This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2017-11-14
Product Windows 10 Last view 2021-05-21
Version 1709 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_10

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.8 2021-05-21 CVE-2021-21552

Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass the restricted environment and perform unauthorized actions on the affected system.

7.8 2020-11-11 CVE-2020-17055

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044.

7.5 2020-11-11 CVE-2020-17047

Windows Network File System Denial of Service Vulnerability

7.8 2020-11-11 CVE-2020-17044

Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17055.

7.8 2020-11-11 CVE-2020-17037

Windows WalletService Elevation of Privilege Vulnerability

7.8 2020-10-16 CVE-2020-17022

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'.

7.8 2020-10-16 CVE-2020-16976

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975.

7.8 2020-10-16 CVE-2020-16975

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16976.

7.8 2020-10-16 CVE-2020-16974

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16972, CVE-2020-16973, CVE-2020-16975, CVE-2020-16976.

7.8 2020-10-16 CVE-2020-16973

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16972, CVE-2020-16974, CVE-2020-16975, CVE-2020-16976.

7.8 2020-10-16 CVE-2020-16972

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975, CVE-2020-16976.

7.8 2020-10-16 CVE-2020-16968

A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory, aka 'Windows Camera Codec Pack Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16967.

7.8 2020-10-16 CVE-2020-16967

A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory, aka 'Windows Camera Codec Pack Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16968.

7.5 2020-10-16 CVE-2020-16949

A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Denial of Service Vulnerability'.

5.5 2020-10-16 CVE-2020-16940

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points, aka 'Windows - User Profile Service Elevation of Privilege Vulnerability'.

7.8 2020-10-16 CVE-2020-16939

An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.

7.8 2020-10-16 CVE-2020-16936

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975, CVE-2020-16976.

7.8 2020-10-16 CVE-2020-16935

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16916.

8.8 2020-10-16 CVE-2020-16933

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files, aka 'Microsoft Word Security Feature Bypass Vulnerability'.

7.5 2020-10-16 CVE-2020-16927

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

7.8 2020-10-16 CVE-2020-16924

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.

7.8 2020-10-16 CVE-2020-16923

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1167.

5.5 2020-10-16 CVE-2020-16922

A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows Spoofing Vulnerability'.

5.5 2020-10-16 CVE-2020-16921

An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory, aka 'Windows Text Services Framework Information Disclosure Vulnerability'.

7.8 2020-10-16 CVE-2020-16920

An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations, aka 'Windows Application Compatibility Client Library Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16876.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
20% (74) CWE-200 Information Exposure
14% (54) CWE-787 Out-of-bounds Write
8% (32) CWE-404 Improper Resource Shutdown or Release
8% (32) CWE-20 Improper Input Validation
6% (25) CWE-59 Improper Link Resolution Before File Access ('Link Following')
5% (21) CWE-665 Improper Initialization
4% (17) CWE-269 Improper Privilege Management
3% (14) CWE-125 Out-of-bounds Read
3% (13) CWE-611 Information Leak Through XML External Entity File Disclosure
1% (7) CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
1% (7) CWE-190 Integer Overflow or Wraparound
1% (6) CWE-416 Use After Free
1% (5) CWE-732 Incorrect Permission Assignment for Critical Resource
1% (4) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
1% (4) CWE-362 Race Condition
0% (3) CWE-755 Improper Handling of Exceptional Conditions
0% (3) CWE-347 Improper Verification of Cryptographic Signature
0% (3) CWE-295 Certificate Issues
0% (3) CWE-264 Permissions, Privileges, and Access Controls
0% (3) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
0% (3) CWE-94 Failure to Control Generation of Code ('Code Injection')
0% (3) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (3) CWE-19 Data Handling
0% (2) CWE-522 Insufficiently Protected Credentials
0% (2) CWE-502 Deserialization of Untrusted Data

SAINT Exploits

Description Link
Windows RRAS Service Remote Code Execution Vulnerability More info here

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2021-01-28 Cisco RV Series Routers stack buffer overflow attempt
RuleID : 56843 - Type : SERVER-WEBAPP - Revision : 2
2020-12-12 Windows Network File System denial of service attempt
RuleID : 56309 - Type : PROTOCOL-RPC - Revision : 1
2020-11-12 Microsoft Windows Remote Desktop information disclosure attempt
RuleID : 55994 - Type : OS-WINDOWS - Revision : 1
2020-11-12 Microsoft Windows IPv6 DNSSL option record denial of service attempt
RuleID : 55993 - Type : PROTOCOL-ICMP - Revision : 1
2020-11-12 Microsoft Windows Win32k kernel driver privilege escalation attempt
RuleID : 55990 - Type : OS-WINDOWS - Revision : 1
2020-11-12 Microsoft Windows Win32k kernel driver privilege escalation attempt
RuleID : 55989 - Type : OS-WINDOWS - Revision : 1
2020-11-12 Microsoft Windows IPv6 stack remote execution attempt
RuleID : 55984 - Type : PROTOCOL-ICMP - Revision : 1
2020-11-12 Microsoft Windows digital signature spoofing attempt
RuleID : 55983 - Type : OS-WINDOWS - Revision : 1
2020-11-12 Microsoft Windows digital signature spoofing attempt
RuleID : 55982 - Type : OS-WINDOWS - Revision : 1
2020-11-12 Microsoft Windows Media Foundation memory corruption attempt
RuleID : 55980 - Type : FILE-MULTIMEDIA - Revision : 1
2020-11-12 Microsoft Windows Media Foundation memory corruption attempt
RuleID : 55979 - Type : FILE-MULTIMEDIA - Revision : 1
2020-11-11 Microsoft Windows Win32k driver privilege escalation attempt
RuleID : 55943 - Type : OS-WINDOWS - Revision : 2
2020-11-11 Microsoft Windows Win32k driver privilege escalation attempt
RuleID : 55942 - Type : OS-WINDOWS - Revision : 2
2020-10-08 Microsoft Windows kernel driver escalation of privilege attempt
RuleID : 55188 - Type : OS-WINDOWS - Revision : 1
2020-10-08 Microsoft Windows kernel driver escalation of privilege attempt
RuleID : 55187 - Type : OS-WINDOWS - Revision : 1
2020-10-06 Microsoft Windows kernel DirectComposition use after free attempt
RuleID : 55162 - Type : OS-WINDOWS - Revision : 1
2020-10-06 Microsoft Windows kernel DirectComposition use after free attempt
RuleID : 55161 - Type : OS-WINDOWS - Revision : 1
2020-10-06 Microsoft Windows DirectX kernel driver local privilege escalation attempt
RuleID : 55146 - Type : OS-WINDOWS - Revision : 1
2020-10-06 Microsoft Windows DirectX kernel driver local privilege escalation attempt
RuleID : 55145 - Type : OS-WINDOWS - Revision : 1
2020-10-06 Microsoft Windows win32k kernel driver use after free attempt
RuleID : 55144 - Type : OS-WINDOWS - Revision : 1
2020-10-06 Microsoft Windows win32k kernel driver use after free attempt
RuleID : 55143 - Type : OS-WINDOWS - Revision : 1
2020-10-06 Microsoft Windows CLFS Driver elevation of privilege attempt
RuleID : 55142 - Type : FILE-OTHER - Revision : 1
2020-10-06 Microsoft Windows CLFS Driver elevation of privilege attempt
RuleID : 55141 - Type : FILE-OTHER - Revision : 1
2020-09-19 Windows print spooler elevation of privilege attempt
RuleID : 54820 - Type : OS-WINDOWS - Revision : 1
2020-09-19 Windows print spooler elevation of privilege attempt
RuleID : 54819 - Type : OS-WINDOWS - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-db0d3e157e.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-5521156807.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-527698a904.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-44f8a7454d.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote host is missing a macOS security update that fixes multiple vulner...
File: macosx_SecUpd_10_13_6_2018-002.nasl - Type: ACT_GATHER_INFO
2018-10-18 Name: The remote host is missing a macOS update that fixes multiple security vulner...
File: macos_10_14.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1265.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1267.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1270.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1271.nasl - Type: ACT_GATHER_INFO
2018-09-17 Name: The remote Debian host is missing a security update.
File: debian_DLA-1506.nasl - Type: ACT_GATHER_INFO
2018-09-11 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macos_ms18_sep_office.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4273.nasl - Type: ACT_GATHER_INFO
2018-07-30 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2018-208-01.nasl - Type: ACT_GATHER_INFO
2018-07-27 Name: The remote Debian host is missing a security update.
File: debian_DLA-1446.nasl - Type: ACT_GATHER_INFO
2018-07-26 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1049.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0049.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0151.nasl - Type: ACT_GATHER_INFO
2018-07-20 Name: The remote Debian host is missing a security update.
File: debian_DLA-1423.nasl - Type: ACT_GATHER_INFO
2018-07-18 Name: The remote Virtuozzo host is missing multiple security updates.
File: Virtuozzo_VZA-2018-048.nasl - Type: ACT_GATHER_INFO
2018-07-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2164.nasl - Type: ACT_GATHER_INFO
2018-07-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2162.nasl - Type: ACT_GATHER_INFO
2018-07-09 Name: The remote Fedora host is missing a security update.
File: fedora_2018-9f02e5ed7b.nasl - Type: ACT_GATHER_INFO
2018-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2001.nasl - Type: ACT_GATHER_INFO