Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2018-03-14 |
| Product | Windows 10 | Last view | 2021-05-21 |
| Version | 1803 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_10 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 8.8 | 2021-05-21 | CVE-2021-21552 | Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass the restricted environment and perform unauthorized actions on the affected system. |
| 8.8 | 2021-05-11 | CVE-2021-31194 | OLE Automation Remote Code Execution Vulnerability |
| 7.8 | 2021-05-11 | CVE-2021-31193 | Windows SSDP Service Elevation of Privilege Vulnerability |
| 5.5 | 2021-05-11 | CVE-2021-31191 | Windows Projected File System FS Filter Driver Information Disclosure Vulnerability |
| 5.5 | 2021-05-11 | CVE-2021-31188 | Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31170. |
| 7.8 | 2021-05-11 | CVE-2021-31187 | Windows WalletService Elevation of Privilege Vulnerability |
| 6.5 | 2021-05-11 | CVE-2021-31186 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
| 5.5 | 2021-05-11 | CVE-2021-31184 | Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability |
| 7.1 | 2021-05-11 | CVE-2021-31182 | Microsoft Bluetooth Driver Spoofing Vulnerability |
| 7.8 | 2021-05-11 | CVE-2021-31170 | Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31188. |
| 5.5 | 2021-05-11 | CVE-2021-28479 | Windows CSC Service Information Disclosure Vulnerability |
| 8.8 | 2021-05-11 | CVE-2021-28455 | Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability |
| 3.5 | 2021-05-11 | CVE-2020-24588 | The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. |
| 4.4 | 2021-04-13 | CVE-2021-28447 | Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-27094. |
| 5.5 | 2021-04-13 | CVE-2021-28446 | Windows Portmapping Information Disclosure Vulnerability |
| 8.8 | 2021-04-13 | CVE-2021-28445 | Windows Network File System Remote Code Execution Vulnerability |
| 5.5 | 2021-04-13 | CVE-2021-28443 | Windows Console Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-28438. |
| 6.5 | 2021-04-13 | CVE-2021-28442 | Windows TCP/IP Information Disclosure Vulnerability |
| 7.8 | 2021-04-13 | CVE-2021-28440 | Windows Installer Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26415. |
| 7.5 | 2021-04-13 | CVE-2021-28439 | Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-28319. |
| 5.5 | 2021-04-13 | CVE-2021-28438 | Windows Console Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-28443. |
| 5.5 | 2021-04-13 | CVE-2021-28437 | Windows Installer Information Disclosure Vulnerability |
| 7.8 | 2021-04-13 | CVE-2021-28436 | Windows Speech Runtime Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-28347, CVE-2021-28351. |
| 5.5 | 2021-04-13 | CVE-2021-28435 | Windows Event Tracing Information Disclosure Vulnerability |
| 8.8 | 2021-04-13 | CVE-2021-28434 | Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331, CVE-2021-28332, CVE-2021-28333, CVE-2021-28334, CVE-2021-28335, CVE-2021-28336, CVE-2021-28337, CVE-2021-28338, CVE-2021-28339, CVE-2021-28340, CVE-2021-28341, CVE-2021-28342, CVE-2021-28343, CVE-2021-28344, CVE-2021-28345, CVE-2021-28346, CVE-2021-28352, CVE-2021-28353, CVE-2021-28354, CVE-2021-28355, CVE-2021-28356, CVE-2021-28357, CVE-2021-28358. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 20% (90) | CWE-269 | Improper Privilege Management |
| 17% (76) | CWE-200 | Information Exposure |
| 14% (62) | CWE-787 | Out-of-bounds Write |
| 7% (32) | CWE-404 | Improper Resource Shutdown or Release |
| 5% (25) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 5% (22) | CWE-20 | Improper Input Validation |
| 3% (14) | CWE-125 | Out-of-bounds Read |
| 2% (12) | CWE-665 | Improper Initialization |
| 2% (12) | CWE-611 | Information Leak Through XML External Entity File Disclosure |
| 1% (8) | CWE-190 | Integer Overflow or Wraparound |
| 1% (6) | CWE-416 | Use After Free |
| 1% (6) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
| 1% (5) | CWE-755 | Improper Handling of Exceptional Conditions |
| 0% (4) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
| 0% (4) | CWE-362 | Race Condition |
| 0% (4) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 0% (3) | CWE-347 | Improper Verification of Cryptographic Signature |
| 0% (3) | CWE-295 | Certificate Issues |
| 0% (3) | CWE-264 | Permissions, Privileges, and Access Controls |
| 0% (3) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 0% (3) | CWE-19 | Data Handling |
| 0% (2) | CWE-522 | Insufficiently Protected Credentials |
| 0% (2) | CWE-502 | Deserialization of Untrusted Data |
| 0% (2) | CWE-354 | Improper Validation of Integrity Check Value |
| 0% (2) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2021-02-11 | Microsoft Windows Win32k kernel driver privilege escalation attempt RuleID : 56856 - Type : OS-WINDOWS - Revision : 1 |
| 2021-02-11 | Microsoft Windows Win32k kernel driver privilege escalation attempt RuleID : 56855 - Type : OS-WINDOWS - Revision : 1 |
| 2021-02-11 | Microsoft Windows Win32k kernel driver privilege escalation attempt RuleID : 56854 - Type : OS-WINDOWS - Revision : 1 |
| 2021-02-11 | Microsoft Windows Win32k kernel driver privilege escalation attempt RuleID : 56853 - Type : OS-WINDOWS - Revision : 1 |
| 2021-02-11 | Microsoft Windows Win32k kernel driver privilege escalation attempt RuleID : 56852 - Type : OS-WINDOWS - Revision : 1 |
| 2021-02-11 | Microsoft Windows Win32k kernel driver privilege escalation attempt RuleID : 56851 - Type : OS-WINDOWS - Revision : 1 |
| 2021-02-11 | Microsoft Windows Win32k kernel driver privilege escalation attempt RuleID : 56850 - Type : OS-WINDOWS - Revision : 1 |
| 2021-02-11 | Microsoft Windows Win32k kernel driver privilege escalation attempt RuleID : 56849 - Type : OS-WINDOWS - Revision : 1 |
| 2021-01-28 | Cisco RV Series Routers stack buffer overflow attempt RuleID : 56843 - Type : SERVER-WEBAPP - Revision : 2 |
| 2021-01-08 | Microsoft Windows SMB authenticated remote code execution attempt RuleID : 56562 - Type : OS-WINDOWS - Revision : 1 |
| 2021-01-08 | Microsoft Windows SMB authenticated remote code execution attempt RuleID : 56561 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-12 | Windows Network File System denial of service attempt RuleID : 56309 - Type : PROTOCOL-RPC - Revision : 1 |
| 2020-12-10 | Microsoft Windows NFS read procedure remote code execution attempt RuleID : 56302 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-10 | Microsoft Windows NFS read procedure remote code execution attempt RuleID : 56301 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-10 | Microsoft Windows Common Log Files System driver privilege escalation attempt RuleID : 56296 - Type : FILE-OTHER - Revision : 1 |
| 2020-12-10 | Microsoft Windows Common Log Files System driver privilege escalation attempt RuleID : 56295 - Type : FILE-OTHER - Revision : 1 |
| 2020-12-10 | Microsoft Windows Win32k elevation of privilege attempt RuleID : 56262 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-10 | Microsoft Windows Win32k elevation of privilege attempt RuleID : 56261 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-10 | Microsoft Windows Win32k DirectComposition privilege escalation attempt RuleID : 56260 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-10 | Microsoft Windows Win32k DirectComposition privilege escalation attempt RuleID : 56259 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-10 | Microsoft Windows DirectX graphics kernel subsystem privilege escalation attempt RuleID : 56255 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-10 | Microsoft Windows DirectX graphics kernel subsystem privilege escalation attempt RuleID : 56254 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-08 | Microsoft Windows Kernel Cryptography Driver privilege escalation attempt RuleID : 56231 - Type : OS-WINDOWS - Revision : 1 |
| 2020-12-08 | Microsoft Windows Kernel Cryptography Driver privilege escalation attempt RuleID : 56230 - Type : OS-WINDOWS - Revision : 1 |
| 2020-11-12 | Microsoft Windows Remote Desktop information disclosure attempt RuleID : 55994 - Type : OS-WINDOWS - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-db0d3e157e.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-5521156807.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-527698a904.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-44f8a7454d.nasl - Type: ACT_GATHER_INFO |
| 2018-10-31 | Name: The remote host is missing a macOS security update that fixes multiple vulner... File: macosx_SecUpd_10_13_6_2018-002.nasl - Type: ACT_GATHER_INFO |
| 2018-10-18 | Name: The remote host is missing a macOS update that fixes multiple security vulner... File: macos_10_14.nasl - Type: ACT_GATHER_INFO |
| 2018-09-18 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1270.nasl - Type: ACT_GATHER_INFO |
| 2018-09-18 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1265.nasl - Type: ACT_GATHER_INFO |
| 2018-09-18 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1267.nasl - Type: ACT_GATHER_INFO |
| 2018-09-18 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1271.nasl - Type: ACT_GATHER_INFO |
| 2018-09-17 | Name: The remote Debian host is missing a security update. File: debian_DLA-1506.nasl - Type: ACT_GATHER_INFO |
| 2018-09-11 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macos_ms18_sep_office.nasl - Type: ACT_GATHER_INFO |
| 2018-08-17 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4273.nasl - Type: ACT_GATHER_INFO |
| 2018-07-30 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-208-01.nasl - Type: ACT_GATHER_INFO |
| 2018-07-27 | Name: The remote Debian host is missing a security update. File: debian_DLA-1446.nasl - Type: ACT_GATHER_INFO |
| 2018-07-26 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-1049.nasl - Type: ACT_GATHER_INFO |
| 2018-07-24 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-2_0-0049.nasl - Type: ACT_GATHER_INFO |
| 2018-07-24 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-1_0-0151.nasl - Type: ACT_GATHER_INFO |
| 2018-07-20 | Name: The remote Debian host is missing a security update. File: debian_DLA-1423.nasl - Type: ACT_GATHER_INFO |
| 2018-07-18 | Name: The remote Virtuozzo host is missing multiple security updates. File: Virtuozzo_VZA-2018-048.nasl - Type: ACT_GATHER_INFO |
| 2018-07-16 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-2164.nasl - Type: ACT_GATHER_INFO |
| 2018-07-16 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-2162.nasl - Type: ACT_GATHER_INFO |
| 2018-07-09 | Name: The remote Fedora host is missing a security update. File: fedora_2018-9f02e5ed7b.nasl - Type: ACT_GATHER_INFO |
| 2018-07-05 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-1965.nasl - Type: ACT_GATHER_INFO |
