~/products/microsoft/windows_10_21h2

pipeline liveDigest Docs

Microsoft Windows 10 21H2 vulnerabilities

1,827 known vulnerabilities affecting microsoft/windows_10_21h2.

Total CVEs

1,827

CISA KEV

87

actively exploited

Public exploits

54

Exploited in wild

97

Severity breakdown

CRITICAL44HIGH1303MEDIUM473LOW7

Vulnerabilities

SortPage 70 of 92

CVE-2024-21439P4HIGHCVSS 7.0fixed in 10.0.19044.41702024-03-12

CVE-2024-21439 [HIGH] CWE-416 CVE-2024-21439: Windows Telephony Server Elevation of Privilege Vulnerability Windows Telephony Server Elevation of Privilege Vulnerability

CVE-2024-43535P4HIGHCVSS 7.0fixed in 10.0.19044.50112024-10-08

CVE-2024-43535 [HIGH] CWE-416 CVE-2024-43535: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-43570P4HIGHCVSS 7.0fixed in 10.0.19044.50112024-10-08

CVE-2024-43570 [HIGH] CWE-416 CVE-2024-43570: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-38136P4HIGHCVSS 7.0fixed in 10.0.19044.47802024-08-13

CVE-2024-38136 [HIGH] CWE-416 CVE-2024-38136: Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

CVE-2024-49084P4HIGHCVSS 7.0fixed in 10.0.19044.52472024-12-12

CVE-2024-49084 [HIGH] CWE-362 CVE-2024-49084: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-38137P4HIGHCVSS 7.0fixed in 10.0.19044.47802024-08-13

CVE-2024-38137 [HIGH] CWE-416 CVE-2024-38137: Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

CVE-2024-43511P4HIGHCVSS 7.0fixed in 10.0.19044.50112024-10-08

CVE-2024-43511 [HIGH] CWE-367 CVE-2024-43511: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-29364P4HIGHCVSS 7.0fixed in 10.0.19044.30862023-06-14

CVE-2023-29364 [HIGH] CWE-190 CVE-2023-29364: Windows Authentication Elevation of Privilege Vulnerability Windows Authentication Elevation of Privilege Vulnerability

CVE-2024-35265P4HIGHCVSS 7.0fixed in 10.0.19044.45292024-06-11

CVE-2024-35265 [HIGH] CWE-367 CVE-2024-35265: Windows Perception Service Elevation of Privilege Vulnerability Windows Perception Service Elevation of Privilege Vulnerability

CVE-2025-21191P4HIGHCVSS 7.0fixed in 10.0.19044.57372025-04-08

CVE-2025-21191 [HIGH] CWE-367 CVE-2025-21191: Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows a Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

CVE-2023-24865P3MEDIUMCVSS 6.5fixed in 10.0.19044.27282023-03-14

CVE-2023-24865 [MEDIUM] CWE-20 CVE-2023-24865: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-24866P3MEDIUMCVSS 6.5fixed in 10.0.19044.27282023-03-14

CVE-2023-24866 [MEDIUM] CWE-20 CVE-2023-24866: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2025-21301P4MEDIUMCVSS 6.5fixed in 10.0.19044.53712025-01-14

CVE-2025-21301 [MEDIUM] CWE-284 CVE-2025-21301: Windows Geolocation Service Information Disclosure Vulnerability Windows Geolocation Service Information Disclosure Vulnerability

CVE-2026-26152P4HIGHCVSS 7.0fixed in 10.0.19044.71842026-04-14

CVE-2026-26152 [HIGH] CWE-922 CVE-2026-26152: Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized att Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.

CVE-2025-59195P4HIGHCVSS 7.0fixed in 10.0.19044.64562025-10-14

CVE-2025-59195 [HIGH] CWE-362 CVE-2025-59195: Concurrent execution using shared resource with improper synchronization ('race condition') in Micro Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to deny service locally.

CVE-2025-49678P4HIGHCVSS 7.0fixed in 10.0.19044.60932025-07-08

CVE-2025-49678 [HIGH] CWE-362 CVE-2025-49678: Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.

CVE-2025-33057P3MEDIUMCVSS 6.5fixed in 10.0.19044.59652025-06-10

CVE-2025-33057 [MEDIUM] CWE-476 CVE-2025-33057: Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.

CVE-2023-35296P3MEDIUMCVSS 6.5fixed in 10.0.19041.32082023-07-11

CVE-2023-35296 [MEDIUM] CWE-125 CVE-2023-35296: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CVE-2023-35316P3MEDIUMCVSS 6.5fixed in 10.0.19041.32082023-07-11

CVE-2023-35316 [MEDIUM] CWE-125 CVE-2023-35316: Remote Procedure Call Runtime Information Disclosure Vulnerability Remote Procedure Call Runtime Information Disclosure Vulnerability

CVE-2023-35332P4MEDIUMCVSS 6.8fixed in 10.0.19041.32082023-07-11

CVE-2023-35332 [MEDIUM] CWE-326 CVE-2023-35332: Windows Remote Desktop Protocol Security Feature Bypass Windows Remote Desktop Protocol Security Feature Bypass

← Previous70 / 92Next →

Microsoft Windows 10 21H2 vulnerabilities | cvebase