Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 10
Total 4164 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-0792 1 Microsoft 2 Windows 10, Windows Server 2016 2022-01-01 7.2 HIGH 8.8 HIGH
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0745.
CVE-2020-0668 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2022-01-01 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.
CVE-2020-12983 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2021-12-30 4.6 MEDIUM 7.8 HIGH
An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service.
CVE-2020-12986 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2021-12-30 7.2 HIGH 7.8 HIGH
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service.
CVE-2020-12987 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2021-12-30 2.1 LOW 5.5 MEDIUM
A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.
CVE-2020-12982 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2021-12-30 4.6 MEDIUM 7.8 HIGH
An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
CVE-2021-38505 2 Microsoft, Mozilla 4 Windows 10, Firefox, Firefox Esr and 1 more 2021-12-10 4.3 MEDIUM 6.5 MEDIUM
Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account. *This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVE-2020-0822 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-11-29 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations, aka 'Windows Language Pack Installer Elevation of Privilege Vulnerability'.
CVE-2016-4171 8 Adobe, Apple, Google and 5 more 15 Flash Player, Flash Player For Linux, Mac Os X and 12 more 2021-11-26 10.0 HIGH 9.8 CRITICAL
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
CVE-2021-33063 2 Intel, Microsoft 2 Realsense D400 Series Universal Windows Platform Driver, Windows 10 2021-11-23 4.4 MEDIUM 7.8 HIGH
Uncontrolled search path in the Intel(R) RealSense(TM) D400 Series UWP driver for Windows 10 before version 6.1.160.22 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2021-3718 3 Lenovo, Linux, Microsoft 83 Thinkpad 11e 3rd Gen, Thinkpad 11e 3rd Gen Firmware, Thinkpad 11e 4th Gen Celeron and 80 more 2021-11-23 4.7 MEDIUM 4.6 MEDIUM
A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS.
CVE-2021-0120 2 Intel, Microsoft 2 Graphics Driver, Windows 10 2021-11-22 2.1 LOW 5.5 MEDIUM
Improper initialization in the installer for some Intel(R) Graphics DCH Drivers for Windows 10 before version 27.20.100.9316 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2019-8069 5 Adobe, Apple, Google and 2 more 8 Flash Player, Flash Player Desktop Runtime, Macos and 5 more 2021-11-22 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
CVE-2019-8070 5 Adobe, Apple, Google and 2 more 8 Flash Player, Flash Player Desktop Runtime, Macos and 5 more 2021-11-22 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
CVE-2021-3519 2 Lenovo, Microsoft 119 Ideacentre 3-07imb05, Ideacentre 3-07imb05 Firmware, Ideacentre 310s-08igm and 116 more 2021-11-19 6.9 MEDIUM 6.8 MEDIUM
A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes.
CVE-2016-4156 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4147 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4148 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4145 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
CVE-2016-4137 8 Adobe, Apple, Google and 5 more 16 Flash Player, Flash Player Desktop Runtime, Macos and 13 more 2021-11-19 9.3 HIGH 8.8 HIGH
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.