Microsoft Windows 10
Recent Microsoft Windows 10 Security Advisories
Advisory | Title | Published |
---|---|---|
CVE-2021-42297 | Windows 10 Update Assistant Elevation of Privilege Vulnerability | November 16, 2021 |
CVE-2021-43211 | Windows 10 Update Assistant Elevation of Privilege Vulnerability | November 16, 2021 |
CVE-2021-36945 | Windows 10 Update Assistant Elevation of Privilege Vulnerability | August 10, 2021 |
By the Year
In 2024 there have been 324 vulnerabilities in Microsoft Windows 10 with an average score of 7.4 out of ten. Last year Windows 10 had 525 security vulnerabilities published. Right now, Windows 10 is on track to have less security vulnerabilities in 2024 than it did last year. Last year, the average CVE base score was greater by 0.15
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 324 | 7.39 |
2023 | 525 | 7.53 |
2022 | 525 | 7.42 |
2021 | 488 | 7.35 |
2020 | 804 | 7.36 |
2019 | 448 | 7.34 |
2018 | 259 | 6.59 |
It may take a day or so for new Windows 10 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows 10 Security Vulnerabilities
BranchCache Denial of Service Vulnerability
CVE-2024-38149
7.5 - High
- October 08, 2024
BranchCache Denial of Service Vulnerability
Resource Exhaustion
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-43615
7.1 - High
- October 08, 2024
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
External Control of File Name or Path
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-43501
7.8 - High
- October 08, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability
insecure temporary file
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43502
7.1 - High
- October 08, 2024
Windows Kernel Elevation of Privilege Vulnerability
Use of Uninitialized Resource
BranchCache Denial of Service Vulnerability
CVE-2024-43506
7.5 - High
- October 08, 2024
BranchCache Denial of Service Vulnerability
Resource Exhaustion
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43509
7.8 - High
- October 08, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Dangling pointer
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43511
7 - High
- October 08, 2024
Windows Kernel Elevation of Privilege Vulnerability
TOCTTOU
BitLocker Security Feature Bypass Vulnerability
CVE-2024-43513
6.4 - Medium
- October 08, 2024
BitLocker Security Feature Bypass Vulnerability
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2024-43514
7.8 - High
- October 08, 2024
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Double-free
Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability
CVE-2024-43515
7.5 - High
- October 08, 2024
Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability
Resource Exhaustion
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-43516
7.8 - High
- October 08, 2024
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
CVE-2024-43517
8.8 - High
- October 08, 2024
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Server Remote Code Execution Vulnerability
CVE-2024-43518
8.8 - High
- October 08, 2024
Windows Telephony Server Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-43519
8.8 - High
- October 08, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Numeric Truncation Error
Windows Kernel Denial of Service Vulnerability
CVE-2024-43520
5 - Medium
- October 08, 2024
Windows Kernel Denial of Service Vulnerability
NULL Pointer Dereference
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43523
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43524
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Range Error
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43525
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43526
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43538
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43540
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Cryptographic Information Disclosure Vulnerability
CVE-2024-43546
5.6 - Medium
- October 08, 2024
Windows Cryptographic Information Disclosure Vulnerability
Side Channel Attack
Windows Kerberos Information Disclosure Vulnerability
CVE-2024-43547
5.9 - Medium
- October 08, 2024
Windows Kerberos Information Disclosure Vulnerability
Missing Cryptographic Step
Windows Secure Channel Spoofing Vulnerability
CVE-2024-43550
7.4 - High
- October 08, 2024
Windows Secure Channel Spoofing Vulnerability
Improper Certificate Validation
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-43551
7.8 - High
- October 08, 2024
Windows Storage Elevation of Privilege Vulnerability
insecure temporary file
NT OS Kernel Elevation of Privilege Vulnerability
CVE-2024-43553
7 - High
- October 08, 2024
NT OS Kernel Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-43554
5.5 - Medium
- October 08, 2024
Windows Kernel-Mode Driver Information Disclosure Vulnerability
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43555
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43556
7.8 - High
- October 08, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Dangling pointer
Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability
CVE-2024-43560
7.8 - High
- October 08, 2024
Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43561
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-43562
7.5 - High
- October 08, 2024
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Out-of-bounds Read
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2024-43563
7.8 - High
- October 08, 2024
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Sensitive Data Storage in Improperly Locked Memory
Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-43565
7.5 - High
- October 08, 2024
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Out-of-bounds Read
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
CVE-2024-43574
8.3 - High
- October 08, 2024
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
Dangling pointer
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-43599
8.8 - High
- October 08, 2024
Remote Desktop Client Remote Code Execution Vulnerability
Dangling pointer
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43542
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43543
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Open Redirect
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43557
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43558
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43559
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
NULL Pointer Dereference
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-43528
7.8 - High
- October 08, 2024
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2024-43529
7.3 - High
- October 08, 2024
Windows Print Spooler Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Remote Registry Service Elevation of Privilege Vulnerability
CVE-2024-43532
8.8 - High
- October 08, 2024
Remote Registry Service Elevation of Privilege Vulnerability
Failing Open
Windows Graphics Component Information Disclosure Vulnerability
CVE-2024-43534
6.5 - Medium
- October 08, 2024
Windows Graphics Component Information Disclosure Vulnerability
Out-of-bounds Read
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-43535
7 - High
- October 08, 2024
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Dangling pointer
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43536
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43537
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Out-of-bounds Read
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43570
7 - High
- October 08, 2024
Windows Kernel Elevation of Privilege Vulnerability
Dangling pointer
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-43581
7.1 - High
- October 08, 2024
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
External Control of File Name or Path
Remote Desktop Protocol Server Remote Code Execution Vulnerability
CVE-2024-43582
8.1 - High
- October 08, 2024
Remote Desktop Protocol Server Remote Code Execution Vulnerability
Dangling pointer
Winlogon Elevation of Privilege Vulnerability
CVE-2024-43583
7.8 - High
- October 08, 2024
Winlogon Elevation of Privilege Vulnerability
Execution with Unnecessary Privileges
Code Integrity Guard Security Feature Bypass Vulnerability
CVE-2024-43585
5.5 - Medium
- October 08, 2024
Code Integrity Guard Security Feature Bypass Vulnerability
Protection Mechanism Failure
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37976
6.7 - Medium
- October 08, 2024
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
Integer Overflow or Wraparound
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37982
7.8 - High
- October 08, 2024
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
Untrusted Pointer Dereference
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37983
6.7 - Medium
- October 08, 2024
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
Untrusted Pointer Dereference
Microsoft Management Console Remote Code Execution Vulnerability
CVE-2024-43572
7.8 - High
- October 08, 2024
Microsoft Management Console Remote Code Execution Vulnerability
Improper Neutralization
Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-43573
8.1 - High
- October 08, 2024
Windows MSHTML Platform Spoofing Vulnerability
XSS
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38238
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38217
5.4 - Medium
- September 10, 2024
Windows Mark of the Web Security Feature Bypass Vulnerability
Protection Mechanism Failure
Windows Installer Elevation of Privilege Vulnerability
CVE-2024-38014
7.8 - High
- September 10, 2024
Windows Installer Elevation of Privilege Vulnerability
Improper Privilege Management
Microsoft AllJoyn API Information Disclosure Vulnerability
CVE-2024-38257
7.5 - High
- September 10, 2024
Microsoft AllJoyn API Information Disclosure Vulnerability
Use of Uninitialized Resource
Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-38256
5.5 - Medium
- September 10, 2024
Windows Kernel-Mode Driver Information Disclosure Vulnerability
Use of Uninitialized Resource
Windows Authentication Information Disclosure Vulnerability
CVE-2024-38254
6.2 - Medium
- September 10, 2024
Windows Authentication Information Disclosure Vulnerability
Use of Uninitialized Resource
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-38252
7.8 - High
- September 10, 2024
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Dangling pointer
Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-43461
8.8 - High
- September 10, 2024
Windows MSHTML Platform Spoofing Vulnerability
User Interface (UI) Misrepresentation of Critical Information
Windows Networking Information Disclosure Vulnerability
CVE-2024-43458
7.7 - High
- September 10, 2024
Windows Networking Information Disclosure Vulnerability
Use of Uninitialized Resource
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38250
7.8 - High
- September 10, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Buffer Over-read
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38249
7.8 - High
- September 10, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Dangling pointer
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-38248
7 - High
- September 10, 2024
Windows Storage Elevation of Privilege Vulnerability
Dangling pointer
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38247
7.8 - High
- September 10, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Double-free
Win32k Elevation of Privilege Vulnerability
CVE-2024-38246
7 - High
- September 10, 2024
Win32k Elevation of Privilege Vulnerability
Stack Overflow
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38245
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38244
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Improper Input Validation
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38243
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Improper Input Validation
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38241
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Improper Input Validation
Windows Security Zone Mapping Security Feature Bypass Vulnerability
CVE-2024-30073
7.8 - High
- September 10, 2024
Windows Security Zone Mapping Security Feature Bypass Vulnerability
Improper Resolution of Path Equivalence
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-21416
9.8 - Critical
- September 10, 2024
Windows TCP/IP Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-38045
8.1 - High
- September 10, 2024
Windows TCP/IP Remote Code Execution Vulnerability
Heap-based Buffer Overflow
PowerShell Elevation of Privilege Vulnerability
CVE-2024-38046
7.8 - High
- September 10, 2024
PowerShell Elevation of Privilege Vulnerability
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-43487
6.5 - Medium
- September 10, 2024
Windows Mark of the Web Security Feature Bypass Vulnerability
Protection Mechanism Failure
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
CVE-2024-38119
7.5 - High
- September 10, 2024
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
Dangling pointer
Windows Networking Denial of Service Vulnerability
CVE-2024-38232
7.5 - High
- September 10, 2024
Windows Networking Denial of Service Vulnerability
NULL Pointer Dereference
Windows Networking Denial of Service Vulnerability
CVE-2024-38234
6.5 - Medium
- September 10, 2024
Windows Networking Denial of Service Vulnerability
Improper Input Validation
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-38235
6.5 - Medium
- September 10, 2024
Windows Hyper-V Denial of Service Vulnerability
Dangling pointer
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38237
7.8 - High
- September 10, 2024
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38242
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38239
7.2 - High
- September 10, 2024
Windows Kerberos Elevation of Privilege Vulnerability
1390
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-38240
9.8 - Critical
- September 10, 2024
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
Out-of-bounds Read