Microsoft » Windows 10 : Security Vulnerabilities, CVEs, CVSS score between 3 and 4.99
Windows Overlay Filter Information Disclosure Vulnerability
Max CVSS
4.7
EPSS Score
0.04%
Published
2023-01-10
Updated
2023-04-27
Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability
Max CVSS
3.3
EPSS Score
0.04%
Published
2023-01-10
Updated
2023-04-27
BitLocker Security Feature Bypass Vulnerability
Max CVSS
4.6
EPSS Score
0.16%
Published
2022-11-09
Updated
2023-03-10
Windows USB Serial Driver Information Disclosure Vulnerability
Max CVSS
4.3
EPSS Score
0.04%
Published
2022-10-11
Updated
2023-12-20
Windows Kernel Elevation of Privilege Vulnerability
Max CVSS
3.3
EPSS Score
0.04%
Published
2022-10-11
Updated
2023-12-20
Windows Event Logging Service Denial of Service Vulnerability
Max CVSS
4.3
EPSS Score
0.12%
Published
2022-10-11
Updated
2023-12-20
Windows Defender Credential Guard Information Disclosure Vulnerability
Max CVSS
4.7
EPSS Score
0.04%
Published
2022-08-09
Updated
2023-05-31
Windows Connected Devices Platform Service Information Disclosure Vulnerability
Max CVSS
4.7
EPSS Score
0.04%
Published
2022-07-12
Updated
2023-05-17
BitLocker Security Feature Bypass Vulnerability
Max CVSS
4.2
EPSS Score
0.05%
Published
2022-05-10
Updated
2023-12-21
Windows Hyper-V Security Feature Bypass Vulnerability
Max CVSS
4.1
EPSS Score
0.04%
Published
2022-05-10
Updated
2023-12-21
Media Foundation Information Disclosure Vulnerability
Max CVSS
4.3
EPSS Score
0.09%
Published
2022-03-09
Updated
2023-06-29
Windows Hyper-V Denial of Service Vulnerability
Max CVSS
4.7
EPSS Score
0.04%
Published
2022-03-09
Updated
2023-06-29
Windows Defender Credential Guard Security Feature Bypass Vulnerability
Max CVSS
4.9
EPSS Score
0.04%
Published
2022-01-11
Updated
2023-12-21
Windows Hyper-V Security Feature Bypass Vulnerability
Max CVSS
4.6
EPSS Score
0.04%
Published
2022-01-11
Updated
2023-12-21
Secure Boot Security Feature Bypass Vulnerability
Max CVSS
4.9
EPSS Score
0.11%
Published
2022-01-11
Updated
2023-12-21
Windows Kernel Information Disclosure Vulnerability
Max CVSS
4.7
EPSS Score
0.04%
Published
2022-07-12
Updated
2023-05-18
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Max CVSS
4.4
EPSS Score
0.04%
Published
2021-11-10
Updated
2023-12-28
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Max CVSS
4.4
EPSS Score
0.04%
Published
2021-11-10
Updated
2023-12-28
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
Max CVSS
4.4
EPSS Score
0.05%
Published
2021-04-13
Updated
2023-12-29
Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
Max CVSS
4.6
EPSS Score
0.07%
Published
2021-04-13
Updated
2023-12-29
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
Max CVSS
4.4
EPSS Score
0.05%
Published
2021-04-13
Updated
2023-12-29
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
Max CVSS
3.5
EPSS Score
0.21%
Published
2021-05-11
Updated
2023-04-01
<p>An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.</p>
<p>To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>
<p>The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory.</p>
Max CVSS
4.4
EPSS Score
0.06%
Published
2020-09-11
Updated
2023-12-31
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.
To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.
The security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses.
Max CVSS
4.7
EPSS Score
0.04%
Published
2020-08-17
Updated
2024-01-19
This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service Denial of Service Vulnerability'.
Max CVSS
4.9
EPSS Score
0.15%
Published
2020-07-14
Updated
2021-07-21