Microsoft Windows 10 21H2 vulnerabilities
1,584 known vulnerabilities affecting microsoft/windows_10_21h2.
Total CVEs
1,584
CISA KEV
86
actively exploited
Public exploits
31
Exploited in wild
55
Severity breakdown
CRITICAL39HIGH1118MEDIUM421LOW6
Vulnerabilities
Page 63 of 80
CVE-2023-41765HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41765 [HIGH] CWE-416 CVE-2023-41765: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-36729HIGHCVSS 7.8fixed in 10.0.19041.35702023-10-10
CVE-2023-36729 [HIGH] CWE-121 CVE-2023-36729: Named Pipe File System Elevation of Privilege Vulnerability
Named Pipe File System Elevation of Privilege Vulnerability
nvd
CVE-2023-36570HIGHCVSS 7.3fixed in 10.0.19041.35702023-10-10
CVE-2023-36570 [HIGH] CWE-94 CVE-2023-36570: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-41766HIGHCVSS 7.8fixed in 10.0.19041.35702023-10-10
CVE-2023-41766 [HIGH] CWE-426 CVE-2023-41766: Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
nvd
CVE-2023-36582HIGHCVSS 7.3fixed in 10.0.19041.35702023-10-10
CVE-2023-36582 [HIGH] CWE-190 CVE-2023-36582: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36718HIGHCVSS 7.8fixed in 10.0.19041.35702023-10-10
CVE-2023-36718 [HIGH] CWE-94 CVE-2023-36718: Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability
Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability
nvd
CVE-2023-36725HIGHCVSS 7.8fixed in 10.0.19041.35702023-10-10
CVE-2023-36725 [HIGH] CWE-284 CVE-2023-36725: Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
nvd
CVE-2023-38159HIGHCVSS 7.0fixed in 10.0.19041.35702023-10-10
CVE-2023-38159 [HIGH] CWE-591 CVE-2023-38159: Windows Graphics Component Elevation of Privilege Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
nvd
CVE-2023-36575HIGHCVSS 7.3fixed in 10.0.19041.35702023-10-10
CVE-2023-36575 [HIGH] CWE-94 CVE-2023-36575: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-41769HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41769 [HIGH] CWE-416 CVE-2023-41769: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-41770HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41770 [HIGH] CWE-416 CVE-2023-41770: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-36572HIGHCVSS 7.3fixed in 10.0.19041.35702023-10-10
CVE-2023-36572 [HIGH] CWE-94 CVE-2023-36572: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36581HIGHCVSS 7.5fixed in 10.0.19041.35702023-10-10
CVE-2023-36581 [HIGH] CWE-126 CVE-2023-36581: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
nvd
CVE-2023-36698MEDIUMCVSS 4.4fixed in 10.0.19041.35702023-10-10
CVE-2023-36698 [MEDIUM] CWE-362 CVE-2023-36698: Windows Kernel Security Feature Bypass Vulnerability
Windows Kernel Security Feature Bypass Vulnerability
nvd
CVE-2023-36724MEDIUMCVSS 5.5fixed in 10.0.19041.35702023-10-10
CVE-2023-36724 [MEDIUM] CWE-287 CVE-2023-36724: Windows Power Management Service Information Disclosure Vulnerability
Windows Power Management Service Information Disclosure Vulnerability
nvd
CVE-2023-36717MEDIUMCVSS 6.5fixed in 10.0.19041.35702023-10-10
CVE-2023-36717 [MEDIUM] CVE-2023-36717: Windows Virtual Trusted Platform Module Denial of Service Vulnerability
Windows Virtual Trusted Platform Module Denial of Service Vulnerability
nvd
CVE-2023-36713MEDIUMCVSS 5.5fixed in 10.0.19041.35702023-10-10
CVE-2023-36713 [MEDIUM] CWE-908 CVE-2023-36713: Windows Common Log File System Driver Information Disclosure Vulnerability
Windows Common Log File System Driver Information Disclosure Vulnerability
nvd
CVE-2023-36722MEDIUMCVSS 4.4fixed in 10.0.19041.35702023-10-10
CVE-2023-36722 [MEDIUM] CWE-284 CVE-2023-36722: Active Directory Domain Services Information Disclosure Vulnerability
Active Directory Domain Services Information Disclosure Vulnerability
nvd
CVE-2023-36563MEDIUMCVSS 5.5KEVfixed in 10.0.19041.35702023-10-10
CVE-2023-36563 [MEDIUM] CWE-20 CVE-2023-36563: Microsoft WordPad Information Disclosure Vulnerability
Microsoft WordPad Information Disclosure Vulnerability
nvd
CVE-2023-38039HIGHCVSS 7.5fixed in 10.0.19044.36932023-09-15
CVE-2023-38039 [HIGH] CWE-770 CVE-2023-38039: When curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed la
When curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed later via the libcurl headers API.
However, curl did not have a limit in how many or how large headers it would
accept in a response, allowing a malicious server to stream an endless series
of headers and eventually cause curl to run out of heap memory.
nvd