Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2020-07-14 |
| Product | Windows 10 | Last view | 2021-10-13 |
| Version | 2004 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | x86 | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_10 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2021-10-13 | CVE-2021-40465 | Windows Text Shaping Remote Code Execution Vulnerability |
| 8 | 2021-10-13 | CVE-2021-40464 | Windows Nearby Sharing Elevation of Privilege Vulnerability |
| 6.5 | 2021-10-13 | CVE-2021-40463 | Windows NAT Denial of Service Vulnerability |
| 7.8 | 2021-10-13 | CVE-2021-40462 | Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability |
| 6.5 | 2021-10-13 | CVE-2021-40460 | Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability |
| 5.5 | 2021-10-13 | CVE-2021-40455 | Windows Installer Spoofing Vulnerability |
| 5.5 | 2021-10-13 | CVE-2021-40454 | Rich Text Edit Control Information Disclosure Vulnerability |
| 7.8 | 2021-10-13 | CVE-2021-40450 | Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357. |
| 7.8 | 2021-10-13 | CVE-2021-40449 | Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357. |
| 7.8 | 2021-10-13 | CVE-2021-40443 | Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40466, CVE-2021-40467. |
| 5.5 | 2021-10-13 | CVE-2021-38663 | Windows exFAT File System Information Disclosure Vulnerability |
| 5.5 | 2021-10-13 | CVE-2021-38662 | Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41343. |
| 6.5 | 2021-10-13 | CVE-2021-36970 | Windows Print Spooler Spoofing Vulnerability |
| 7.5 | 2021-10-13 | CVE-2021-36953 | Windows TCP/IP Denial of Service Vulnerability |
| 7.8 | 2021-10-13 | CVE-2021-26441 | Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345. |
| 8.8 | 2021-05-21 | CVE-2021-21552 | Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass the restricted environment and perform unauthorized actions on the affected system. |
| 6.5 | 2020-12-10 | CVE-2020-17140 | Windows SMB Information Disclosure Vulnerability |
| 7.8 | 2020-12-10 | CVE-2020-17139 | Windows Overlay Filter Security Feature Bypass Vulnerability |
| 7.8 | 2020-12-10 | CVE-2020-17137 | DirectX Graphics Kernel Elevation of Privilege Vulnerability |
| 7.8 | 2020-12-10 | CVE-2020-17136 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17103, CVE-2020-17134. |
| 7.8 | 2020-12-10 | CVE-2020-17134 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17103, CVE-2020-17136. |
| 8.8 | 2020-07-14 | CVE-2020-1421 | A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'. |
| 5.5 | 2020-07-14 | CVE-2020-1420 | An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Information Disclosure Vulnerability'. |
| 5.5 | 2020-07-14 | CVE-2020-1419 | An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1389, CVE-2020-1426. |
| 7.8 | 2020-07-14 | CVE-2020-1418 | An elevation of privilege vulnerability exists when the Windows Diagnostics Execution Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1393. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 77% (7) | CWE-269 | Improper Privilege Management |
| 11% (1) | CWE-346 | Origin Validation Error |
| 11% (1) | CWE-312 | Cleartext Storage of Sensitive Information |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2021-01-12 | Microsoft Windows SMB2 SET_INFO information disclosure attempt RuleID : 56571 - Type : OS-WINDOWS - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54533 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54532 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54531 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54530 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54529 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54528 - Type : FILE-OTHER - Revision : 1 |
