📦 Windows 10 20h2
by Microsoft
🔍 What is Windows 10 20h2?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2022-35744 is a critical remote code execution vulnerability in Windows Point-to-Point Protocol (PPP) that allows unauthenticated attackers to execute arbitrary code on affected systems. This affe...
This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General Multicast) protocol packets. It affects Windows sys...
This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General Multicast) packets. It affects Windows systems with...
This vulnerability allows remote attackers to execute arbitrary code on systems running Microsoft Message Queuing (MSMQ) by sending specially crafted packets. It affects Windows servers and workstatio...
This critical vulnerability allows remote attackers to execute arbitrary code on affected systems by sending specially crafted ICMP packets. It affects Windows systems with specific network configurat...
This is a critical Remote Procedure Call Runtime vulnerability that allows unauthenticated attackers to execute arbitrary code remotely on affected Windows systems. It affects Windows servers and work...
This vulnerability allows remote attackers to execute arbitrary code on systems running Microsoft's Protected Extensible Authentication Protocol (PEAP) without authentication. It affects Windows syste...
This critical vulnerability in Microsoft's Protected Extensible Authentication Protocol (PEAP) allows remote attackers to execute arbitrary code on affected systems without authentication. It affects ...
CVE-2021-31166 is a critical remote code execution vulnerability in the Microsoft HTTP Protocol Stack (http.sys) that allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges ...
This vulnerability allows attackers to gain SYSTEM-level privileges on Windows systems by exploiting the Print Spooler service. It affects Windows servers and workstations where the Print Spooler serv...
This vulnerability in the Windows Cloud Files Mini Filter Driver allows attackers to gain SYSTEM-level privileges on affected Windows systems. It affects Windows 10, 11, and Server versions where the ...
This vulnerability allows remote code execution through the Microsoft Windows Support Diagnostic Tool (MSDT) when processing specially crafted files. Attackers can exploit this by tricking users into ...
CVE-2022-35746 is an elevation of privilege vulnerability in Windows Digital Media Receiver that allows authenticated attackers to execute arbitrary code with SYSTEM privileges. This affects Windows s...
CVE-2022-35750 is a Win32k elevation of privilege vulnerability in Windows that allows an authenticated attacker to gain SYSTEM-level privileges on a compromised system. This affects Windows operating...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems by exploiting a flaw in the Secure Socket Tunneling Protocol (SSTP) service. Attackers could gain SYSTEM-level p...
This vulnerability allows an attacker with local access to exploit a heap-based buffer overflow in Windows Bluetooth drivers to execute arbitrary code with SYSTEM privileges. It affects Windows system...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems running LDAP services by sending specially crafted requests. It affects Windows servers with LDAP enabled, parti...
This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by exploiting a use-after-free flaw in OLE (Object Linking and Embedding) technology. Attackers can cra...
CVE-2023-29335 is a security feature bypass vulnerability in Microsoft Word that allows attackers to circumvent security protections and potentially execute malicious code. This affects users of Micro...
This vulnerability in Windows NFS Portmapper allows attackers to disclose sensitive information from memory. It affects Windows systems running NFS services, potentially exposing internal network deta...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems running vulnerable versions of the Secure Socket Tunneling Protocol (SSTP) service. Attackers can exploit this w...
This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable Remote Desktop Client software. Attackers can exploit this by tricking users into connecting to a mal...
CVE-2023-24939 is a denial-of-service vulnerability in Microsoft's Server for NFS (Network File System) that allows attackers to crash the service by sending specially crafted requests. This affects W...
This vulnerability in Windows Backup Service allows authenticated attackers to gain SYSTEM-level privileges on affected systems. It affects Windows servers and workstations where the backup service is...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems by exploiting a flaw in the Point-to-Point Tunneling Protocol (PPTP) implementation. Attackers could gain SYSTEM...
This Windows kernel vulnerability allows local attackers to escalate privileges from a lower-privileged account to SYSTEM-level access. It affects Windows 10, 11, and Server versions. Attackers need i...
This vulnerability in Windows Remote Procedure Call Service allows an authenticated attacker to execute code with SYSTEM privileges by exploiting a use-after-free condition. It affects Windows systems...
This vulnerability in Microsoft Message Queuing (MSMQ) allows attackers to cause a denial of service by sending specially crafted packets to the service. Systems running MSMQ with the service enabled ...
CVE-2023-28272 is a Windows kernel elevation of privilege vulnerability that allows authenticated attackers to execute arbitrary code with SYSTEM privileges. This affects Windows operating systems whe...
This vulnerability allows an attacker to gain SYSTEM-level privileges on Windows systems by exploiting a flaw in the Win32k driver. It affects Windows operating systems where an attacker already has l...
This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted packets to the Internet Key Exchange (IKE) protocol service. It affects Wi...
This vulnerability in Windows Secure Socket Tunneling Protocol (SSTP) allows attackers to cause a denial of service by sending specially crafted packets. It affects Windows systems with SSTP enabled, ...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems via specially crafted Bluetooth packets. Attackers can exploit this without authentication when Bluetooth is ena...
This vulnerability in Windows CNG Key Isolation Service allows attackers to elevate privileges from a low-privileged user account to SYSTEM level. It affects Windows systems where the CNG service is r...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems by exploiting a flaw in the Point-to-Point Tunneling Protocol (PPTP) implementation. Attackers could gain SYSTEM...
This vulnerability allows an authenticated attacker to execute arbitrary code with kernel privileges on Windows systems. It enables local privilege escalation from a lower-privileged account to SYSTEM...
This vulnerability allows an authenticated attacker to exploit a flaw in Windows Advanced Local Procedure Call (ALPC) to elevate privileges on a local system. It affects Windows operating systems and ...
This vulnerability in the Windows Ancillary Function Driver for WinSock allows attackers to escalate privileges from a low-privileged user account to SYSTEM level. It affects Windows operating systems...
This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable Layer 2 Tunneling Protocol (L2TP) implementations. Attackers can exploit this without authentication ...
This Windows kernel vulnerability allows attackers to elevate privileges from user mode to kernel mode, potentially gaining SYSTEM-level access. It affects Windows operating systems and requires an at...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems by exploiting a flaw in the Point-to-Point Protocol over Ethernet (PPPoE) component. Attackers could gain SYSTEM...
This vulnerability allows remote attackers to execute arbitrary code on systems using Microsoft PostScript and PCL6 Class Printer Drivers. Attackers can exploit this by sending specially crafted print...
This vulnerability allows remote attackers to execute arbitrary code on systems using Microsoft PostScript and PCL6 Class Printer Drivers. Attackers can exploit this by sending specially crafted print...
This vulnerability allows remote attackers to execute arbitrary code on systems using vulnerable Microsoft PostScript and PCL6 Class Printer Drivers. Attackers can exploit this by sending specially cr...
This vulnerability allows remote attackers to execute arbitrary code on systems using vulnerable Microsoft PostScript and PCL6 printer drivers. Attackers can exploit this by sending specially crafted ...
This vulnerability allows remote attackers to execute arbitrary code on systems using vulnerable Microsoft PostScript and PCL6 Class Printer Drivers. Attackers can exploit this by sending specially cr...
This vulnerability in Microsoft Message Queuing (MSMQ) allows an unauthenticated attacker to send specially crafted packets to an MSMQ server, causing it to crash and resulting in a denial of service....
This vulnerability allows remote attackers to execute arbitrary code on systems using vulnerable Microsoft PostScript and PCL6 printer drivers. Attackers can exploit this by sending specially crafted ...
This vulnerability allows remote attackers to execute arbitrary code on affected systems by exploiting integer overflow in Microsoft PostScript and PCL6 Class Printer Drivers. It affects Windows syste...