Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 10
Total 4164 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-26803 1 Microsoft 9 Windows 10, Windows 11, Windows 8.1 and 6 more 2022-04-18 7.2 HIGH 7.8 HIGH
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802.
CVE-2022-26826 1 Microsoft 5 Windows 10, Windows 11, Windows Server 2016 and 2 more 2022-04-18 9.0 HIGH 7.2 HIGH
Windows DNS Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24536, CVE-2022-26811, CVE-2022-26812, CVE-2022-26813, CVE-2022-26814, CVE-2022-26815, CVE-2022-26817, CVE-2022-26818, CVE-2022-26819, CVE-2022-26820, CVE-2022-26821, CVE-2022-26822, CVE-2022-26823, CVE-2022-26824, CVE-2022-26825, CVE-2022-26829.
CVE-2019-7845 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2022-04-18 6.8 MEDIUM 8.8 HIGH
Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192 and earlier, and 32.0.0.192 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2020-15705 7 Canonical, Debian, Gnu and 4 more 14 Ubuntu Linux, Debian Linux, Grub2 and 11 more 2022-04-18 4.4 MEDIUM 6.4 MEDIUM
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.
CVE-2018-4878 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2022-04-18 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.
CVE-2019-8075 7 Adobe, Apple, Debian and 4 more 11 Flash Player, Flash Player Desktop Runtime, Macos and 8 more 2022-04-18 5.0 MEDIUM 7.5 HIGH
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
CVE-2021-1732 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2022-04-12 4.6 MEDIUM 7.8 HIGH
Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698.
CVE-2022-24455 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2022-03-14 7.2 HIGH 7.8 HIGH
Windows CD-ROM Driver Elevation of Privilege Vulnerability.
CVE-2022-23285 1 Microsoft 9 Windows 10, Windows 7, Windows 8.1 and 6 more 2022-03-14 6.8 MEDIUM 8.8 HIGH
Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21990.
CVE-2022-21967 1 Microsoft 2 Windows 10, Windows 11 2022-03-14 4.4 MEDIUM 7.0 HIGH
Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability.
CVE-2021-33110 2 Intel, Microsoft 17 Ac 1550 Firmware, Ac 3165 Firmware, Ac 3168 Firmware and 14 more 2022-02-15 3.3 LOW 6.5 MEDIUM
Improper input validation for some Intel(R) Wireless Bluetooth(R) products and Killer(TM) Bluetooth(R) products in Windows 10 and 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2021-33114 2 Intel, Microsoft 17 Ac 1550 Firmware, Ac 3165 Firmware, Ac 3168 Firmware and 14 more 2022-02-15 2.7 LOW 5.7 MEDIUM
Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an authenticated user to potentially enable denial of service via adjacent access.
CVE-2021-33113 2 Intel, Microsoft 17 Ac 1550 Firmware, Ac 3165 Firmware, Ac 3168 Firmware and 14 more 2022-02-15 4.8 MEDIUM 8.1 HIGH
Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.
CVE-2022-21964 1 Microsoft 1 Windows 10 2022-01-20 4.9 MEDIUM 5.5 MEDIUM
Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability.
CVE-2022-21899 1 Microsoft 6 Windows 10, Windows 7, Windows 8.1 and 3 more 2022-01-19 4.9 MEDIUM 5.5 MEDIUM
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability.
CVE-2022-21839 1 Microsoft 2 Windows 10, Windows Server 2019 2022-01-13 2.1 LOW 5.5 MEDIUM
Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability.
CVE-2020-1457 1 Microsoft 1 Windows 10 2022-01-04 6.8 MEDIUM 7.8 HIGH
A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1425.
CVE-2020-0792 1 Microsoft 2 Windows 10, Windows Server 2016 2022-01-01 7.2 HIGH 8.8 HIGH
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0745.
CVE-2020-0674 1 Microsoft 8 Internet Explorer, Windows 10, Windows 7 and 5 more 2022-01-01 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.
CVE-2020-0744 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2022-01-01 2.1 LOW 5.5 MEDIUM
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'.