This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2015-09-08
Product Windows 10 Last view 2021-10-13
Version - Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware x64  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_10

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2021-10-13 CVE-2021-40465

Windows Text Shaping Remote Code Execution Vulnerability
6.5 2021-10-13 CVE-2021-40463

Windows NAT Denial of Service Vulnerability
6.5 2021-10-13 CVE-2021-40460

Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability
5.5 2021-10-13 CVE-2021-40455

Windows Installer Spoofing Vulnerability
5.5 2021-10-13 CVE-2021-40454

Rich Text Edit Control Information Disclosure Vulnerability
7.8 2021-10-13 CVE-2021-40449

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357.
7.8 2021-10-13 CVE-2021-40443

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40466, CVE-2021-40467.
5.5 2021-10-13 CVE-2021-38663

Windows exFAT File System Information Disclosure Vulnerability
5.5 2021-10-13 CVE-2021-38662

Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41343.
6.5 2021-10-13 CVE-2021-36970

Windows Print Spooler Spoofing Vulnerability
7.5 2021-10-13 CVE-2021-36953

Windows TCP/IP Denial of Service Vulnerability
7.8 2021-10-13 CVE-2021-26441

Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345.
8.8 2021-05-21 CVE-2021-21552

Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass the restricted environment and perform unauthorized actions on the affected system.
9.9 2021-05-11 CVE-2021-28476

Hyper-V Remote Code Execution Vulnerability
6.5 2021-04-13 CVE-2021-28444

Windows Hyper-V Security Feature Bypass Vulnerability
7.8 2021-03-11 CVE-2021-26901

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26898.
7.8 2021-03-11 CVE-2021-26899

Windows UPnP Device Host Elevation of Privilege Vulnerability
7.8 2021-03-11 CVE-2021-26898

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26901.
7.5 2021-03-11 CVE-2021-26879

Windows NAT Denial of Service Vulnerability
5.5 2021-02-25 CVE-2021-24076

Microsoft Windows VMSwitch Information Disclosure Vulnerability
7.8 2021-01-12 CVE-2021-1710

Microsoft Windows Media Foundation Remote Code Execution Vulnerability
7.8 2021-01-12 CVE-2021-1704

Windows Hyper-V Elevation of Privilege Vulnerability
7.7 2021-01-12 CVE-2021-1692

Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-1691.
8.8 2020-10-16 CVE-2020-16891

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.
5.5 2020-09-11 CVE-2020-16854

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1033, CVE-2020-1589, CVE-2020-1592.

CWE : Common Weakness Enumeration

%idName
49% (26) CWE-20 Improper Input Validation
16% (9) CWE-269 Improper Privilege Management
9% (5) CWE-200 Information Exposure
5% (3) CWE-264 Permissions, Privileges, and Access Controls
3% (2) CWE-787 Out-of-bounds Write
1% (1) CWE-434 Unrestricted Upload of File with Dangerous Type
1% (1) CWE-346 Origin Validation Error
1% (1) CWE-331 Insufficient Entropy
1% (1) CWE-327 Use of a Broken or Risky Cryptographic Algorithm
1% (1) CWE-312 Cleartext Storage of Sensitive Information
1% (1) CWE-295 Certificate Issues
1% (1) CWE-284 Access Control (Authorization) Issues
1% (1) CWE-254 Security Features

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0111 Microsoft Hyper-V Security Bypass Vulnerability (MS15-105)
Severity: Category II - VMSKEY: V0061371
2015-A-0212 Multiple Vulnerabilities in Microsoft Graphics Component (MS15-097)
Severity: Category II - VMSKEY: V0061385

Snort® IPS/IDS

Date Description
2020-10-08 Microsoft Windows kernel driver escalation of privilege attempt
RuleID : 55188 - Type : OS-WINDOWS - Revision : 1
2020-10-08 Microsoft Windows kernel driver escalation of privilege attempt
RuleID : 55187 - Type : OS-WINDOWS - Revision : 1
2020-09-15 Microsoft Windows TCPIP kernel driver use-after-free attempt
RuleID : 54766 - Type : OS-WINDOWS - Revision : 1
2020-09-15 Microsoft Windows TCPIP kernel driver use-after-free attempt
RuleID : 54765 - Type : OS-WINDOWS - Revision : 1
2020-09-15 Microsoft Windows GDI privilege escalation attempt
RuleID : 54738 - Type : OS-WINDOWS - Revision : 1
2020-09-15 Microsoft Windows GDI privilege escalation attempt
RuleID : 54737 - Type : OS-WINDOWS - Revision : 1
2020-08-13 Microsoft Windows Address Book Contact file integer overflow attempt
RuleID : 54533 - Type : FILE-OTHER - Revision : 1
2020-08-13 Microsoft Windows Address Book Contact file integer overflow attempt
RuleID : 54532 - Type : FILE-OTHER - Revision : 1
2020-08-13 Microsoft Windows Address Book Contact file integer overflow attempt
RuleID : 54531 - Type : FILE-OTHER - Revision : 1
2020-08-13 Microsoft Windows Address Book Contact file integer overflow attempt
RuleID : 54530 - Type : FILE-OTHER - Revision : 1
2020-08-13 Microsoft Windows Address Book Contact file integer overflow attempt
RuleID : 54529 - Type : FILE-OTHER - Revision : 1
2020-08-13 Microsoft Windows Address Book Contact file integer overflow attempt
RuleID : 54528 - Type : FILE-OTHER - Revision : 1
2020-06-11 Microsoft Windows Win32k privilege escalation attempt
RuleID : 53933 - Type : OS-WINDOWS - Revision : 1
2020-06-11 Microsoft Windows Win32k privilege escalation attempt
RuleID : 53932 - Type : OS-WINDOWS - Revision : 1
2016-03-14 Microsoft Windows gpuenergydrv.sys driver privilege escalation attempt
RuleID : 36990 - Type : OS-WINDOWS - Revision : 2
2016-03-14 Microsoft Windows gpuenergydrv.sys driver privilege escalation attempt
RuleID : 36989 - Type : OS-WINDOWS - Revision : 2

Nessus® Vulnerability Scanner

id Description
2016-09-13 Name: The remote host is affected by an information disclosure vulnerability.
File: smb_nt_ms16-113.nasl - Type: ACT_GATHER_INFO
2016-08-09 Name: The remote host is affected by an information disclosure vulnerability.
File: smb_nt_ms16-103.nasl - Type: ACT_GATHER_INFO
2016-01-13 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms16-005.nasl - Type: ACT_GATHER_INFO
2016-01-13 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms16-007.nasl - Type: ACT_GATHER_INFO
2015-12-08 Name: The remote Windows host is affected by multiple elevation of privilege vulner...
File: smb_nt_ms15-135.nasl - Type: ACT_GATHER_INFO
2015-09-09 Name: The remote host is affected by multiple vulnerabilities.
File: smb_nt_ms15-097.nasl - Type: ACT_GATHER_INFO
2015-09-08 Name: The remote Windows host is affected by a security bypass vulnerability.
File: smb_nt_ms15-105.nasl - Type: ACT_GATHER_INFO