CVE-2022-23293

Windows Fast FAT File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00389EPSS

CVE•added 2022/05/18 11:15 p.m.•242 views

CVE-2022-30138

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00447EPSS

CVE•added 2021/08/12 6:15 p.m.•240 views

CVE-2021-26432

Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability

9.8CVSS8.8AI score0.10206EPSS

CVE•added 2020/06/09 8:15 p.m.•239 views

CVE-2020-1307

9.3CVSS7.7AI score0.19295EPSS

CVE•added 2021/05/11 7:15 p.m.•239 views

CVE-2021-31167

Windows Container Manager Service Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.0033EPSS

CVE•added 2022/03/09 5:15 p.m.•239 views

CVE-2022-21967

Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability

7CVSS7.7AI score0.00458EPSS

CVE•added 2020/09/11 5:15 p.m.•236 views

CVE-2020-1013

<p>An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.</p><p>To exploit this vulnerabili...

9.3CVSS8.1AI score0.15904EPSS

CVE•added 2021/01/12 8:15 p.m.•233 views

CVE-2021-1678

Windows Print Spooler Spoofing Vulnerability

8.8CVSS8AI score0.53619EPSS

CVE•added 2022/01/11 9:15 p.m.•233 views

CVE-2022-21849

Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.11661EPSS

CVE•added 2020/11/11 7:15 a.m.•227 views

CVE-2020-1599

Windows Spoofing Vulnerability