Windows 10 22h2

windows_10_22h2

Vendor: Microsoft • 2,020 CVEs

CVEs (2,020)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-38133 1Microsoft 10Windows 10 1809 Windows 10 21h2Windows 10 22h2+7 more Aug 16, 2024 Aug 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-38132 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Aug 16, 2024 Aug 13, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-38131 1Microsoft 16Remote Desktop Client Windows 10 1507Windows 10 1607+13 more Jul 7, 2025 Aug 13, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Clipboard Virtual Channel Extension Remote Code Execution Vulnerability
CVE-2024-38130 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-38127 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2024-38126 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Aug 16, 2024 Aug 13, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-38125 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38122 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
CVE-2024-38118 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
CVE-2024-38117 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 NTFS Elevation of Privilege Vulnerability
CVE-2024-38116 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Windows IP Routing Management Snapin Remote Code Execution Vulnerability
CVE-2024-38115 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Windows IP Routing Management Snapin Remote Code Execution Vulnerability
CVE-2024-38114 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Windows IP Routing Management Snapin Remote Code Execution Vulnerability
CVE-2024-38107 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Oct 28, 2025 Aug 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
CVE-2024-38106 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Oct 28, 2025 Aug 13, 2024 N/A· v4 7.0 HIGH· v3 N/A· v2 Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-38063 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 16, 2024 Aug 13, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-29995 1Microsoft 12Windows 10 1507 Windows 10 1607Windows 10 1809+9 more Aug 16, 2024 Aug 13, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38202 1Microsoft 11Windows 10 1607 Windows 10 1809Windows 10 21h2+8 more Apr 16, 2025 Aug 8, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or cir...Show more Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful. Microsoft has developed a security update to mitigate this threat which was made available October 08, 2024 and is provided in the Security Updates table of this CVE for customers to download. Note: Depending on your version of Windows, additional steps may be required to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce the risks associated with this vulnerability and to protect their systems. If there are any further updates regarding mitigations for this vulnerability, this CVE will be updated and customers will be notified. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert if an update occurs. Details A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Update potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability. Microsoft has developed a security update to mitigate this threat which was made available October 08, 2024 and is provided in the Security Updates table of this CVE for customers to download. Note: Depending on your version of Windows, additional steps may be required to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce the risks associated with this vulnerability and to protect their systems. If there are any further... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202Show less
CVE-2024-21302 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Jul 10, 2025 Aug 8, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions se...Show more Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this vulnerability. An elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security (VBS), including a subset of Azure Virtual Machine SKUS. This vulnerability enables an attacker with administrator privileges to replace current versions of Windows system files with outdated versions. By exploiting this vulnerability, an attacker could reintroduce previously mitigated vulnerabilities, circumvent some features of VBS, and exfiltrate data protected by VBS. Update: July 10, 2025 Microsoft has addressed this vulnerability for Windows 10 1507, Windows 10, version 1607, Windows 10, version 1809, and Windows Server 2016 and Windows Server 2018. This ensures that mitigations are available to protect all supported versions of Windows 10 and Windows 11 from this vulnerability. See the available mitigations and deployment guidelines described in KB5042562: Guidance for blocking rollback of virtualization-based security related updates. Update: August 13, 2024 Microsoft has released the August 2024 security updates that include an opt-in revocation policy mitigation to address this vulnerability. Customers running affected versions of Windows are encouraged to review KB5042562: Guidance for blocking rollback of virtualization-based security related updates to assess if this opt-in policy meets the needs of their environment before implementing this mitigation. There are risks associated with this mitigation that should be understood prior to applying it to your systems. Detailed information about these risks is also available in KB5042562. Details: A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows 10, Windows 11, Windows Server 2016, and higher based systems including Azure Virtual Machines (VM) that support VBS. For more information on Windows versions and VM SKUs supporting VBS, reference: Virtualization-based Security (VBS) \| Microsoft Learn. The vulnerability enables an attacker with administrator privileges on the target system to replace current Windows system files with outdated versions. Successful... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21302Show less
CVE-2024-21417 1Microsoft 9Windows 10 1809 Windows 10 21h2Windows 10 22h2+6 more Jan 9, 2025 Jul 10, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Windows Text Services Framework Elevation of Privilege Vulnerability

Previous 1...606162...101 Next