Windows 10 Microsoft Windows 10

Do you want an email whenever new security vulnerabilities are reported in Microsoft Windows 10?

Recent Microsoft Windows 10 Security Advisories

Advisory Title Published
CVE-2021-42297 Windows 10 Update Assistant Elevation of Privilege Vulnerability November 16, 2021
CVE-2021-43211 Windows 10 Update Assistant Elevation of Privilege Vulnerability November 16, 2021
CVE-2021-36945 Windows 10 Update Assistant Elevation of Privilege Vulnerability August 10, 2021

By the Year

In 2022 there have been 350 vulnerabilities in Microsoft Windows 10 with an average score of 7.4 out of ten. Last year Windows 10 had 485 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Windows 10 in 2022 could surpass last years number. Last year, the average CVE base score was greater by 0.09

Year Vulnerabilities Average Score
2022 350 7.41
2021 485 7.50
2020 802 7.42
2019 448 7.37
2018 258 6.58

It may take a day or so for new Windows 10 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Windows 10 Security Vulnerabilities

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

CVE-2022-34702 8.1 - High - August 09, 2022

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794.

Race Condition

Windows Partition Management Driver Elevation of Privilege Vulnerability

CVE-2022-34703 7.8 - High - August 09, 2022

Windows Partition Management Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33670.

Windows Defender Credential Guard Information Disclosure Vulnerability

CVE-2022-34704 5.5 - Medium - August 09, 2022

Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34710, CVE-2022-34712.

Cleartext Transmission of Sensitive Information

Windows Defender Credential Guard Elevation of Privilege Vulnerability

CVE-2022-34705 7.8 - High - August 09, 2022

Windows Defender Credential Guard Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35771.

Windows Fax Service Elevation of Privilege Vulnerability.

CVE-2022-34690 7.1 - High - August 09, 2022

Windows Fax Service Elevation of Privilege Vulnerability.

Active Directory Domain Services Elevation of Privilege Vulnerability.

CVE-2022-34691 8.8 - High - August 09, 2022

Active Directory Domain Services Elevation of Privilege Vulnerability.

Windows Hyper-V Remote Code Execution Vulnerability.

CVE-2022-34696 7.8 - High - August 09, 2022

Windows Hyper-V Remote Code Execution Vulnerability.

Race Condition

Windows Win32k Elevation of Privilege Vulnerability.

CVE-2022-34699 7.8 - High - August 09, 2022

Windows Win32k Elevation of Privilege Vulnerability.

Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability.

CVE-2022-34701 7.5 - High - August 09, 2022

Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability.

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability.

CVE-2022-34706 7.8 - High - August 09, 2022

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability.

Windows Kernel Elevation of Privilege Vulnerability

CVE-2022-34707 7.8 - High - August 09, 2022

Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35761, CVE-2022-35768.

Windows Kernel Information Disclosure Vulnerability

CVE-2022-34708 5.5 - Medium - August 09, 2022

Windows Kernel Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30197.

Windows Defender Credential Guard Security Feature Bypass Vulnerability.

CVE-2022-34709 6 - Medium - August 09, 2022

Windows Defender Credential Guard Security Feature Bypass Vulnerability.

Windows Defender Credential Guard Information Disclosure Vulnerability

CVE-2022-34710 5.5 - Medium - August 09, 2022

Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34704, CVE-2022-34712.

Windows Defender Credential Guard Information Disclosure Vulnerability

CVE-2022-34712 5.5 - Medium - August 09, 2022

Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34704, CVE-2022-34710.

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

CVE-2022-34713 7.8 - High - August 09, 2022

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35743.

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

CVE-2022-34714 8.1 - High - August 09, 2022

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794.

Microsoft ATA Port Driver Elevation of Privilege Vulnerability.

CVE-2022-35760 7.8 - High - August 09, 2022

Microsoft ATA Port Driver Elevation of Privilege Vulnerability.

Windows Kernel Elevation of Privilege Vulnerability

CVE-2022-35761 7.8 - High - August 09, 2022

Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34707, CVE-2022-35768.

Storage Spaces Direct Elevation of Privilege Vulnerability

CVE-2022-35762 7.8 - High - August 09, 2022

Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35763, CVE-2022-35764, CVE-2022-35765, CVE-2022-35792.

Storage Spaces Direct Elevation of Privilege Vulnerability

CVE-2022-35763 7.8 - High - August 09, 2022

Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35762, CVE-2022-35764, CVE-2022-35765, CVE-2022-35792.

Storage Spaces Direct Elevation of Privilege Vulnerability

CVE-2022-35764 7.8 - High - August 09, 2022

Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35762, CVE-2022-35763, CVE-2022-35765, CVE-2022-35792.

Storage Spaces Direct Elevation of Privilege Vulnerability

CVE-2022-35765 7.8 - High - August 09, 2022

Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35762, CVE-2022-35763, CVE-2022-35764, CVE-2022-35792.

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

CVE-2022-35766 8.1 - High - August 09, 2022

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35767, CVE-2022-35794.

Code Injection

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

CVE-2022-35767 8.1 - High - August 09, 2022

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35794.

Windows Kernel Elevation of Privilege Vulnerability

CVE-2022-35768 7.8 - High - August 09, 2022

Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34707, CVE-2022-35761.

Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability

CVE-2022-35769 7.5 - High - August 09, 2022

Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-35747.

Windows Defender Credential Guard Elevation of Privilege Vulnerability

CVE-2022-35771 7.8 - High - August 09, 2022

Windows Defender Credential Guard Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34705.

Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability

CVE-2022-30133 9.8 - Critical - August 09, 2022

Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35744.

Windows Bluetooth Service Remote Code Execution Vulnerability.

CVE-2022-30144 7.5 - High - August 09, 2022

Windows Bluetooth Service Remote Code Execution Vulnerability.

Windows WebBrowser Control Remote Code Execution Vulnerability.

CVE-2022-30194 7.5 - High - August 09, 2022

Windows WebBrowser Control Remote Code Execution Vulnerability.

Windows Kernel Information Disclosure Vulnerability

CVE-2022-30197 5.5 - Medium - August 09, 2022

Windows Kernel Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34708.

Windows Partition Management Driver Elevation of Privilege Vulnerability

CVE-2022-33670 7.8 - High - August 09, 2022

Windows Partition Management Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34703.

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability

CVE-2022-30202 7 - High - July 12, 2022

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30224.

Windows Boot Manager Security Feature Bypass Vulnerability.

CVE-2022-30203 7.4 - High - July 12, 2022

Windows Boot Manager Security Feature Bypass Vulnerability.

Windows Group Policy Elevation of Privilege Vulnerability.

CVE-2022-30205 6.6 - Medium - July 12, 2022

Windows Group Policy Elevation of Privilege Vulnerability.

Race Condition

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2022-30206 7.8 - High - July 12, 2022

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30226.

Windows Security Account Manager (SAM) Denial of Service Vulnerability.

CVE-2022-30208 6.5 - Medium - July 12, 2022

Windows Security Account Manager (SAM) Denial of Service Vulnerability.

Windows IIS Server Elevation of Privilege Vulnerability.

CVE-2022-30209 7.4 - High - July 12, 2022

Windows IIS Server Elevation of Privilege Vulnerability.

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability.

CVE-2022-30211 8.8 - High - July 12, 2022

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability.

Windows Connected Devices Platform Service Information Disclosure Vulnerability.

CVE-2022-30212 4.7 - Medium - July 12, 2022

Windows Connected Devices Platform Service Information Disclosure Vulnerability.

Race Condition

Windows Hyper-V Information Disclosure Vulnerability

CVE-2022-30223 5.7 - Medium - July 12, 2022

Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22042.

Exposure of Resource to Wrong Sphere

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability

CVE-2022-30224 7 - High - July 12, 2022

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22037, CVE-2022-30202.

Improper Privilege Management

Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability.

CVE-2022-30225 7.1 - High - July 12, 2022

Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2022-30226 7.1 - High - July 12, 2022

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-22041, CVE-2022-30206.

Improper Privilege Management

Windows Server Service Tampering Vulnerability.

CVE-2022-30216 8.8 - High - July 12, 2022

Windows Server Service Tampering Vulnerability.

Unrestricted File Upload

Windows Common Log File System Driver Elevation of Privilege Vulnerability.

CVE-2022-30220 7.8 - High - July 12, 2022

Windows Common Log File System Driver Elevation of Privilege Vulnerability.

Windows Graphics Component Remote Code Execution Vulnerability.

CVE-2022-30221 8.8 - High - July 12, 2022

Windows Graphics Component Remote Code Execution Vulnerability.

Windows Shell Remote Code Execution Vulnerability.

CVE-2022-30222 8.4 - High - July 12, 2022

Windows Shell Remote Code Execution Vulnerability.

Windows GDI+ Information Disclosure Vulnerability.

CVE-2022-30213 5.5 - Medium - July 12, 2022

Windows GDI+ Information Disclosure Vulnerability.

BitLocker Security Feature Bypass Vulnerability.

CVE-2022-22048 6.1 - Medium - July 12, 2022

BitLocker Security Feature Bypass Vulnerability.

AuthZ

Windows CSRSS Elevation of Privilege Vulnerability

CVE-2022-22049 7.8 - High - July 12, 2022

Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22047.

Windows Fax Service Elevation of Privilege Vulnerability.

CVE-2022-22050 7.8 - High - July 12, 2022

Windows Fax Service Elevation of Privilege Vulnerability.

Windows BitLocker Information Disclosure Vulnerability.

CVE-2022-22711 6.3 - Medium - July 12, 2022

Windows BitLocker Information Disclosure Vulnerability.

Exposure of Resource to Wrong Sphere

Xbox Live Save Service Elevation of Privilege Vulnerability.

CVE-2022-33644 7 - High - July 12, 2022

Xbox Live Save Service Elevation of Privilege Vulnerability.

Windows CSRSS Elevation of Privilege Vulnerability

CVE-2022-22026 8.8 - High - July 12, 2022

Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22047, CVE-2022-22049.

Improper Privilege Management

Windows Fax Service Remote Code Execution Vulnerability

CVE-2022-22027 7.8 - High - July 12, 2022

Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22024.

Code Injection

Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability.

CVE-2022-22031 7.8 - High - July 12, 2022

Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Graphics Component Elevation of Privilege Vulnerability.

CVE-2022-22034 7.8 - High - July 12, 2022

Windows Graphics Component Elevation of Privilege Vulnerability.

Improper Privilege Management

Performance Counters for Windows Elevation of Privilege Vulnerability.

CVE-2022-22036 7 - High - July 12, 2022

Performance Counters for Windows Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability

CVE-2022-22037 7.5 - High - July 12, 2022

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30202, CVE-2022-30224.

Improper Privilege Management

Remote Procedure Call Runtime Remote Code Execution Vulnerability.

CVE-2022-22038 8.1 - High - July 12, 2022

Remote Procedure Call Runtime Remote Code Execution Vulnerability.

Code Injection

Internet Information Services Dynamic Compression Module Denial of Service Vulnerability.

CVE-2022-22040 7.3 - High - July 12, 2022

Internet Information Services Dynamic Compression Module Denial of Service Vulnerability.

Resource Exhaustion

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2022-22041 7.2 - High - July 12, 2022

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-30206, CVE-2022-30226.

Improper Privilege Management

Windows Fast FAT File System Driver Elevation of Privilege Vulnerability.

CVE-2022-22043 7.8 - High - July 12, 2022

Windows Fast FAT File System Driver Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Kernel Information Disclosure Vulnerability.

CVE-2022-21845 4.7 - Medium - July 12, 2022

Windows Kernel Information Disclosure Vulnerability.

Exposure of Resource to Wrong Sphere

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2022-22022 7.1 - High - July 12, 2022

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22041, CVE-2022-30206, CVE-2022-30226.

Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability.

CVE-2022-22023 6.6 - Medium - July 12, 2022

Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability.

Windows Fax Service Remote Code Execution Vulnerability

CVE-2022-22024 7.8 - High - July 12, 2022

Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027.

Windows Internet Information Services Cachuri Module Denial of Service Vulnerability.

CVE-2022-22025 7.5 - High - July 12, 2022

Windows Internet Information Services Cachuri Module Denial of Service Vulnerability.

Windows Hyper-V Information Disclosure Vulnerability

CVE-2022-22042 6.5 - Medium - July 12, 2022

Windows Hyper-V Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30223.

Exposure of Resource to Wrong Sphere

Windows.Devices.Picker.dll Elevation of Privilege Vulnerability.

CVE-2022-22045 7.8 - High - July 12, 2022

Windows.Devices.Picker.dll Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows CSRSS Elevation of Privilege Vulnerability

CVE-2022-22047 7.8 - High - July 12, 2022

Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22049.

Improper Privilege Management

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability.

CVE-2022-30145 8.1 - High - June 15, 2022

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability.

Code Injection

Kerberos AppContainer Security Feature Bypass Vulnerability.

CVE-2022-30164 7.8 - High - June 15, 2022

Kerberos AppContainer Security Feature Bypass Vulnerability.

AuthZ

Windows Kernel Information Disclosure Vulnerability.

CVE-2022-30162 5.5 - Medium - June 15, 2022

Windows Kernel Information Disclosure Vulnerability.

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability.

CVE-2022-30160 7.8 - High - June 15, 2022

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability.

Windows Kernel Denial of Service Vulnerability.

CVE-2022-30155 5.5 - Medium - June 15, 2022

Windows Kernel Denial of Service Vulnerability.

Resource Exhaustion

Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability.

CVE-2022-30154 5.3 - Medium - June 15, 2022

Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Network Address Translation (NAT) Denial of Service Vulnerability.

CVE-2022-30152 7.5 - High - June 15, 2022

Windows Network Address Translation (NAT) Denial of Service Vulnerability.

Resource Exhaustion

Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability.

CVE-2022-30150 8.1 - High - June 15, 2022

Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability.

Improper Privilege Management

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2022-30141 8.1 - High - June 15, 2022

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.

Code Injection

Windows Container Manager Service Elevation of Privilege Vulnerability.

CVE-2022-30132 7.8 - High - June 15, 2022

Windows Container Manager Service Elevation of Privilege Vulnerability.

Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability.

CVE-2022-30189 6.5 - Medium - June 15, 2022

Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability.

Windows Kerberos Elevation of Privilege Vulnerability.

CVE-2022-30165 8.8 - High - June 15, 2022

Windows Kerberos Elevation of Privilege Vulnerability.

Windows Hyper-V Remote Code Execution Vulnerability.

CVE-2022-30163 8.5 - High - June 15, 2022

Windows Hyper-V Remote Code Execution Vulnerability.

Race Condition

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2022-30153 8.8 - High - June 15, 2022

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30161.

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2022-30161 8.8 - High - June 15, 2022

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153.

Windows iSCSI Discovery Service Remote Code Execution Vulnerability.

CVE-2022-30140 7.5 - High - June 15, 2022

Windows iSCSI Discovery Service Remote Code Execution Vulnerability.

Windows File History Remote Code Execution Vulnerability.

CVE-2022-30142 7.5 - High - June 15, 2022

Windows File History Remote Code Execution Vulnerability.

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2022-30146 7.5 - High - June 15, 2022

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2022-30149 7.5 - High - June 15, 2022

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30153, CVE-2022-30161.

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability.

CVE-2022-30166 7.8 - High - June 15, 2022

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability.

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2022-30143 7.5 - High - June 15, 2022

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2022-30139 8.1 - High - June 15, 2022

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.

Windows Installer Elevation of Privilege Vulnerability.

CVE-2022-30147 7.8 - High - June 15, 2022

Windows Installer Elevation of Privilege Vulnerability.

Windows Desired State Configuration (DSC) Information Disclosure Vulnerability.

CVE-2022-30148 5.5 - Medium - June 15, 2022

Windows Desired State Configuration (DSC) Information Disclosure Vulnerability.

Insertion of Sensitive Information into Log File

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.

CVE-2022-30151 7 - High - June 15, 2022

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.

Improper Privilege Management

Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set

CVE-2022-32230 7.5 - High - June 14, 2022

Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.

NULL Pointer Dereference

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.

CVE-2022-30190 7.8 - High - June 01, 2022

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Windows 11 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe