Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 10
Total 4164 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-21701 1 Microsoft 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more 2023-02-23 N/A 7.5 HIGH
Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability
CVE-2023-21699 1 Microsoft 10 Windows 10, Windows 10 1607, Windows 10 1809 and 7 more 2023-02-23 N/A 5.3 MEDIUM
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
CVE-2023-21700 1 Microsoft 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more 2023-02-23 N/A 7.5 HIGH
Windows iSCSI Discovery Service Denial of Service Vulnerability
CVE-2023-21697 1 Microsoft 10 Windows 10, Windows 10 1607, Windows 10 1809 and 7 more 2023-02-23 N/A 5.5 MEDIUM
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
CVE-2023-21694 1 Microsoft 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more 2023-02-23 N/A 6.8 MEDIUM
Windows Fax Service Remote Code Execution Vulnerability
CVE-2023-21695 1 Microsoft 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more 2023-02-23 N/A 8.8 HIGH
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2022-34704 1 Microsoft 5 Windows 10, Windows 11, Windows Server 2016 and 2 more 2023-02-15 N/A 4.7 MEDIUM
Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34710, CVE-2022-34712.
CVE-2023-21776 1 Microsoft 10 Windows 10, Windows 11, Windows 7 and 7 more 2023-02-10 N/A 5.5 MEDIUM
Windows Kernel Information Disclosure Vulnerability.
CVE-2022-38046 1 Microsoft 4 Windows 10, Windows 11, Windows Server 2019 and 1 more 2023-02-10 N/A 7.5 HIGH
Web Account Manager Information Disclosure Vulnerability.
CVE-2022-42970 2 Microsoft, Schneider-electric 8 Windows 10, Windows 11, Windows 7 and 5 more 2023-02-08 N/A 9.8 CRITICAL
A CWE-306: Missing Authentication for Critical Function The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261)
CVE-2022-42971 2 Microsoft, Schneider-electric 8 Windows 10, Windows 11, Windows 7 and 5 more 2023-02-08 N/A 9.8 CRITICAL
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could cause remote code execution when the attacker uploads a malicious JSP file. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261)
CVE-2022-42972 2 Microsoft, Schneider-electric 8 Windows 10, Windows 11, Windows 7 and 5 more 2023-02-08 N/A 7.8 HIGH
A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261)
CVE-2022-42973 2 Microsoft, Schneider-electric 8 Windows 10, Windows 11, Windows 7 and 5 more 2023-02-08 N/A 7.8 HIGH
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA), APC Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GA-01-22261), Schneider Electric Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GS), Schneider Electric Easy UPS Online Monitoring Software (Windows 11, Windows Server 2019, 2022 - Versions prior to V2.5-GS-01-22261)
CVE-2016-1014 5 Adobe, Apple, Google and 2 more 13 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 10 more 2023-02-03 6.9 MEDIUM 7.3 HIGH
Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory.
CVE-2019-0820 2 Microsoft, Redhat 14 .net Core, .net Framework, Windows 10 and 11 more 2023-02-02 5.0 MEDIUM 7.5 HIGH
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
CVE-2016-6932 5 Adobe, Apple, Google and 2 more 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more 2023-01-31 9.3 HIGH 8.8 HIGH
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, and CVE-2016-6931.
CVE-2016-4279 5 Adobe, Apple, Google and 2 more 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more 2023-01-31 9.3 HIGH 8.8 HIGH
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
CVE-2016-6921 5 Adobe, Apple, Google and 2 more 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more 2023-01-31 9.3 HIGH 8.8 HIGH
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.
CVE-2016-6930 5 Adobe, Apple, Google and 2 more 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more 2023-01-31 9.3 HIGH 8.8 HIGH
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6929, CVE-2016-6931, and CVE-2016-6932.
CVE-2016-6929 5 Adobe, Apple, Google and 2 more 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more 2023-01-31 9.3 HIGH 8.8 HIGH
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923, CVE-2016-6925, CVE-2016-6926, CVE-2016-6927, CVE-2016-6930, CVE-2016-6931, and CVE-2016-6932.