Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2018-10-10 |
| Product | Windows 10 | Last view | 2021-10-13 |
| Version | 1607 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | x86 | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_10 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2021-10-13 | CVE-2021-40465 | Windows Text Shaping Remote Code Execution Vulnerability |
| 6.5 | 2021-10-13 | CVE-2021-40463 | Windows NAT Denial of Service Vulnerability |
| 6.5 | 2021-10-13 | CVE-2021-40460 | Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability |
| 5.5 | 2021-10-13 | CVE-2021-40455 | Windows Installer Spoofing Vulnerability |
| 5.5 | 2021-10-13 | CVE-2021-40454 | Rich Text Edit Control Information Disclosure Vulnerability |
| 7.8 | 2021-10-13 | CVE-2021-40449 | Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357. |
| 7.8 | 2021-10-13 | CVE-2021-40443 | Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40466, CVE-2021-40467. |
| 5.5 | 2021-10-13 | CVE-2021-38663 | Windows exFAT File System Information Disclosure Vulnerability |
| 5.5 | 2021-10-13 | CVE-2021-38662 | Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41343. |
| 6.5 | 2021-10-13 | CVE-2021-36970 | Windows Print Spooler Spoofing Vulnerability |
| 7.5 | 2021-10-13 | CVE-2021-36953 | Windows TCP/IP Denial of Service Vulnerability |
| 7.8 | 2021-10-13 | CVE-2021-26441 | Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345. |
| 8.8 | 2021-05-21 | CVE-2021-21552 | Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass the restricted environment and perform unauthorized actions on the affected system. |
| 7.8 | 2021-03-11 | CVE-2021-26901 | Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26898. |
| 7.8 | 2021-03-11 | CVE-2021-26899 | Windows UPnP Device Host Elevation of Privilege Vulnerability |
| 7.8 | 2021-03-11 | CVE-2021-26898 | Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26901. |
| 6.5 | 2020-12-10 | CVE-2020-17140 | Windows SMB Information Disclosure Vulnerability |
| 5.5 | 2020-09-11 | CVE-2020-16854 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1033, CVE-2020-1589, CVE-2020-1592. |
| 7.8 | 2020-09-11 | CVE-2020-1598 | An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. |
| 5.3 | 2020-09-11 | CVE-2020-1596 | A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka 'TLS Information Disclosure Vulnerability'. |
| 8.8 | 2020-09-11 | CVE-2020-1593 | A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects, aka 'Windows Media Audio Decoder Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1508. |
| 5.5 | 2020-09-11 | CVE-2020-1589 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1033, CVE-2020-1592, CVE-2020-16854. |
| 7.8 | 2020-09-11 | CVE-2020-1559 | An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations, aka 'Windows Storage Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0886. |
| 7.8 | 2020-09-11 | CVE-2020-0998 | An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. |
| 7.8 | 2020-09-11 | CVE-2020-0997 | A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory, aka 'Windows Camera Codec Pack Remote Code Execution Vulnerability'. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 42% (8) | CWE-269 | Improper Privilege Management |
| 15% (3) | CWE-787 | Out-of-bounds Write |
| 15% (3) | CWE-20 | Improper Input Validation |
| 5% (1) | CWE-434 | Unrestricted Upload of File with Dangerous Type |
| 5% (1) | CWE-346 | Origin Validation Error |
| 5% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
| 5% (1) | CWE-312 | Cleartext Storage of Sensitive Information |
| 5% (1) | CWE-295 | Certificate Issues |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2021-01-12 | Microsoft Windows SMB2 SET_INFO information disclosure attempt RuleID : 56571 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-08 | Microsoft Windows kernel driver escalation of privilege attempt RuleID : 55188 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-08 | Microsoft Windows kernel driver escalation of privilege attempt RuleID : 55187 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows TCPIP kernel driver use-after-free attempt RuleID : 54766 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows TCPIP kernel driver use-after-free attempt RuleID : 54765 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows GDI privilege escalation attempt RuleID : 54738 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows GDI privilege escalation attempt RuleID : 54737 - Type : OS-WINDOWS - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54533 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54532 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54531 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54530 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54529 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54528 - Type : FILE-OTHER - Revision : 1 |
| 2020-06-11 | Microsoft Windows Win32k privilege escalation attempt RuleID : 53933 - Type : OS-WINDOWS - Revision : 1 |
| 2020-06-11 | Microsoft Windows Win32k privilege escalation attempt RuleID : 53932 - Type : OS-WINDOWS - Revision : 1 |
