Microsoft Windows 10 1909 vulnerabilities

25 known vulnerabilities affecting microsoft/windows_10_1909.

Total CVEs

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

HIGH20MEDIUM5

Vulnerabilities

Page 1 of 2

CVE-2022-26923HIGHCVSS 8.8KEVfixed in 10.0.18363.22742022-05-10

CVE-2022-26923 [HIGH] CWE-295 CVE-2022-26923: Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability

nvd

CVE-2022-26934MEDIUMCVSS 6.5fixed in 10.0.18363.22742022-05-10

CVE-2022-26934 [MEDIUM] CVE-2022-26934: Windows Graphics Component Information Disclosure Vulnerability Windows Graphics Component Information Disclosure Vulnerability

nvd

CVE-2022-26904HIGHCVSS 7.0KEVPoCfixed in 10.0.18363.22122022-04-15

CVE-2022-26904 [HIGH] CWE-362 CVE-2022-26904: Windows User Profile Service Elevation of Privilege Vulnerability Windows User Profile Service Elevation of Privilege Vulnerability

nvd

CVE-2022-24521HIGHCVSS 7.8KEVfixed in 10.0.18363.22122022-04-15

CVE-2022-24521 [HIGH] CWE-787 CVE-2022-24521: Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability

nvd

CVE-2022-21999HIGHCVSS 7.8KEVPoCfixed in 10.0.18363.20942022-02-09

CVE-2022-21999 [HIGH] CWE-22 CVE-2022-21999: Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability

nvd

CVE-2022-22718HIGHCVSS 7.8KEV≤ 10.0.18363.20942022-02-09

CVE-2022-22718 [HIGH] CVE-2022-22718: Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability

nvd

CVE-2022-21971HIGHCVSS 7.8KEVfixed in 10.0.18363.20942022-02-09

CVE-2022-21971 [HIGH] CWE-824 CVE-2022-21971: Windows Runtime Remote Code Execution Vulnerability Windows Runtime Remote Code Execution Vulnerability

nvd

CVE-2022-21919HIGHCVSS 7.0KEVPoCfixed in 10.0.18363.20372022-01-11

CVE-2022-21919 [HIGH] CWE-59 CVE-2022-21919: Windows User Profile Service Elevation of Privilege Vulnerability Windows User Profile Service Elevation of Privilege Vulnerability

nvd

CVE-2022-21871HIGHCVSS 7.0fixed in 10.0.18363.20372022-01-11

CVE-2022-21871 [HIGH] CVE-2022-21871: Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability

nvd

CVE-2021-43226HIGHCVSS 7.8KEVfixed in 10.0.18363.19772021-12-15

CVE-2021-43226 [HIGH] CVE-2021-43226: Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability

nvd

CVE-2021-41379MEDIUMCVSS 5.5KEVfixed in 10.0.18363.19162021-11-10

CVE-2021-41379 [MEDIUM] CWE-59 CVE-2021-41379: Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability

nvd

CVE-2021-40444HIGHCVSS 8.8KEVfixed in 10.0.18363.18012021-09-15

CVE-2021-40444 [HIGH] CWE-22 CVE-2021-40444: <p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affect Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that

nvd

CVE-2021-36955HIGHCVSS 7.8KEVfixed in 10.0.18363.18012021-09-15

CVE-2021-36955 [HIGH] CVE-2021-36955: Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability

nvd

CVE-2021-34484HIGHCVSS 7.8KEVPoCfixed in 10.0.18363.17342021-08-12

CVE-2021-34484 [HIGH] CVE-2021-34484: Windows User Profile Service Elevation of Privilege Vulnerability Windows User Profile Service Elevation of Privilege Vulnerability

nvd

CVE-2021-34486HIGHCVSS 7.8KEVfixed in 10.0.18363.17342021-08-12

CVE-2021-34486 [HIGH] CWE-416 CVE-2021-34486: Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing Elevation of Privilege Vulnerability

nvd

CVE-2021-36948HIGHCVSS 7.8KEVfixed in 10.0.18363.17342021-08-12

CVE-2021-36948 [HIGH] CVE-2021-36948: Windows Update Medic Service Elevation of Privilege Vulnerability Windows Update Medic Service Elevation of Privilege Vulnerability

nvd

CVE-2021-36934HIGHCVSS 7.8KEVfixed in 10.0.18363.17342021-07-22

CVE-2021-36934 [HIGH] CVE-2021-36934: <p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data

nvd

CVE-2021-33771HIGHCVSS 7.8KEVfixed in 10.0.18363.16792021-07-14

CVE-2021-33771 [HIGH] CVE-2021-33771: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2021-31979HIGHCVSS 7.8KEVfixed in 10.0.18363.16792021-07-14

CVE-2021-31979 [HIGH] CWE-119 CVE-2021-31979: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2021-1675HIGHCVSS 7.8KEVfixed in 10.0.18363.16212021-06-08

CVE-2021-1675 [HIGH] CVE-2021-1675: Windows Print Spooler Remote Code Execution Vulnerability Windows Print Spooler Remote Code Execution Vulnerability

nvd

1 / 2Next →