Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2020-07-14 |
| Product | Windows 10 | Last view | 2022-01-11 |
| Version | 1909 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | x86 | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_10 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 8.8 | 2022-01-11 | CVE-2022-21920 | Windows Kerberos Elevation of Privilege Vulnerability. |
| 7 | 2022-01-11 | CVE-2022-21919 | Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21895. |
| 6.5 | 2022-01-11 | CVE-2022-21918 | DirectX Graphics Kernel File Denial of Service Vulnerability. |
| 7.8 | 2022-01-11 | CVE-2022-21916 | Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21897. |
| 6.5 | 2022-01-11 | CVE-2022-21915 | Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21880. |
| 7.8 | 2022-01-11 | CVE-2022-21914 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21885. |
| 7.5 | 2022-01-11 | CVE-2022-21913 | Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass. |
| 7.8 | 2022-01-11 | CVE-2022-21912 | DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21898. |
| 7.8 | 2022-01-11 | CVE-2022-21908 | Windows Installer Elevation of Privilege Vulnerability. |
| 5.5 | 2022-01-11 | CVE-2022-21906 | Windows Defender Application Control Security Feature Bypass Vulnerability. |
| 7.5 | 2022-01-11 | CVE-2022-21904 | Windows GDI Information Disclosure Vulnerability. |
| 7.8 | 2022-01-11 | CVE-2022-21903 | Windows GDI Elevation of Privilege Vulnerability. |
| 7.8 | 2022-01-11 | CVE-2022-21902 | Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21852, CVE-2022-21896. |
| 9.8 | 2022-01-11 | CVE-2022-21898 | DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21912. |
| 7.8 | 2022-01-11 | CVE-2022-21897 | Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21916. |
| 7 | 2022-01-11 | CVE-2022-21896 | Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21852, CVE-2022-21902. |
| 7.8 | 2022-01-11 | CVE-2022-21895 | Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21919. |
| 4.4 | 2022-01-11 | CVE-2022-21894 | Secure Boot Security Feature Bypass Vulnerability. |
| 8.8 | 2022-01-11 | CVE-2022-21893 | Remote Desktop Protocol Remote Code Execution Vulnerability. |
| 6.8 | 2022-01-11 | CVE-2022-21892 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963. |
| 7.5 | 2022-01-11 | CVE-2022-21890 | Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21883, CVE-2022-21889. |
| 7.5 | 2022-01-11 | CVE-2022-21889 | Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21883, CVE-2022-21890. |
| 7.8 | 2022-01-11 | CVE-2022-21888 | Windows Modern Execution Server Remote Code Execution Vulnerability. |
| 7.8 | 2022-01-11 | CVE-2022-21885 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21914. |
| 7.5 | 2022-01-11 | CVE-2022-21883 | Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21889, CVE-2022-21890. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 72% (53) | CWE-269 | Improper Privilege Management |
| 8% (6) | CWE-668 | Exposure of Resource to Wrong Sphere |
| 6% (5) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 6% (5) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 2% (2) | CWE-125 | Out-of-bounds Read |
| 1% (1) | CWE-346 | Origin Validation Error |
| 1% (1) | CWE-312 | Cleartext Storage of Sensitive Information |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2021-01-12 | Microsoft Windows SMB2 SET_INFO information disclosure attempt RuleID : 56571 - Type : OS-WINDOWS - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54533 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54532 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54531 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54530 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54529 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54528 - Type : FILE-OTHER - Revision : 1 |
