cbcvebase.

Microsoft Windows 10 21H2 vulnerabilities

1,830 known vulnerabilities affecting microsoft/windows_10_21h2.

Total CVEs
1,830
CISA KEV
87
actively exploited
Public exploits
54
Exploited in wild
97
Severity breakdown
CRITICAL44HIGH1306MEDIUM473LOW7

Vulnerabilities

Page 85 of 92
CVE-2024-38041P4MEDIUMCVSS 5.5fixed in 10.0.19044.46512024-07-09
CVE-2024-38041 [MEDIUM] CWE-200 CVE-2024-38041: Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability
nvd
CVE-2025-24992P4MEDIUMCVSS 5.5fixed in 10.0.19044.56082025-03-11
CVE-2025-24992 [MEDIUM] CWE-126 CVE-2025-24992: Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally. Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.
nvd
CVE-2024-43554P4MEDIUMCVSS 5.5fixed in 10.0.19044.50112024-10-08
CVE-2024-43554 [MEDIUM] CWE-212 CVE-2024-43554: Windows Kernel-Mode Driver Information Disclosure Vulnerability Windows Kernel-Mode Driver Information Disclosure Vulnerability
nvd
CVE-2023-21699P4MEDIUMCVSS 5.3fixed in 10.0.19044.26042023-02-14
CVE-2023-21699 [MEDIUM] CWE-125 CVE-2023-21699: Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
nvd
CVE-2025-32720P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-32720 [MEDIUM] CWE-125 CVE-2025-32720: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33055P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-33055 [MEDIUM] CWE-125 CVE-2025-33055: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33062P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-33062 [MEDIUM] CWE-125 CVE-2025-33062: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33063P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-33063 [MEDIUM] CWE-125 CVE-2025-33063: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33061P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-33061 [MEDIUM] CWE-125 CVE-2025-33061: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-24069P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-24069 [MEDIUM] CWE-125 CVE-2025-24069: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33058P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-33058 [MEDIUM] CWE-125 CVE-2025-33058: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33060P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-33060 [MEDIUM] CWE-125 CVE-2025-33060: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33059P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-33059 [MEDIUM] CWE-125 CVE-2025-33059: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33065P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-33065 [MEDIUM] CWE-125 CVE-2025-33065: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2026-25169P4MEDIUMCVSS 5.5fixed in 10.0.19044.70582026-03-10
CVE-2026-25169 [MEDIUM] CWE-369 CVE-2026-25169: Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service local Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.
nvd
CVE-2025-32719P4MEDIUMCVSS 5.5fixed in 10.0.19044.59652025-06-10
CVE-2025-32719 [MEDIUM] CWE-125 CVE-2025-32719: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2026-32181P4MEDIUMCVSS 5.5fixed in 10.0.19044.71842026-04-14
CVE-2026-32181 [MEDIUM] CWE-269 CVE-2026-32181: Improper privilege management in Microsoft Windows allows an authorized attacker to deny service loc Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.
nvd
CVE-2026-34339P4MEDIUMCVSS 5.5fixed in 10.0.19044.72912026-05-12
CVE-2026-34339 [MEDIUM] CWE-476 CVE-2026-34339: Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorize Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally.
nvd
CVE-2025-21268P4MEDIUMCVSS 4.3fixed in 10.0.19044.53712025-01-14
CVE-2025-21268 [MEDIUM] CWE-41 CVE-2025-21268: MapUrlToZone Security Feature Bypass Vulnerability MapUrlToZone Security Feature Bypass Vulnerability
nvd
CVE-2026-20834P4MEDIUMCVSS 4.6fixed in 10.0.19044.68092026-01-13
CVE-2026-20834 [MEDIUM] CWE-36 CVE-2026-20834: Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a physical attack.
nvd
← Previous85 / 92Next →
Microsoft Windows 10 21H2 vulnerabilities | cvebase