Windows 10 1607
by Microsoft
CVEs (3,413)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-1379 | Med | 0.36 | 5.5 | 0.03 | Aug 17, 2020 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are… | ||
| CVE-2019-1187 | Med | 0.36 | 5.5 | 0.03 | Aug 14, 2019 | A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this… | ||
| CVE-2019-1163 | Med | 0.36 | 5.5 | 0.01 | Aug 14, 2019 | A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. To exploit the vulnerability, an attacker could modify… | ||
| CVE-2019-1158 | Med | 0.36 | 5.5 | 0.02 | Aug 14, 2019 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple ways an… | ||
| CVE-2019-1143 | Med | 0.36 | 5.5 | 0.02 | Aug 14, 2019 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple ways an… | ||
| CVE-2019-1078 | Med | 0.36 | 5.5 | 0.02 | Aug 14, 2019 | An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could… | ||
| CVE-2019-1039 | Med | 0.36 | 5.5 | 0.01 | Jun 12, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could… | ||
| CVE-2018-8445 | Med | 0.36 | 5.5 | 0.03 | Sep 13, 2018 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419,… | ||
| CVE-2026-45595 | Med | 0.35 | 5.4 | 0.00 | Jun 9, 2026 | Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network. | ||
| CVE-2026-35423 | Med | 0.35 | 5.4 | 0.01 | May 12, 2026 | Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2024-21313 | Med | 0.35 | 5.3 | 0.01 | Jan 9, 2024 | Windows TCP/IP Information Disclosure Vulnerability | ||
| CVE-2023-35384 | Med | 0.35 | 5.4 | 0.02 | Aug 8, 2023 | Windows HTML Platforms Security Feature Bypass Vulnerability | ||
| CVE-2023-32013 | Med | 0.35 | 5.3 | 0.02 | Jun 14, 2023 | Windows Hyper-V Denial of Service Vulnerability | ||
| CVE-2023-28226 | Med | 0.35 | 5.3 | 0.01 | Apr 11, 2023 | Windows Enroll Engine Security Feature Bypass Vulnerability | ||
| CVE-2023-21699 | Med | 0.35 | 5.3 | 0.01 | Feb 14, 2023 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | ||
| CVE-2023-21682 | Med | 0.35 | 5.3 | 0.01 | Jan 10, 2023 | Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability | ||
| CVE-2023-21525 | Med | 0.35 | 5.3 | 0.02 | Jan 10, 2023 | Remote Procedure Call Runtime Denial of Service Vulnerability | ||
| CVE-2022-24503 | Med | 0.35 | 5.4 | 0.02 | Mar 9, 2022 | Remote Desktop Protocol Client Information Disclosure Vulnerability | ||
| CVE-2022-21924 | Med | 0.35 | 5.3 | 0.03 | Jan 11, 2022 | Workstation Service Remote Protocol Security Feature Bypass Vulnerability | ||
| CVE-2022-21913 | Med | 0.35 | 5.3 | 0.03 | Jan 11, 2022 | Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass |
- risk 0.36cvss 5.5epss 0.03
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are…
- risk 0.36cvss 5.5epss 0.03
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this…
- risk 0.36cvss 5.5epss 0.01
A security feature bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature. To exploit the vulnerability, an attacker could modify…
- risk 0.36cvss 5.5epss 0.02
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple ways an…
- risk 0.36cvss 5.5epss 0.02
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple ways an…
- risk 0.36cvss 5.5epss 0.02
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could…
- risk 0.36cvss 5.5epss 0.03
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419,…
- risk 0.35cvss 5.4epss 0.00
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.
- risk 0.35cvss 5.4epss 0.01
Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.
- risk 0.35cvss 5.3epss 0.01
Windows TCP/IP Information Disclosure Vulnerability
- risk 0.35cvss 5.4epss 0.02
Windows HTML Platforms Security Feature Bypass Vulnerability
- risk 0.35cvss 5.3epss 0.02
Windows Hyper-V Denial of Service Vulnerability
- risk 0.35cvss 5.3epss 0.01
Windows Enroll Engine Security Feature Bypass Vulnerability
- risk 0.35cvss 5.3epss 0.01
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.01
Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.02
Remote Procedure Call Runtime Denial of Service Vulnerability
- risk 0.35cvss 5.4epss 0.02
Remote Desktop Protocol Client Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.03
Workstation Service Remote Protocol Security Feature Bypass Vulnerability
- risk 0.35cvss 5.3epss 0.03
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass
Page 104 of 171