Microsoft Windows 10
Recent Microsoft Windows 10 Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2021-36945 | Windows 10 Update Assistant Elevation of Privilege Vulnerability | August 10, 2021 |
By the Year
In 2021 there have been 431 vulnerabilities in Microsoft Windows 10 with an average score of 7.5 out of ten. Last year Windows 10 had 802 security vulnerabilities published. Right now, Windows 10 is on track to have less security vulnerabilities in 2021 than it did last year. However, the average CVE base score of the vulnerabilities in 2021 is greater by 0.08.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2021 | 431 | 7.50 |
| 2020 | 802 | 7.42 |
| 2019 | 448 | 7.37 |
| 2018 | 258 | 6.58 |
It may take a day or so for new Windows 10 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows 10 Security Vulnerabilities
Windows Text Shaping Remote Code Execution Vulnerability
CVE-2021-40465
7.8 - High
- October 13, 2021
Windows Text Shaping Remote Code Execution Vulnerability
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-40489
7.8 - High
- October 13, 2021
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-41345.
Improper Privilege Management
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-40488
7.8 - High
- October 13, 2021
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40489, CVE-2021-41345.
Improper Privilege Management
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-40478
7.8 - High
- October 13, 2021
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345.
Improper Privilege Management
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-40477
7.8 - High
- October 13, 2021
Windows Event Tracing Elevation of Privilege Vulnerability
Improper Privilege Management
Windows AppContainer Elevation Of Privilege Vulnerability
CVE-2021-40476
7.3 - High
- October 13, 2021
Windows AppContainer Elevation Of Privilege Vulnerability
Improper Privilege Management
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2021-40475
5.5 - Medium
- October 13, 2021
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2021-40470
7.8 - High
- October 13, 2021
DirectX Graphics Kernel Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Bind Filter Driver Information Disclosure Vulnerability
CVE-2021-40468
5.5 - Medium
- October 13, 2021
Windows Bind Filter Driver Information Disclosure Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-40467
7.8 - High
- October 13, 2021
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40466.
Improper Privilege Management
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-40466
7.8 - High
- October 13, 2021
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40467.
Improper Privilege Management
Windows Nearby Sharing Elevation of Privilege Vulnerability
CVE-2021-40464
8 - High
- October 13, 2021
Windows Nearby Sharing Elevation of Privilege Vulnerability
Improper Privilege Management
Windows NAT Denial of Service Vulnerability
CVE-2021-40463
6.5 - Medium
- October 13, 2021
Windows NAT Denial of Service Vulnerability
Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability
CVE-2021-40462
7.8 - High
- October 13, 2021
Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability
Windows AppX Deployment Service Elevation of Privilege Vulnerability
CVE-2021-41347
7.8 - High
- October 13, 2021
Windows AppX Deployment Service Elevation of Privilege Vulnerability
Improper Privilege Management
Console Window Host Security Feature Bypass Vulnerability
CVE-2021-41346
7.8 - High
- October 13, 2021
Console Window Host Security Feature Bypass Vulnerability
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-41345
7.8 - High
- October 13, 2021
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489.
Improper Privilege Management
Windows Fast FAT File System Driver Information Disclosure Vulnerability
CVE-2021-41343
5.5 - Medium
- October 13, 2021
Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662.
Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2021-41342
8.8 - High
- October 13, 2021
Windows MSHTML Platform Remote Code Execution Vulnerability
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2021-41340
7.8 - High
- October 13, 2021
Windows Graphics Component Remote Code Execution Vulnerability
Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2021-41339
7.8 - High
- October 13, 2021
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Improper Privilege Management
Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability
CVE-2021-41338
5.5 - Medium
- October 13, 2021
Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-41335
7.8 - High
- October 13, 2021
Windows Kernel Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Desktop Bridge Elevation of Privilege Vulnerability
CVE-2021-41334
7.8 - High
- October 13, 2021
Windows Desktop Bridge Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Print Spooler Information Disclosure Vulnerability
CVE-2021-41332
6.5 - Medium
- October 13, 2021
Windows Print Spooler Information Disclosure Vulnerability
Windows Media Audio Decoder Remote Code Execution Vulnerability
CVE-2021-41331
7.8 - High
- October 13, 2021
Windows Media Audio Decoder Remote Code Execution Vulnerability
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-41330
7.8 - High
- October 13, 2021
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2021-40461
9 - Critical
- October 13, 2021
Windows Hyper-V Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38672.
Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability
CVE-2021-40460
6.5 - Medium
- October 13, 2021
Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability
Win32k Elevation of Privilege Vulnerability
CVE-2021-41357
7.8 - High
- October 13, 2021
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-40450.
Improper Privilege Management
Windows Installer Spoofing Vulnerability
CVE-2021-40455
5.5 - Medium
- October 13, 2021
Windows Installer Spoofing Vulnerability
Rich Text Edit Control Information Disclosure Vulnerability
CVE-2021-40454
5.5 - Medium
- October 13, 2021
Rich Text Edit Control Information Disclosure Vulnerability
Cleartext Storage of Sensitive Information
Win32k Elevation of Privilege Vulnerability
CVE-2021-40450
7.8 - High
- October 13, 2021
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357.
Improper Privilege Management
Win32k Elevation of Privilege Vulnerability
CVE-2021-40449
7.8 - High
- October 13, 2021
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357.
Improper Privilege Management
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-40443
7.8 - High
- October 13, 2021
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40466, CVE-2021-40467.
Improper Privilege Management
Windows exFAT File System Information Disclosure Vulnerability
CVE-2021-38663
5.5 - Medium
- October 13, 2021
Windows exFAT File System Information Disclosure Vulnerability
Windows Fast FAT File System Driver Information Disclosure Vulnerability
CVE-2021-38662
5.5 - Medium
- October 13, 2021
Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41343.
Windows Print Spooler Spoofing Vulnerability
CVE-2021-36970
6.5 - Medium
- October 13, 2021
Windows Print Spooler Spoofing Vulnerability
Windows TCP/IP Denial of Service Vulnerability
CVE-2021-36953
7.5 - High
- October 13, 2021
Windows TCP/IP Denial of Service Vulnerability
Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2021-26442
7.8 - High
- October 13, 2021
Windows HTTP.sys Elevation of Privilege Vulnerability
Improper Privilege Management
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-26441
7.8 - High
- October 13, 2021
Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345.
Improper Privilege Management
Windows Installer Denial of Service Vulnerability
CVE-2021-36961
6.1 - Medium
- September 15, 2021
Windows Installer Denial of Service Vulnerability
Windows SMB Information Disclosure Vulnerability
CVE-2021-36960
7.5 - High
- September 15, 2021
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972.
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-36955
7.8 - High
- September 15, 2021
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36963, CVE-2021-38633.
Improper Privilege Management
Windows Bind Filter Driver Elevation of Privilege Vulnerability
CVE-2021-36954
7.8 - High
- September 15, 2021
Windows Bind Filter Driver Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Scripting Engine Memory Corruption Vulnerability
CVE-2021-26435
7.8 - High
- September 15, 2021
Windows Scripting Engine Memory Corruption Vulnerability
Memory Corruption
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-40447
7.8 - High
- September 15, 2021
Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38667, CVE-2021-38671.
Improper Privilege Management
Microsoft MSHTML Remote Code Execution Vulnerability
CVE-2021-40444
7.8 - High
- September 15, 2021
Microsoft MSHTML Remote Code Execution Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-38671
7.8 - High
- September 15, 2021
Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38667, CVE-2021-40447.
Improper Privilege Management
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-38667
7.8 - High
- September 15, 2021
Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38671, CVE-2021-40447.
Improper Privilege Management
Windows SMB Information Disclosure Vulnerability
CVE-2021-36972
5.5 - Medium
- September 15, 2021
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36960.
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability
CVE-2021-36969
5.5 - Medium
- September 15, 2021
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38635, CVE-2021-38636.
Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2021-36966
7.8 - High
- September 15, 2021
Windows Subsystem for Linux Elevation of Privilege Vulnerability
Improper Privilege Management
Windows WLAN AutoConfig Service Remote Code Execution Vulnerability
CVE-2021-36965
9.8 - Critical
- September 15, 2021
Windows WLAN AutoConfig Service Remote Code Execution Vulnerability
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-36964
7.8 - High
- September 15, 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38630.
Improper Privilege Management
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-36963
7.8 - High
- September 15, 2021
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-38633.
Improper Privilege Management
Windows Installer Information Disclosure Vulnerability
CVE-2021-36962
5.5 - Medium
- September 15, 2021
Windows Installer Information Disclosure Vulnerability
Win32k Elevation of Privilege Vulnerability
CVE-2021-38639
7.8 - High
- September 15, 2021
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36975.
Improper Privilege Management
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2021-38638
7.8 - High
- September 15, 2021
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38628.
Improper Privilege Management
Windows Storage Information Disclosure Vulnerability
CVE-2021-38637
5.5 - Medium
- September 15, 2021
Windows Storage Information Disclosure Vulnerability
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability
CVE-2021-38636
5.5 - Medium
- September 15, 2021
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38635.
Microsoft Windows Update Client Elevation of Privilege Vulnerability
CVE-2021-38634
7.8 - High
- September 15, 2021
Microsoft Windows Update Client Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-38633
7.8 - High
- September 15, 2021
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-36963.
Improper Privilege Management
BitLocker Security Feature Bypass Vulnerability
CVE-2021-38632
4.6 - Medium
- September 15, 2021
BitLocker Security Feature Bypass Vulnerability
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-38630
7.8 - High
- September 15, 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36964.
Improper Privilege Management
Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability
CVE-2021-38629
6.5 - Medium
- September 15, 2021
Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2021-38628
7.8 - High
- September 15, 2021
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38638.
Improper Privilege Management
Windows Key Storage Provider Security Feature Bypass Vulnerability
CVE-2021-38624
6.5 - Medium
- September 15, 2021
Windows Key Storage Provider Security Feature Bypass Vulnerability
Insecure Direct Object Reference / IDOR
Win32k Elevation of Privilege Vulnerability
CVE-2021-36975
7.8 - High
- September 15, 2021
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38639.
Improper Privilege Management
Windows SMB Elevation of Privilege Vulnerability
CVE-2021-36974
7.8 - High
- September 15, 2021
Windows SMB Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
CVE-2021-36973
7.8 - High
- September 15, 2021
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
Improper Privilege Management
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
CVE-2021-36967
8.8 - High
- September 15, 2021
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Authenticode Spoofing Vulnerability
CVE-2021-36959
3.3 - Low
- September 15, 2021
Windows Authenticode Spoofing Vulnerability
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability
CVE-2021-38635
5.5 - Medium
- September 15, 2021
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38636.
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-26425
7.8 - High
- August 12, 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34486, CVE-2021-34487.
Improper Privilege Management
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability
CVE-2021-26433
7.5 - High
- August 12, 2021
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36926, CVE-2021-36932, CVE-2021-36933.
Windows Recovery Environment Agent Elevation of Privilege Vulnerability
CVE-2021-26431
7.8 - High
- August 12, 2021
Windows Recovery Environment Agent Elevation of Privilege Vulnerability
Improper Privilege Management
Windows User Account Profile Picture Elevation of Privilege Vulnerability
CVE-2021-26426
7.8 - High
- August 12, 2021
Windows User Account Profile Picture Elevation of Privilege Vulnerability
Improper Privilege Management
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2021-26424
9.8 - Critical
- August 12, 2021
Windows TCP/IP Remote Code Execution Vulnerability
Windows Update Medic Service Elevation of Privilege Vulnerability
CVE-2021-36948
7.8 - High
- August 12, 2021
Windows Update Medic Service Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Print Spooler Remote Code Execution Vulnerability
CVE-2021-36947
8.8 - High
- August 12, 2021
Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36936, CVE-2021-36958.
Windows Cryptographic Primitives Library Information Disclosure Vulnerability
CVE-2021-36938
5.5 - Medium
- August 12, 2021
Windows Cryptographic Primitives Library Information Disclosure Vulnerability
Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability
CVE-2021-36937
7.8 - High
- August 12, 2021
Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability
Windows Print Spooler Remote Code Execution Vulnerability
CVE-2021-36936
9.8 - Critical
- August 12, 2021
Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36947, CVE-2021-36958.
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability
CVE-2021-36933
7.5 - High
- August 12, 2021
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26433, CVE-2021-36926, CVE-2021-36932.
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability
CVE-2021-36932
7.5 - High
- August 12, 2021
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26433, CVE-2021-36926, CVE-2021-36933.
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability
CVE-2021-36926
7.5 - High
- August 12, 2021
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26433, CVE-2021-36932, CVE-2021-36933.
Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2021-34537
8 - High
- August 12, 2021
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Improper Privilege Management
Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-34536
7.8 - High
- August 12, 2021
Storage Spaces Controller Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-34483
7.8 - High
- August 12, 2021
Windows Print Spooler Elevation of Privilege Vulnerability
Improper Privilege Management
Scripting Engine Memory Corruption Vulnerability
CVE-2021-34480
8.8 - High
- August 12, 2021
Scripting Engine Memory Corruption Vulnerability
Memory Corruption
Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability
CVE-2021-26432
9.8 - Critical
- August 12, 2021
Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2021-34535
8.8 - High
- August 12, 2021
Remote Desktop Client Remote Code Execution Vulnerability
Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2021-34534
7.5 - High
- August 12, 2021
Windows MSHTML Platform Remote Code Execution Vulnerability
Windows Graphics Component Font Parsing Remote Code Execution Vulnerability
CVE-2021-34533
7.8 - High
- August 12, 2021
Windows Graphics Component Font Parsing Remote Code Execution Vulnerability
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2021-34530
7.8 - High
- August 12, 2021
Windows Graphics Component Remote Code Execution Vulnerability
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-34487
7.8 - High
- August 12, 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26425, CVE-2021-34486.
Improper Privilege Management
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-34486
7.8 - High
- August 12, 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26425, CVE-2021-34487.
Improper Privilege Management
Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2021-34484
7.8 - High
- August 12, 2021
Windows User Profile Service Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Elevation of Privilege Vulnerability
CVE-2021-36934
7.8 - High
- July 22, 2021
Windows Elevation of Privilege Vulnerability
Improper Privilege Management
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows 10 or by Microsoft? Click the Watch button to subscribe.
