) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.16405:*:*:*:*:*:x86:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-43491 |
Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB5043936) AND the September 2024 Windows security update (KB5043083), in that order. Note: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support. Published: September 10, 2024; 1:15:36 PM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2024-38256 |
Windows Kernel-Mode Driver Information Disclosure Vulnerability Published: September 10, 2024; 1:15:31 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2024-38254 |
Windows Authentication Information Disclosure Vulnerability Published: September 10, 2024; 1:15:31 PM -0400 |
V4.0:(not available) V3.1: 6.2 MEDIUM V2.0:(not available) |
| CVE-2024-38217 |
Windows Mark of the Web Security Feature Bypass Vulnerability Published: September 10, 2024; 1:15:24 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2024-38014 |
Windows Installer Elevation of Privilege Vulnerability Published: September 10, 2024; 1:15:20 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-38223 |
Windows Initial Machine Configuration Elevation of Privilege Vulnerability Published: August 13, 2024; 2:15:31 PM -0400 |
V4.0:(not available) V3.1: 6.8 MEDIUM V2.0:(not available) |
| CVE-2024-38213 |
Windows Mark of the Web Security Feature Bypass Vulnerability Published: August 13, 2024; 2:15:30 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2024-38199 |
Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability Published: August 13, 2024; 2:15:29 PM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2024-38198 |
Windows Print Spooler Elevation of Privilege Vulnerability Published: August 13, 2024; 2:15:29 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2024-38196 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability Published: August 13, 2024; 2:15:28 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-38193 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Published: August 13, 2024; 2:15:28 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-38180 |
Windows SmartScreen Security Feature Bypass Vulnerability Published: August 13, 2024; 2:15:26 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2024-38178 |
Scripting Engine Memory Corruption Vulnerability Published: August 13, 2024; 2:15:26 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2024-38153 |
Windows Kernel Elevation of Privilege Vulnerability Published: August 13, 2024; 2:15:20 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-38152 |
Windows OLE Remote Code Execution Vulnerability Published: August 13, 2024; 2:15:20 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2024-38151 |
Windows Kernel Information Disclosure Vulnerability Published: August 13, 2024; 2:15:20 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2024-38146 |
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Published: August 13, 2024; 2:15:19 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2024-38145 |
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Published: August 13, 2024; 2:15:18 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2024-38144 |
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Published: August 13, 2024; 2:15:18 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2024-38143 |
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability Published: August 13, 2024; 2:15:18 PM -0400 |
V4.0:(not available) V3.1: 4.2 MEDIUM V2.0:(not available) |