Windows 10@2004 Security Vulnerabilities and Issues — Page 12 of Windows 10@2004 CVE List

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...

6.5CVSS6.9AI score0.22282EPSS

CVE•added 2020/09/11 5:15 p.m.•97 views

CVE-2020-1098

An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit this vulnerability, an attacker would first have to log on to ...

7.8CVSS7.7AI score0.00502EPSS

CVE•added 2020/06/09 8:15 p.m.•97 views

CVE-2020-1160

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.

5.5CVSS6.1AI score0.00661EPSS

CVE•added 2020/06/09 8:15 p.m.•97 views

CVE-2020-1162

An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from...

7.8CVSS8AI score0.00681EPSS

CVE•added 2020/06/09 8:15 p.m.•97 views

CVE-2020-1282

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1304, CVE-2020-1306, CVE-2020-133...

7.8CVSS7.7AI score0.12134EPSS

CVE•added 2020/07/14 11:15 p.m.•97 views

CVE-2020-1463

An elevation of privilege vulnerability exists in the way that the SharedStream Library handles objects in memory, aka 'Windows SharedStream Library Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00278EPSS

CVE•added 2020/08/17 7:15 p.m.•97 views

CVE-2020-1547

An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u...

7.8CVSS8.1AI score0.00378EPSS

CVE•added 2020/10/16 11:15 p.m.•97 views

CVE-2020-16895

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status.To exploit this vulnerability, an attacker would first have to...

7.8CVSS8.1AI score0.00744EPSS

CVE•added 2020/12/10 12:15 a.m.•97 views

CVE-2020-16964

Windows Backup Engine Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.0137EPSS

CVE•added 2021/01/12 8:15 p.m.•97 views

CVE-2021-1697

Windows InstallService Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00313EPSS

CVE•added 2021/04/13 8:15 p.m.•97 views

CVE-2021-28437

Windows Installer Information Disclosure Vulnerability

5.5CVSS6.7AI score0.00448EPSS

CVE•added 2021/04/13 8:15 p.m.•97 views

CVE-2021-28445

Windows Network File System Remote Code Execution Vulnerability

8.8CVSS8.5AI score0.17466EPSS

CVE•added 2021/07/14 6:15 p.m.•97 views

CVE-2021-34511

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00249EPSS

CVE•added 2021/09/15 12:15 p.m.•97 views

CVE-2021-38637

Windows Storage Information Disclosure Vulnerability

5.5CVSS6.1AI score0.00319EPSS

CVE•added 2021/10/13 1:15 a.m.•97 views

CVE-2021-41346

Console Window Host Security Feature Bypass Vulnerability

7.8CVSS5.6AI score0.00206EPSS

CVE•added 2020/06/09 8:15 p.m.•96 views

CVE-2020-1253

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1251, CVE-2020-1310.

7.2CVSS7AI score0.00798EPSS

CVE•added 2020/07/14 11:15 p.m.•96 views

CVE-2020-1390

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1427, CVE-2020-1428, CVE-2020-1438.

7.8CVSS8.1AI score0.00513EPSS

CVE•added 2020/08/17 7:15 p.m.•96 views

CVE-2020-1459

An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation."To exploit this vulnerability, an attacker with local privileges would need to run a specially crafted application.The se...

7.5CVSS7.1AI score0.06087EPSS

CVE•added 2020/09/11 5:15 p.m.•96 views

CVE-2020-1592

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to f...

4.4CVSS4.2AI score0.00433EPSS

CVE•added 2020/10/16 11:15 p.m.•96 views

CVE-2020-16935

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An atta...

7.8CVSS8.2AI score0.00993EPSS

CVE•added 2020/11/11 7:15 a.m.•96 views

CVE-2020-17000

Remote Desktop Protocol Client Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00542EPSS

CVE•added 2021/02/25 11:15 p.m.•96 views

CVE-2021-24081

Microsoft Windows Codecs Library Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.01688EPSS

CVE•added 2021/02/25 11:15 p.m.•96 views

CVE-2021-24103

Windows Event Tracing Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00371EPSS

CVE•added 2021/04/13 8:15 p.m.•96 views

CVE-2021-28323

Windows DNS Information Disclosure Vulnerability

6.5CVSS7.1AI score0.12484EPSS

CVE•added 2021/11/10 1:19 a.m.•96 views

CVE-2021-42274

Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability

6.8CVSS7.4AI score0.00135EPSS

CVE•added 2020/06/09 8:15 p.m.•95 views

CVE-2020-1217

An information disclosure vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Information Disclosure Vulnerability'.

7.8CVSS7.5AI score0.11567EPSS

CVE•added 2020/06/09 8:15 p.m.•95 views

CVE-2020-1232

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.

6.5CVSS6.7AI score0.22022EPSS

CVE•added 2020/06/09 8:15 p.m.•95 views

CVE-2020-1236

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1208.

9.3CVSS8.4AI score0.33652EPSS

CVE•added 2020/06/09 8:15 p.m.•95 views

CVE-2020-1257

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1278, CVE-2020-1293.

7.8CVSS8.1AI score0.00694EPSS

CVE•added 2020/06/09 8:15 p.m.•95 views

CVE-2020-1293

7.8CVSS8.1AI score0.00694EPSS

CVE•added 2020/07/14 11:15 p.m.•95 views

CVE-2020-1381

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1382.

7.8CVSS7.7AI score0.01264EPSS

CVE•added 2020/07/14 11:15 p.m.•95 views

CVE-2020-1430

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows UPnP Device Host Elevation of Privilege Vulnerability'. This CVE ID is unique f...

7.8CVSS8.6AI score0.00827EPSS

CVE•added 2020/07/14 11:15 p.m.•95 views

CVE-2020-1435

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

9.3CVSS9.3AI score0.32912EPSS

CVE•added 2020/12/10 12:15 a.m.•95 views

CVE-2020-16961

Windows Backup Engine Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.01021EPSS

CVE•added 2020/10/16 11:15 p.m.•95 views

CVE-2020-16968

A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user right...

9.3CVSS8.3AI score0.09107EPSS

CVE•added 2020/11/11 7:15 a.m.•95 views

CVE-2020-17025

Windows Remote Access Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00514EPSS

CVE•added 2020/11/11 7:15 a.m.•95 views

CVE-2020-17036

Windows Function Discovery SSDP Provider Information Disclosure Vulnerability

5.5CVSS7AI score0.00429EPSS

CVE•added 2021/01/12 8:15 p.m.•95 views

CVE-2021-1702

Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.00288EPSS

CVE•added 2021/02/25 11:15 p.m.•95 views

CVE-2021-1731

PFX Encryption Security Feature Bypass Vulnerability

5.5CVSS7.2AI score0.00526EPSS

CVE•added 2021/04/13 8:15 p.m.•95 views

CVE-2021-28442

Windows TCP/IP Information Disclosure Vulnerability

6.5CVSS6.7AI score0.13694EPSS

CVE•added 2021/10/13 1:15 a.m.•95 views

CVE-2021-40468

Windows Bind Filter Driver Information Disclosure Vulnerability

5.5CVSS5.8AI score0.00461EPSS

CVE•added 2020/09/11 5:15 p.m.•94 views

CVE-2020-0911

An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted a...

7.8CVSS8.1AI score0.00576EPSS

CVE•added 2020/09/11 5:15 p.m.•94 views

CVE-2020-1115

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have ...

7.8CVSS8.1AI score0.00524EPSS

CVE•added 2020/06/09 8:15 p.m.•94 views

CVE-2020-1194

A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations, aka 'Windows Registry Denial of Service Vulnerability'.

5.5CVSS6.4AI score0.00175EPSS

Total number of security vulnerabilities915