Microsoft Windows 10 vulnerabilities

2,804 known vulnerabilities affecting microsoft/windows_10.

Total CVEs

2,804

CISA KEV

actively exploited

Public exploits

216

Exploited in wild

Severity breakdown

CRITICAL68HIGH1907MEDIUM802LOW27

Vulnerabilities

Page 37 of 141

CVE-2021-31191MEDIUMCVSS 5.5v20h2v1803+4 more2021-05-11

CVE-2021-31191 [MEDIUM] CVE-2021-31191: Windows Projected File System FS Filter Driver Information Disclosure Vulnerability Windows Projected File System FS Filter Driver Information Disclosure Vulnerability

nvd

CVE-2021-31188MEDIUMCVSS 5.5v20h2v1607+4 more2021-05-11

CVE-2021-31188 [MEDIUM] CWE-416 CVE-2021-31188: Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability

nvd

CVE-2021-31184MEDIUMCVSS 5.5v20h2v1607+4 more2021-05-11

CVE-2021-31184 [MEDIUM] CVE-2021-31184: Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability

nvd

CVE-2021-28479MEDIUMCVSS 5.5v20h2v1607+4 more2021-05-11

CVE-2021-28479 [MEDIUM] CVE-2021-28479: Windows CSC Service Information Disclosure Vulnerability Windows CSC Service Information Disclosure Vulnerability

nvd

CVE-2021-31186MEDIUMCVSS 6.5v20h2v1607+4 more2021-05-11

CVE-2021-31186 [MEDIUM] CVE-2021-31186: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

nvd

CVE-2021-31205MEDIUMCVSS 6.5v20h2v20042021-05-11

CVE-2021-31205 [MEDIUM] CVE-2021-31205: Windows SMB Client Security Feature Bypass Vulnerability Windows SMB Client Security Feature Bypass Vulnerability

nvd

CVE-2020-24588LOWCVSS 3.5v20h2v1607+4 more2021-05-11

CVE-2020-24588 [LOW] CWE-327 CVE-2020-24588: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary

nvd

CVE-2021-27092CRITICALCVSS 9.8v20h2v1803+3 more2021-04-13

CVE-2021-27092 [CRITICAL] CVE-2021-27092: Azure AD Web Sign-in Security Feature Bypass Vulnerability Azure AD Web Sign-in Security Feature Bypass Vulnerability

nvd

CVE-2021-28355HIGHCVSS 8.8v20h2v1607+4 more2021-04-13

CVE-2021-28355 [HIGH] CVE-2021-28355: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28327HIGHCVSS 8.8v20h2v1607+4 more2021-04-13

CVE-2021-28327 [HIGH] CVE-2021-28327: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28434HIGHCVSS 8.8v20h2v1607+4 more2021-04-13

CVE-2021-28434 [HIGH] CVE-2021-28434: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28340HIGHCVSS 8.8v20h2v1607+4 more2021-04-13

CVE-2021-28340 [HIGH] CVE-2021-28340: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28335HIGHCVSS 8.8v20h2v1607+4 more2021-04-13

CVE-2021-28335 [HIGH] CVE-2021-28335: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28330HIGHCVSS 8.8v20h2v1607+4 more2021-04-13

CVE-2021-28330 [HIGH] CVE-2021-28330: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28341HIGHCVSS 8.8v20h2v1607+4 more2021-04-13

CVE-2021-28341 [HIGH] CVE-2021-28341: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28314HIGHCVSS 7.8v20h2v1809+2 more2021-04-13

CVE-2021-28314 [HIGH] CVE-2021-28314: Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Elevation of Privilege Vulnerability

nvd

CVE-2021-28436HIGHCVSS 7.8v20h2v1607+4 more2021-04-13

CVE-2021-28436 [HIGH] CVE-2021-28436: Windows Speech Runtime Elevation of Privilege Vulnerability Windows Speech Runtime Elevation of Privilege Vulnerability

nvd

CVE-2021-28329HIGHCVSS 8.8v20h2v1607+4 more2021-04-13

CVE-2021-28329 [HIGH] CVE-2021-28329: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28339HIGHCVSS 8.8v20h2v1607+4 more2021-04-13

CVE-2021-28339 [HIGH] CVE-2021-28339: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28321HIGHCVSS 7.8v20h2v1803+3 more2021-04-13

CVE-2021-28321 [HIGH] CWE-59 CVE-2021-28321: Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability

nvd

← Previous37 / 141Next →