Windows 10@1909 Security Vulnerabilities and Issues — Windows 10@1909 CVE List

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802...

3.5CVSS6.4AI score0.00344EPSS

CVE•added 2020/06/09 8:15 p.m.•411 views

CVE-2020-1206

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'.

7.5CVSS7.4AI score0.47718EPSS

In wild

CVE•added 2022/05/10 9:15 p.m.•407 views

CVE-2022-22012

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.07142EPSS

CVE•added 2022/03/09 5:15 p.m.•380 views

CVE-2022-21990

Remote Desktop Client Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.15329EPSS

CVE•added 2022/07/12 11:15 p.m.•371 views

CVE-2022-22048

BitLocker Security Feature Bypass Vulnerability

6.6CVSS7.2AI score0.00729EPSS

In wild

CVE•added 2020/03/12 4:15 p.m.•369 views

CVE-2020-0645

A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.

7.5CVSS8.2AI score0.08197EPSS

CVE•added 2022/04/15 7:15 p.m.•362 views

CVE-2022-24481

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.4425EPSS

In wild

CVE•added 2022/03/09 5:15 p.m.•359 views

CVE-2022-24503

Remote Desktop Protocol Client Information Disclosure Vulnerability

5.4CVSS6.6AI score0.00575EPSS

CVE•added 2021/07/16 9:15 p.m.•358 views

CVE-2021-34481

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or de...

9.8CVSS8.6AI score0.30378EPSS

In wild

CVE•added 2022/01/11 9:15 p.m.•353 views

CVE-2022-21894

Secure Boot Security Feature Bypass Vulnerability

4.9CVSS6.2AI score0.32954EPSS

In wild

CVE•added 2022/03/09 5:15 p.m.•343 views

CVE-2022-23288

Windows DWM Core Library Elevation of Privilege Vulnerability

7CVSS7.6AI score0.00356EPSS

CVE•added 2020/07/29 6:15 p.m.•320 views

CVE-2020-15707

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extrem...

6.4CVSS7.6AI score0.00033EPSS

CVE•added 2021/01/12 8:15 p.m.•320 views

CVE-2021-1648

Microsoft splwow64 Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00979EPSS

In wild

CVE•added 2020/06/09 8:15 p.m.•319 views

CVE-2020-1269

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS

In wild

CVE•added 2021/06/08 11:15 p.m.•318 views

CVE-2021-26414

Windows DCOM Server Security Feature Bypass

6.5CVSS6.9AI score0.14238EPSS

CVE•added 2021/07/14 6:15 p.m.•305 views

CVE-2021-34514

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.00403EPSS

In wild

CVE•added 2022/07/12 11:15 p.m.•296 views

CVE-2022-22049

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.00235EPSS

In wild

CVE•added 2020/07/29 6:15 p.m.•287 views

CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 ...

6.4CVSS7.7AI score0.00064EPSS

CVE•added 2020/07/29 6:15 p.m.•286 views

CVE-2020-15705

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. Thi...

6.4CVSS7.1AI score0.00024EPSS

CVE•added 2022/03/09 5:15 p.m.•285 views

CVE-2022-24505

Windows ALPC Elevation of Privilege Vulnerability

7CVSS7.6AI score0.00118EPSS

CVE•added 2021/09/15 12:15 p.m.•283 views

CVE-2021-38633

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00426EPSS

In wild

CVE•added 2021/09/15 12:15 p.m.•276 views

CVE-2021-36963

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00307EPSS

In wild

CVE•added 2022/04/15 7:15 p.m.•274 views

CVE-2022-24491

Windows Network File System Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.42379EPSS

CVE•added 2022/04/15 7:15 p.m.•273 views

CVE-2022-24500

Windows SMB Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.36017EPSS

CVE•added 2020/01/14 11:15 p.m.•270 views

CVE-2020-0611

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

7.5CVSS8.8AI score0.14967EPSS

CVE•added 2022/04/15 7:15 p.m.•270 views

CVE-2022-24528

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.01747EPSS

CVE•added 2020/06/09 8:15 p.m.•268 views

CVE-2020-1307

9.3CVSS7.7AI score0.19295EPSS

In wild

CVE•added 2021/05/11 7:15 p.m.•268 views

CVE-2021-31167

Windows Container Manager Service Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.0033EPSS

In wild

CVE•added 2022/03/09 5:15 p.m.•267 views

CVE-2022-21977

Media Foundation Information Disclosure Vulnerability

4.3CVSS5.7AI score0.01025EPSS

CVE•added 2022/05/10 9:15 p.m.•266 views

CVE-2022-21972

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

9.3CVSS9AI score0.56635EPSS

CVE•added 2020/05/21 11:15 p.m.•265 views

CVE-2020-1048

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.

7.8CVSS7.7AI score0.75806EPSS

In wild

CVE•added 2022/04/15 7:15 p.m.•265 views

CVE-2022-24547

Windows Digital Media Receiver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00229EPSS

CVE•added 2020/01/14 11:15 p.m.•264 views

CVE-2020-0624

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0642.

7.8CVSS7.7AI score0.15527EPSS

CVE•added 2022/04/15 7:15 p.m.•261 views

CVE-2022-24545

Windows Kerberos Remote Code Execution Vulnerability

8.1CVSS9AI score0.04077EPSS

CVE•added 2021/08/12 6:15 p.m.•257 views

CVE-2021-26424

Windows TCP/IP Remote Code Execution Vulnerability

9.9CVSS8.8AI score0.09829EPSS

CVE•added 2022/04/15 7:15 p.m.•257 views

CVE-2022-24497

Windows Network File System Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.39152EPSS

CVE•added 2022/05/10 9:15 p.m.•257 views

CVE-2022-26931

Windows Kerberos Elevation of Privilege Vulnerability

7.5CVSS8.5AI score0.00786EPSS

In wild

CVE•added 2020/11/11 7:15 a.m.•256 views

CVE-2020-1599

Windows Spoofing Vulnerability

5.5CVSS7.2AI score0.05733EPSS

In wild

CVE•added 2021/08/12 6:15 p.m.•256 views

CVE-2021-34487

Windows Event Tracing Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00098EPSS

In wild

CVE•added 2021/12/15 3:15 p.m.•252 views

CVE-2021-43217

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability

9.8CVSS9.1AI score0.25196EPSS

In wild

CVE•added 2022/03/09 5:15 p.m.•252 views

CVE-2022-23284

Windows Print Spooler Elevation of Privilege Vulnerability

9CVSS7.7AI score0.09081EPSS

CVE•added 2020/06/09 8:15 p.m.•248 views

CVE-2020-1274

7.8CVSS7.7AI score0.19295EPSS

In wild

CVE•added 2020/06/09 8:15 p.m.•246 views

CVE-2020-1237

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273,...

7.8CVSS7.8AI score0.19295EPSS

In wild

CVE•added 2020/08/17 7:15 p.m.•246 views

CVE-2020-1337

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...

7.8CVSS7.8AI score0.53476EPSS

In wild

CVE•added 2020/06/09 8:15 p.m.•244 views

CVE-2020-1316

7.8CVSS7.7AI score0.19295EPSS

In wild

CVE•added 2020/10/16 11:15 p.m.•244 views

CVE-2020-16916

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An atta...

7.8CVSS8.2AI score0.00744EPSS

In wild

CVE•added 2020/06/09 8:15 p.m.•243 views

CVE-2020-1276

7.8CVSS7.7AI score0.19295EPSS

In wild

Total number of security vulnerabilities1432