Windows 10 Microsoft Windows 10

Do you want an email whenever new security vulnerabilities are reported in Microsoft Windows 10?

Recent Microsoft Windows 10 Security Advisories

Advisory Title Published
CVE-2021-42297 Windows 10 Update Assistant Elevation of Privilege Vulnerability November 16, 2021
CVE-2021-43211 Windows 10 Update Assistant Elevation of Privilege Vulnerability November 16, 2021
CVE-2021-36945 Windows 10 Update Assistant Elevation of Privilege Vulnerability August 10, 2021

By the Year

In 2024 there have been 322 vulnerabilities in Microsoft Windows 10 with an average score of 7.4 out of ten. Last year Windows 10 had 525 security vulnerabilities published. Right now, Windows 10 is on track to have less security vulnerabilities in 2024 than it did last year. Last year, the average CVE base score was greater by 0.15

Year Vulnerabilities Average Score
2024 322 7.39
2023 525 7.53
2022 525 7.42
2021 488 7.35
2020 804 7.36
2019 448 7.34
2018 259 6.59

It may take a day or so for new Windows 10 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Windows 10 Security Vulnerabilities

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2024-43501 7.8 - High - October 08, 2024

Windows Common Log File System Driver Elevation of Privilege Vulnerability

insecure temporary file

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-43502 7.1 - High - October 08, 2024

Windows Kernel Elevation of Privilege Vulnerability

Use of Uninitialized Resource

BranchCache Denial of Service Vulnerability

CVE-2024-43506 7.5 - High - October 08, 2024

BranchCache Denial of Service Vulnerability

Resource Exhaustion

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2024-43509 7.8 - High - October 08, 2024

Windows Graphics Component Elevation of Privilege Vulnerability

Dangling pointer

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-43511 7 - High - October 08, 2024

Windows Kernel Elevation of Privilege Vulnerability

TOCTTOU

BitLocker Security Feature Bypass Vulnerability

CVE-2024-43513 6.4 - Medium - October 08, 2024

BitLocker Security Feature Bypass Vulnerability

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

CVE-2024-43514 7.8 - High - October 08, 2024

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Double-free

Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability

CVE-2024-43515 7.5 - High - October 08, 2024

Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability

Resource Exhaustion

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2024-43516 7.8 - High - October 08, 2024

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability

CVE-2024-43517 8.8 - High - October 08, 2024

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Server Remote Code Execution Vulnerability

CVE-2024-43518 8.8 - High - October 08, 2024

Windows Telephony Server Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-43519 8.8 - High - October 08, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Numeric Truncation Error

Windows Kernel Denial of Service Vulnerability

CVE-2024-43520 5 - Medium - October 08, 2024

Windows Kernel Denial of Service Vulnerability

NULL Pointer Dereference

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43523 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43524 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Range Error

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43525 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43526 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43538 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43540 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Windows Cryptographic Information Disclosure Vulnerability

CVE-2024-43546 5.6 - Medium - October 08, 2024

Windows Cryptographic Information Disclosure Vulnerability

Side Channel Attack

Windows Kerberos Information Disclosure Vulnerability

CVE-2024-43547 5.9 - Medium - October 08, 2024

Windows Kerberos Information Disclosure Vulnerability

Missing Cryptographic Step

Windows Secure Channel Spoofing Vulnerability

CVE-2024-43550 7.4 - High - October 08, 2024

Windows Secure Channel Spoofing Vulnerability

Improper Certificate Validation

Windows Storage Elevation of Privilege Vulnerability

CVE-2024-43551 7.8 - High - October 08, 2024

Windows Storage Elevation of Privilege Vulnerability

insecure temporary file

NT OS Kernel Elevation of Privilege Vulnerability

CVE-2024-43553 7 - High - October 08, 2024

NT OS Kernel Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Windows Kernel-Mode Driver Information Disclosure Vulnerability

CVE-2024-43554 5.5 - Medium - October 08, 2024

Windows Kernel-Mode Driver Information Disclosure Vulnerability

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43555 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2024-43556 7.8 - High - October 08, 2024

Windows Graphics Component Elevation of Privilege Vulnerability

Dangling pointer

Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability

CVE-2024-43560 7.8 - High - October 08, 2024

Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43561 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Windows Network Address Translation (NAT) Denial of Service Vulnerability

CVE-2024-43562 7.5 - High - October 08, 2024

Windows Network Address Translation (NAT) Denial of Service Vulnerability

Out-of-bounds Read

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2024-43563 7.8 - High - October 08, 2024

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Sensitive Data Storage in Improperly Locked Memory

Windows Network Address Translation (NAT) Denial of Service Vulnerability

CVE-2024-43565 7.5 - High - October 08, 2024

Windows Network Address Translation (NAT) Denial of Service Vulnerability

Out-of-bounds Read

Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability

CVE-2024-43574 8.3 - High - October 08, 2024

Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability

Dangling pointer

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2024-43599 8.8 - High - October 08, 2024

Remote Desktop Client Remote Code Execution Vulnerability

Dangling pointer

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43542 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43543 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Open Redirect

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43557 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43558 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43559 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

NULL Pointer Dereference

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2024-43528 7.8 - High - October 08, 2024

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2024-43529 7.3 - High - October 08, 2024

Windows Print Spooler Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Remote Registry Service Elevation of Privilege Vulnerability

CVE-2024-43532 8.8 - High - October 08, 2024

Remote Registry Service Elevation of Privilege Vulnerability

Failing Open

Windows Graphics Component Information Disclosure Vulnerability

CVE-2024-43534 6.5 - Medium - October 08, 2024

Windows Graphics Component Information Disclosure Vulnerability

Out-of-bounds Read

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-43535 7 - High - October 08, 2024

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Dangling pointer

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43536 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43537 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Out-of-bounds Read

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-43570 7 - High - October 08, 2024

Windows Kernel Elevation of Privilege Vulnerability

Dangling pointer

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability

CVE-2024-43581 7.1 - High - October 08, 2024

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability

External Control of File Name or Path

Remote Desktop Protocol Server Remote Code Execution Vulnerability

CVE-2024-43582 8.1 - High - October 08, 2024

Remote Desktop Protocol Server Remote Code Execution Vulnerability

Dangling pointer

Winlogon Elevation of Privilege Vulnerability

CVE-2024-43583 7.8 - High - October 08, 2024

Winlogon Elevation of Privilege Vulnerability

Execution with Unnecessary Privileges

Code Integrity Guard Security Feature Bypass Vulnerability

CVE-2024-43585 5.5 - Medium - October 08, 2024

Code Integrity Guard Security Feature Bypass Vulnerability

Protection Mechanism Failure

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

CVE-2024-37976 6.7 - Medium - October 08, 2024

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

Integer Overflow or Wraparound

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

CVE-2024-37982 7.8 - High - October 08, 2024

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

Untrusted Pointer Dereference

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

CVE-2024-37983 6.7 - Medium - October 08, 2024

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

Untrusted Pointer Dereference

Microsoft Management Console Remote Code Execution Vulnerability

CVE-2024-43572 7.8 - High - October 08, 2024

Microsoft Management Console Remote Code Execution Vulnerability

Improper Neutralization

Windows MSHTML Platform Spoofing Vulnerability

CVE-2024-43573 8.1 - High - October 08, 2024

Windows MSHTML Platform Spoofing Vulnerability

XSS

Windows Kerberos Elevation of Privilege Vulnerability

CVE-2024-38239 7.2 - High - September 10, 2024

Windows Kerberos Elevation of Privilege Vulnerability

1390

Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2024-38217 5.4 - Medium - September 10, 2024

Windows Mark of the Web Security Feature Bypass Vulnerability

Protection Mechanism Failure

Windows Installer Elevation of Privilege Vulnerability

CVE-2024-38014 7.8 - High - September 10, 2024

Windows Installer Elevation of Privilege Vulnerability

Improper Privilege Management

Microsoft AllJoyn API Information Disclosure Vulnerability

CVE-2024-38257 7.5 - High - September 10, 2024

Microsoft AllJoyn API Information Disclosure Vulnerability

Use of Uninitialized Resource

Windows Kernel-Mode Driver Information Disclosure Vulnerability

CVE-2024-38256 5.5 - Medium - September 10, 2024

Windows Kernel-Mode Driver Information Disclosure Vulnerability

Use of Uninitialized Resource

Windows Authentication Information Disclosure Vulnerability

CVE-2024-38254 6.2 - Medium - September 10, 2024

Windows Authentication Information Disclosure Vulnerability

Use of Uninitialized Resource

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

CVE-2024-38252 7.8 - High - September 10, 2024

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Dangling pointer

Windows MSHTML Platform Spoofing Vulnerability

CVE-2024-43461 8.8 - High - September 10, 2024

Windows MSHTML Platform Spoofing Vulnerability

User Interface (UI) Misrepresentation of Critical Information

Windows Networking Information Disclosure Vulnerability

CVE-2024-43458 7.7 - High - September 10, 2024

Windows Networking Information Disclosure Vulnerability

Use of Uninitialized Resource

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2024-38250 7.8 - High - September 10, 2024

Windows Graphics Component Elevation of Privilege Vulnerability

Buffer Over-read

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2024-38249 7.8 - High - September 10, 2024

Windows Graphics Component Elevation of Privilege Vulnerability

Dangling pointer

Windows Storage Elevation of Privilege Vulnerability

CVE-2024-38248 7 - High - September 10, 2024

Windows Storage Elevation of Privilege Vulnerability

Dangling pointer

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2024-38247 7.8 - High - September 10, 2024

Windows Graphics Component Elevation of Privilege Vulnerability

Double-free

Win32k Elevation of Privilege Vulnerability

CVE-2024-38246 7 - High - September 10, 2024

Win32k Elevation of Privilege Vulnerability

Stack Overflow

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

CVE-2024-38245 7.8 - High - September 10, 2024

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

CVE-2024-38244 7.8 - High - September 10, 2024

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Improper Input Validation

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

CVE-2024-38243 7.8 - High - September 10, 2024

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Improper Input Validation

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

CVE-2024-38241 7.8 - High - September 10, 2024

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Improper Input Validation

Windows Security Zone Mapping Security Feature Bypass Vulnerability

CVE-2024-30073 7.8 - High - September 10, 2024

Windows Security Zone Mapping Security Feature Bypass Vulnerability

Improper Resolution of Path Equivalence

Windows TCP/IP Remote Code Execution Vulnerability

CVE-2024-21416 9.8 - Critical - September 10, 2024

Windows TCP/IP Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows TCP/IP Remote Code Execution Vulnerability

CVE-2024-38045 8.1 - High - September 10, 2024

Windows TCP/IP Remote Code Execution Vulnerability

Heap-based Buffer Overflow

PowerShell Elevation of Privilege Vulnerability

CVE-2024-38046 7.8 - High - September 10, 2024

PowerShell Elevation of Privilege Vulnerability

Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2024-43487 6.5 - Medium - September 10, 2024

Windows Mark of the Web Security Feature Bypass Vulnerability

Protection Mechanism Failure

Windows Network Address Translation (NAT) Remote Code Execution Vulnerability

CVE-2024-38119 7.5 - High - September 10, 2024

Windows Network Address Translation (NAT) Remote Code Execution Vulnerability

Dangling pointer

Windows Networking Denial of Service Vulnerability

CVE-2024-38232 7.5 - High - September 10, 2024

Windows Networking Denial of Service Vulnerability

NULL Pointer Dereference

Windows Networking Denial of Service Vulnerability

CVE-2024-38234 6.5 - Medium - September 10, 2024

Windows Networking Denial of Service Vulnerability

Improper Input Validation

Windows Hyper-V Denial of Service Vulnerability

CVE-2024-38235 6.5 - Medium - September 10, 2024

Windows Hyper-V Denial of Service Vulnerability

Dangling pointer

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2024-38237 7.8 - High - September 10, 2024

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

CVE-2024-38238 7.8 - High - September 10, 2024

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

CVE-2024-38242 7.8 - High - September 10, 2024

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2024-38240 9.8 - Critical - September 10, 2024

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Networking Denial of Service Vulnerability

CVE-2024-38233 7.5 - High - September 10, 2024

Windows Networking Denial of Service Vulnerability

NULL Pointer Dereference

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

CVE-2024-38191 7.8 - High - August 13, 2024

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Race Condition

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

CVE-2024-38137 7 - High - August 13, 2024

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

Race Condition

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

CVE-2024-38136 7 - High - August 13, 2024

Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability

Race Condition

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-38133 7.8 - High - August 13, 2024

Windows Kernel Elevation of Privilege Vulnerability

Improper Neutralization of Special Elements

Windows Network Address Translation (NAT) Denial of Service Vulnerability

CVE-2024-38132 7.5 - High - August 13, 2024

Windows Network Address Translation (NAT) Denial of Service Vulnerability

Out-of-bounds Read

Clipboard Virtual Channel Extension Remote Code Execution Vulnerability

CVE-2024-38131 8.8 - High - August 13, 2024

Clipboard Virtual Channel Extension Remote Code Execution Vulnerability

Sensitive Data Storage in Improperly Locked Memory

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2024-38125 7.8 - High - August 13, 2024

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Numeric Truncation Error

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

CVE-2024-38118 5.5 - Medium - August 13, 2024

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

Use of Uninitialized Resource

Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2024-38213 6.5 - Medium - August 13, 2024

Windows Mark of the Web Security Feature Bypass Vulnerability

Protection Mechanism Failure

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

CVE-2024-38122 5.5 - Medium - August 13, 2024

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

Use of Uninitialized Resource

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-38130 8.8 - High - August 13, 2024

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Network Address Translation (NAT) Denial of Service Vulnerability

CVE-2024-38126 7.5 - High - August 13, 2024

Windows Network Address Translation (NAT) Denial of Service Vulnerability

NULL Pointer Dereference

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Windows 11 24h2 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe