Msrc Windows 10 Version 21H2 vulnerabilities

2,050 known vulnerabilities affecting msrc/windows_10_version_21h2.

Total CVEs

2,050

CISA KEV

88

actively exploited

Public exploits

34

Exploited in wild

70

Severity breakdown

CRITICAL47HIGH1482MEDIUM512LOW9

Vulnerabilities

Page 103 of 103

CVE-2021-43232HIGHCVSS 7.82021-12-14

CVE-2021-43232 [HIGH] Windows Event Tracing Remote Code Execution Vulnerability Windows Event Tracing Remote Code Execution Vulnerability Windows Event Tracing: Windows Event Tracing Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218 Reference: https://suppo

CVE-2021-43222HIGHCVSS 7.52021-12-14

CVE-2021-43222 [HIGH] Microsoft Message Queuing Information Disclosure Vulnerability Microsoft Message Queuing Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. Windows Message Queuing: Windows Message Queuing Microsoft: Microsoft Impact: Information Disclosure Exploit Status: Publicly Disclosed:No;Exploited:No;Latest

CVE-2021-43234HIGHCVSS 7.82021-12-14

CVE-2021-43234 [HIGH] Windows Fax Service Remote Code Execution Vulnerability Windows Fax Service Remote Code Execution Vulnerability Role: Windows Fax Service: Role: Windows Fax Service Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218 Reference: https://s

CVE-2021-43216MEDIUMCVSS 6.52021-12-14

CVE-2021-43216 [MEDIUM] Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Microsoft Local

CVE-2021-43224MEDIUMCVSS 5.52021-12-14

CVE-2021-43224 [MEDIUM] Windows Common Log File System Driver Information Disclosure Vulnerability Windows Common Log File System Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Common Log File System Dri

CVE-2021-43235MEDIUMCVSS 5.52021-12-14

CVE-2021-43235 [MEDIUM] Storage Spaces Controller Information Disclosure Vulnerability Storage Spaces Controller Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Storage: Windows Storage Microsoft: Microsoft Im

CVE-2021-43244MEDIUMCVSS 6.52021-12-14

CVE-2021-43244 [MEDIUM] Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Kernel: Windows Kernel Microsoft: Microsoft Impact: Information Disclo

CVE-2021-43227MEDIUMCVSS 5.52021-12-14

CVE-2021-43227 [MEDIUM] Storage Spaces Controller Information Disclosure Vulnerability Storage Spaces Controller Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Storage Spaces Controller: Windows Storage Spaces

CVE-2021-34527HIGHCVSS 8.8KEVPoC2021-07-13

CVE-2021-34527 [HIGH] Windows Print Spooler Remote Code Execution Vulnerability Windows Print Spooler Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user

CVE-2021-26414MEDIUMCVSS 4.82021-06-08

CVE-2021-26414 [MEDIUM] Windows DCOM Server Security Feature Bypass Windows DCOM Server Security Feature Bypass FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or

← Previous103 / 103