Microsoft Windows 10

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21928 6.4 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.

Code Injection

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21958 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21959 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21960 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21961 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21962, CVE-2022-21963.

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21962 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21963.

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21963 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962.

Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability.

CVE-2022-21964 5.5 - Medium - January 11, 2022

Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability.

Exposure of Resource to Wrong Sphere

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2022-21916 7.8 - High - January 11, 2022

Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21897.

Improper Privilege Management

Windows User Profile Service Elevation of Privilege Vulnerability

CVE-2022-21919 7 - High - January 11, 2022

Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21895.

Improper Privilege Management

Windows Kerberos Elevation of Privilege Vulnerability.

CVE-2022-21920 8.8 - High - January 11, 2022

Windows Kerberos Elevation of Privilege Vulnerability.

Improper Privilege Management

Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass.

CVE-2022-21913 7.5 - High - January 11, 2022

Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass.

AuthZ

Windows GDI+ Information Disclosure Vulnerability

CVE-2022-21915 6.5 - Medium - January 11, 2022

Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21880.

Exposure of Resource to Wrong Sphere

DirectX Graphics Kernel File Denial of Service Vulnerability.

CVE-2022-21918 6.5 - Medium - January 11, 2022

DirectX Graphics Kernel File Denial of Service Vulnerability.

Resource Exhaustion

Windows Modern Execution Server Remote Code Execution Vulnerability.

CVE-2022-21888 7.8 - High - January 11, 2022

Windows Modern Execution Server Remote Code Execution Vulnerability.

Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21889 7.5 - High - January 11, 2022

Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21883, CVE-2022-21890.

Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21890 7.5 - High - January 11, 2022

Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21883, CVE-2022-21889.

DirectX Graphics Kernel Remote Code Execution Vulnerability

CVE-2022-21898 9.8 - Critical - January 11, 2022

DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21912.

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability.

CVE-2022-21899 5.5 - Medium - January 11, 2022

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability.

AuthZ

Windows Hyper-V Security Feature Bypass Vulnerability

CVE-2022-21900 4.6 - Medium - January 11, 2022

Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-21905.

Windows Hyper-V Elevation of Privilege Vulnerability.

CVE-2022-21901 8 - High - January 11, 2022

Windows Hyper-V Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2022-21902 7.8 - High - January 11, 2022

Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21852, CVE-2022-21896.

Improper Privilege Management

Windows GDI Elevation of Privilege Vulnerability.

CVE-2022-21903 7.8 - High - January 11, 2022

Windows GDI Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows GDI Information Disclosure Vulnerability.

CVE-2022-21904 7.5 - High - January 11, 2022

Windows GDI Information Disclosure Vulnerability.

Exposure of Resource to Wrong Sphere

Windows Hyper-V Security Feature Bypass Vulnerability

CVE-2022-21905 8 - High - January 11, 2022

Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-21900.

Windows Defender Application Control Security Feature Bypass Vulnerability.

CVE-2022-21906 5.5 - Medium - January 11, 2022

Windows Defender Application Control Security Feature Bypass Vulnerability.

HTTP Protocol Stack Remote Code Execution Vulnerability.

CVE-2022-21907 9.8 - Critical - January 11, 2022

HTTP Protocol Stack Remote Code Execution Vulnerability.

Windows Installer Elevation of Privilege Vulnerability.

CVE-2022-21908 7.8 - High - January 11, 2022

Windows Installer Elevation of Privilege Vulnerability.

Improper Privilege Management

DirectX Graphics Kernel Remote Code Execution Vulnerability

CVE-2022-21912 7.8 - High - January 11, 2022

DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21898.

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2022-21914 7.8 - High - January 11, 2022

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21885.

Improper Privilege Management

Win32k Elevation of Privilege Vulnerability

CVE-2022-21882 7.8 - High - January 11, 2022

Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21887.

Improper Privilege Management

Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21883 7.5 - High - January 11, 2022

Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21889, CVE-2022-21890.

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2022-21885 7.8 - High - January 11, 2022

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21914.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2022-21897 7.8 - High - January 11, 2022

Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21916.

Improper Privilege Management

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

CVE-2022-21892 6.8 - Medium - January 11, 2022

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.

Remote Desktop Protocol Remote Code Execution Vulnerability.

CVE-2022-21893 8.8 - High - January 11, 2022

Remote Desktop Protocol Remote Code Execution Vulnerability.

Secure Boot Security Feature Bypass Vulnerability.

CVE-2022-21894 4.4 - Medium - January 11, 2022

Secure Boot Security Feature Bypass Vulnerability.

Windows User Profile Service Elevation of Privilege Vulnerability

CVE-2022-21895 7.8 - High - January 11, 2022

Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21919.

Improper Privilege Management

Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2022-21896 7 - High - January 11, 2022

Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21852, CVE-2022-21902.

Improper Privilege Management

Windows AppContracts API Server Elevation of Privilege Vulnerability.

CVE-2022-21860 7 - High - January 11, 2022

Windows AppContracts API Server Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows UI Immersive Server API Elevation of Privilege Vulnerability.

CVE-2022-21864 7 - High - January 11, 2022

Windows UI Immersive Server API Elevation of Privilege Vulnerability.

Improper Privilege Management

Connected Devices Platform Service Elevation of Privilege Vulnerability.

CVE-2022-21865 7 - High - January 11, 2022

Connected Devices Platform Service Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows System Launcher Elevation of Privilege Vulnerability.

CVE-2022-21866 7 - High - January 11, 2022

Windows System Launcher Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Security Center API Remote Code Execution Vulnerability.

CVE-2022-21874 9.8 - Critical - January 11, 2022

Windows Security Center API Remote Code Execution Vulnerability.

Code Injection

Storage Spaces Controller Information Disclosure Vulnerability.

CVE-2022-21877 5.5 - Medium - January 11, 2022

Storage Spaces Controller Information Disclosure Vulnerability.

Out-of-bounds Read

Windows Geolocation Service Remote Code Execution Vulnerability.

CVE-2022-21878 7.8 - High - January 11, 2022

Windows Geolocation Service Remote Code Execution Vulnerability.

Code Injection

Windows Kernel Elevation of Privilege Vulnerability

CVE-2022-21879 7.8 - High - January 11, 2022

Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21881.

Improper Privilege Management

Windows Kernel Elevation of Privilege Vulnerability

CVE-2022-21881 7.8 - High - January 11, 2022

Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879.

Improper Privilege Management

Clipboard User Service Elevation of Privilege Vulnerability.

CVE-2022-21869 7.8 - High - January 11, 2022

Clipboard User Service Elevation of Privilege Vulnerability.

Improper Privilege Management

Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability.

CVE-2022-21870 7.8 - High - January 11, 2022

Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Event Tracing Elevation of Privilege Vulnerability.

CVE-2022-21872 7.8 - High - January 11, 2022

Windows Event Tracing Elevation of Privilege Vulnerability.

Improper Privilege Management

Tile Data Repository Elevation of Privilege Vulnerability.

CVE-2022-21873 7.8 - High - January 11, 2022

Tile Data Repository Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Storage Elevation of Privilege Vulnerability.

CVE-2022-21875 7.8 - High - January 11, 2022

Windows Storage Elevation of Privilege Vulnerability.

Improper Privilege Management

Win32k Information Disclosure Vulnerability.

CVE-2022-21876 5.5 - Medium - January 11, 2022

Win32k Information Disclosure Vulnerability.

Out-of-bounds Read

Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability.

CVE-2022-21871 7.8 - High - January 11, 2022

Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows GDI+ Information Disclosure Vulnerability

CVE-2022-21880 7.5 - High - January 11, 2022

Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915.

Exposure of Resource to Wrong Sphere

Task Flow Data Engine Elevation of Privilege Vulnerability.

CVE-2022-21861 7.8 - High - January 11, 2022

Task Flow Data Engine Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Hyper-V Denial of Service Vulnerability.

CVE-2022-21847 6.5 - Medium - January 11, 2022

Windows Hyper-V Denial of Service Vulnerability.

Resource Exhaustion

Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21848 7.5 - High - January 11, 2022

Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21883, CVE-2022-21889, CVE-2022-21890.

Resource Exhaustion

Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2022-21852 7.8 - High - January 11, 2022

Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21896, CVE-2022-21902.

Improper Privilege Management

Windows Application Model Core API Elevation of Privilege Vulnerability.

CVE-2022-21862 7 - High - January 11, 2022

Windows Application Model Core API Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows StateRepository API Server file Elevation of Privilege Vulnerability.

CVE-2022-21863 7 - High - January 11, 2022

Windows StateRepository API Server file Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Push Notifications Apps Elevation Of Privilege Vulnerability.

CVE-2022-21867 7 - High - January 11, 2022

Windows Push Notifications Apps Elevation Of Privilege Vulnerability.

Improper Privilege Management

Windows Devices Human Interface Elevation of Privilege Vulnerability.

CVE-2022-21868 7 - High - January 11, 2022

Windows Devices Human Interface Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows IKE Extension Denial of Service Vulnerability

CVE-2022-21843 7.5 - High - January 11, 2022

Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21848, CVE-2022-21883, CVE-2022-21889, CVE-2022-21890.

Resource Exhaustion

Windows IKE Extension Remote Code Execution Vulnerability.

CVE-2022-21849 9.8 - Critical - January 11, 2022

Windows IKE Extension Remote Code Execution Vulnerability.

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2022-21850 8.8 - High - January 11, 2022

Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21851.

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2022-21851 8.8 - High - January 11, 2022

Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21850.

Active Directory Domain Services Elevation of Privilege Vulnerability.

CVE-2022-21857 8.8 - High - January 11, 2022

Active Directory Domain Services Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Bind Filter Driver Elevation of Privilege Vulnerability.

CVE-2022-21858 7.8 - High - January 11, 2022

Windows Bind Filter Driver Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Accounts Control Elevation of Privilege Vulnerability.

CVE-2022-21859 7 - High - January 11, 2022

Windows Accounts Control Elevation of Privilege Vulnerability.

Improper Privilege Management

Virtual Machine IDE Drive Elevation of Privilege Vulnerability.

CVE-2022-21833 7.8 - High - January 11, 2022

Virtual Machine IDE Drive Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability.

CVE-2022-21834 7.8 - High - January 11, 2022

Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability.

Improper Privilege Management

Microsoft Cryptographic Services Elevation of Privilege Vulnerability.

CVE-2022-21835 7.8 - High - January 11, 2022

Microsoft Cryptographic Services Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Certificate Spoofing Vulnerability.

CVE-2022-21836 7.8 - High - January 11, 2022

Windows Certificate Spoofing Vulnerability.

Improper Certificate Validation

Windows Cleanup Manager Elevation of Privilege Vulnerability.

CVE-2022-21838 7.8 - High - January 11, 2022

Windows Cleanup Manager Elevation of Privilege Vulnerability.

insecure temporary file

Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability.

CVE-2022-21839 5.5 - Medium - January 11, 2022

Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability.

Resource Exhaustion

DirectX Graphics Kernel File Denial of Service Vulnerability

CVE-2021-43219 7.5 - High - December 15, 2021

DirectX Graphics Kernel File Denial of Service Vulnerability

Resource Exhaustion

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-41333 7.8 - High - December 15, 2021

Windows Print Spooler Elevation of Privilege Vulnerability

Improper Privilege Management

iSNS Server Memory Corruption Vulnerability

CVE-2021-43215 9.8 - Critical - December 15, 2021

iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution

Code Injection

Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability

CVE-2021-43216 6.5 - Medium - December 15, 2021

Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2021-43223 7.8 - High - December 15, 2021

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-43207 7.8 - High - December 15, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43226.

Improper Privilege Management

Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-43230 7.8 - High - December 15, 2021

Windows NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43229, CVE-2021-43231.

Improper Privilege Management

Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-43229 7.8 - High - December 15, 2021

Windows NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43230, CVE-2021-43231.

Improper Privilege Management

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2021-43222 7.5 - High - December 15, 2021

Microsoft Message Queuing Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43236.

Exposure of Resource to Wrong Sphere

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability

CVE-2021-43217 9.8 - Critical - December 15, 2021

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability

Code Injection

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2021-43233 7.5 - High - December 15, 2021

Remote Desktop Client Remote Code Execution Vulnerability

Code Injection

Windows Event Tracing Remote Code Execution Vulnerability

CVE-2021-43232 7.8 - High - December 15, 2021

Windows Event Tracing Remote Code Execution Vulnerability

Code Injection

Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-43231 7.8 - High - December 15, 2021

Windows NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43229, CVE-2021-43230.

Improper Privilege Management

SymCrypt Denial of Service Vulnerability

CVE-2021-43228 7.5 - High - December 15, 2021

SymCrypt Denial of Service Vulnerability

Resource Exhaustion

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-43226 7.8 - High - December 15, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43207.

Improper Privilege Management

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-43883 7.8 - High - December 15, 2021

Windows Installer Elevation of Privilege Vulnerability

Improper Privilege Management

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2021-43236 7.5 - High - December 15, 2021

Microsoft Message Queuing Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43222.

Windows Fax Service Remote Code Execution Vulnerability

CVE-2021-43234 7.8 - High - December 15, 2021

Windows Fax Service Remote Code Execution Vulnerability

Windows Common Log File System Driver Information Disclosure Vulnerability

CVE-2021-43224 5.5 - Medium - December 15, 2021

Windows Common Log File System Driver Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Windows TCP/IP Driver Elevation of Privilege Vulnerability

CVE-2021-43247 7.8 - High - December 15, 2021

Windows TCP/IP Driver Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability

CVE-2021-43893 7.5 - High - December 15, 2021

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Kernel Information Disclosure Vulnerability

CVE-2021-43244 5.5 - Medium - December 15, 2021

Windows Kernel Information Disclosure Vulnerability

Windows Digital Media Receiver Elevation of Privilege Vulnerability

CVE-2021-43248 7.8 - High - December 15, 2021

Windows Digital Media Receiver Elevation of Privilege Vulnerability

Improper Privilege Management