Microsoft Windows 10 21H2 vulnerabilities
1,584 known vulnerabilities affecting microsoft/windows_10_21h2.
Total CVEs
1,584
CISA KEV
86
actively exploited
Public exploits
31
Exploited in wild
55
Severity breakdown
CRITICAL39HIGH1118MEDIUM421LOW6
Vulnerabilities
Page 61 of 80
CVE-2023-36408HIGHCVSS 7.8fixed in 10.0.19041.36932023-11-14
CVE-2023-36408 [HIGH] CWE-122 CVE-2023-36408: Windows Hyper-V Elevation of Privilege Vulnerability
Windows Hyper-V Elevation of Privilege Vulnerability
nvd
CVE-2023-36404MEDIUMCVSS 5.5fixed in 10.0.19041.36932023-11-14
CVE-2023-36404 [MEDIUM] CWE-284 CVE-2023-36404: Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
nvd
CVE-2023-36428MEDIUMCVSS 5.5fixed in 10.0.19041.36932023-11-14
CVE-2023-36428 [MEDIUM] CWE-125 CVE-2023-36428: Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
nvd
CVE-2023-38545CRITICALCVSS 9.8fixed in 10.0.19044.36932023-10-18
CVE-2023-38545 [CRITICAL] CWE-787 CVE-2023-38545: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy
handshake.
When curl is asked
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy
handshake.
When curl is asked to pass along the host name to the SOCKS5 proxy to allow
that to resolve the address instead of it getting done by curl itself, the
maximum length that host name can be is 255 bytes.
If the host name is detected to be longer, curl switches to loca
nvd
CVE-2023-35349CRITICALCVSS 9.8fixed in 10.0.19041.35702023-10-10
CVE-2023-35349 [CRITICAL] CWE-20 CVE-2023-35349: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36434CRITICALCVSS 9.8fixed in 10.0.19041.35702023-10-10
CVE-2023-36434 [CRITICAL] CWE-307 CVE-2023-36434: Windows IIS Server Elevation of Privilege Vulnerability
Windows IIS Server Elevation of Privilege Vulnerability
nvd
CVE-2023-36592HIGHCVSS 7.3fixed in 10.0.19041.35702023-10-10
CVE-2023-36592 [HIGH] CWE-94 CVE-2023-36592: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36431HIGHCVSS 7.5fixed in 10.0.19041.35702023-10-10
CVE-2023-36431 [HIGH] CWE-400 CVE-2023-36431: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
nvd
CVE-2023-36593HIGHCVSS 7.3fixed in 10.0.19041.35702023-10-10
CVE-2023-36593 [HIGH] CWE-190 CVE-2023-36593: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36579HIGHCVSS 7.5fixed in 10.0.19041.35702023-10-10
CVE-2023-36579 [HIGH] CWE-400 CVE-2023-36579: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
nvd
CVE-2023-36606HIGHCVSS 7.5fixed in 10.0.19041.35702023-10-10
CVE-2023-36606 [HIGH] CWE-400 CVE-2023-36606: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
nvd
CVE-2023-36726HIGHCVSS 7.8fixed in 10.0.19041.35702023-10-10
CVE-2023-36726 [HIGH] CWE-416 CVE-2023-36726: Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability
Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability
nvd
CVE-2023-36578HIGHCVSS 7.3fixed in 10.0.19041.35702023-10-10
CVE-2023-36578 [HIGH] CWE-843 CVE-2023-36578: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36605HIGHCVSS 7.8fixed in 10.0.19041.35702023-10-10
CVE-2023-36605 [HIGH] CWE-416 CVE-2023-36605: Windows Named Pipe Filesystem Elevation of Privilege Vulnerability
Windows Named Pipe Filesystem Elevation of Privilege Vulnerability
nvd
CVE-2023-36697HIGHCVSS 8.0fixed in 10.0.19041.35702023-10-10
CVE-2023-36697 [HIGH] CWE-20 CVE-2023-36697: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-41767HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41767 [HIGH] CWE-416 CVE-2023-41767: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-38166HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-38166 [HIGH] CWE-416 CVE-2023-38166: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-36574HIGHCVSS 7.3fixed in 10.0.19041.35702023-10-10
CVE-2023-36574 [HIGH] CWE-94 CVE-2023-36574: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36902HIGHCVSS 7.0fixed in 10.0.19041.35702023-10-10
CVE-2023-36902 [HIGH] CWE-416 CVE-2023-36902: Windows Runtime Remote Code Execution Vulnerability
Windows Runtime Remote Code Execution Vulnerability
nvd
CVE-2023-44487HIGHCVSS 7.5KEVPoCfixed in 10.0.19044.35702023-10-10
CVE-2023-44487 [HIGH] CWE-400 CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancell
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
nvd