CVE-2022-38396

all versions

HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow e

7.8HIGH

CVE-2022-26934

< 10.0.18363.2274

Windows Graphics Component Information Disclosure Vulnerability

6.5MEDIUM

CVE-2022-26925

< 10.0.18363.2274

Windows LSA Spoofing Vulnerability

8.1HIGH

CVE-2022-26923

< 10.0.18363.2274

Active Directory Domain Services Elevation of Privilege Vulnerability

8.8HIGH

CVE-2022-26904

< 10.0.18363.2212

Windows User Profile Service Elevation of Privilege Vulnerability

7.0HIGH

CVE-2022-24521

< 10.0.18363.2212

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8HIGH

CVE-2022-22718

<= 10.0.18363.2094

Windows Print Spooler Elevation of Privilege Vulnerability

7.8HIGH

CVE-2022-21999

< 10.0.18363.2094

Windows Print Spooler Elevation of Privilege Vulnerability

7.8HIGH

CVE-2022-21971

< 10.0.18363.2094

Windows Runtime Remote Code Execution Vulnerability

7.8HIGH

CVE-2022-21919

< 10.0.18363.2037

Windows User Profile Service Elevation of Privilege Vulnerability

7.0HIGH

CVE-2022-21882

< 10.0.18363.2037

Win32k Elevation of Privilege Vulnerability

7.0HIGH

CVE-2022-21871

< 10.0.18363.2037

Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability

7.0HIGH

CVE-2021-43226

< 10.0.18363.1977

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-41379

< 10.0.18363.1916

Windows Installer Elevation of Privilege Vulnerability

5.5MEDIUM

CVE-2021-40450

< 10.0.18363.1854

Win32k Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-40449

< 10.0.18363.1854

Win32k Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-40444

< 10.0.18363.1801

<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft

8.8HIGH

CVE-2021-36955

< 10.0.18363.1801

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-36948

< 10.0.18363.1734

Windows Update Medic Service Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-34486

< 10.0.18363.1734

Windows Event Tracing Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-34484

< 10.0.18363.1734

Windows User Profile Service Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-36934

< 10.0.18363.1734

<p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system file

7.8HIGH

CVE-2021-34448

< 10.0.18363.1679

Scripting Engine Memory Corruption Vulnerability

6.8MEDIUM

CVE-2021-33771

< 10.0.18363.1679

Windows Kernel Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-31979

< 10.0.18363.1679

Windows Kernel Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-33742

< 10.0.18363.1621

Windows MSHTML Platform Remote Code Execution Vulnerability

7.5HIGH

CVE-2021-33739

< 10.0.18363.1621

Microsoft DWM Core Library Elevation of Privilege Vulnerability

8.4HIGH

CVE-2021-31956

< 10.0.18363.1621

Windows NTFS Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-31955

< 10.0.18363.1621

Windows Kernel Information Disclosure Vulnerability

5.5MEDIUM

CVE-2021-31201

< 10.0.18363.1621

Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

5.2MEDIUM

CVE-2021-31199

< 10.0.18363.1621

Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

5.2MEDIUM

CVE-2021-1675

< 10.0.18363.1621

Windows Print Spooler Remote Code Execution Vulnerability

7.8HIGH

CVE-2021-28310

all versions

Win32k Elevation of Privilege Vulnerability

7.8HIGH

CVE-2021-1732

all versions

Windows Win32k Elevation of Privilege Vulnerability

7.8HIGH

CVE-2020-17087

all versions

Windows Kernel Local Elevation of Privilege Vulnerability

7.8HIGH

CVE-2020-1464

all versions

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vu

7.8HIGH

CVE-2020-0986

all versions

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Ke

7.8HIGH

CVE-2020-1054

all versions

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in

7.8HIGH

CVE-2020-1027

all versions

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel E

7.8HIGH

CVE-2020-1020

all versions

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a

8.8HIGH

CVE-2020-0938

all versions

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a

7.8HIGH

CVE-2020-0796

all versions

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles cer

10.0CRITICAL

CVE-2020-0787

all versions

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles

7.8HIGH

CVE-2020-0683

all versions

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Ins

7.8HIGH

CVE-2020-0638

all versions

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerabil

7.8HIGH

CVE-2020-0601

all versions

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificate

8.1HIGH

CVE-2013-3900

all versions

Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Securi

5.5MEDIUM