Windows 10 1607
by Microsoft
CVEs (3,413)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-30400 | 0.12 | — | 0.02 | KEV | May 13, 2025 | Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-24993 | 0.12 | — | 0.02 | KEV | Mar 11, 2025 | Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-24991 | 0.12 | — | 0.02 | KEV | Mar 11, 2025 | Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | ||
| CVE-2025-24985 | 0.12 | — | 0.04 | KEV | Mar 11, 2025 | Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-24984 | 0.12 | — | 0.02 | KEV | Mar 11, 2025 | Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. | ||
| CVE-2025-24983 | 0.12 | — | 0.01 | KEV | Mar 11, 2025 | Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-21391 | 0.12 | — | 0.02 | KEV | Feb 11, 2025 | Windows Storage Elevation of Privilege Vulnerability | ||
| CVE-2025-21334 | 0.12 | — | 0.02 | KEV | Jan 14, 2025 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | ||
| CVE-2024-38107 | 0.12 | — | 0.02 | KEV | Aug 13, 2024 | Windows Power Dependency Coordinator Elevation of Privilege Vulnerability | ||
| CVE-2024-38106 | 0.12 | — | 0.06 | KEV | Aug 13, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2025-24071 | 0.09 | — | 0.25 | Mar 11, 2025 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2025-21293 | 0.09 | — | 0.18 | Jan 14, 2025 | Active Directory Domain Services Elevation of Privilege Vulnerability | |||
| CVE-2024-30085 | 0.08 | — | 0.15 | Jun 11, 2024 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-49113 | 0.07 | — | 0.84 | Dec 10, 2024 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | |||
| CVE-2024-49112 | 0.07 | — | 0.71 | Dec 10, 2024 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||
| CVE-2024-38063 | 0.07 | — | 0.71 | Aug 13, 2024 | Windows TCP/IP Remote Code Execution Vulnerability | |||
| CVE-2024-26229 | 0.07 | — | 0.09 | Apr 9, 2024 | Windows CSC Service Elevation of Privilege Vulnerability | |||
| CVE-2025-21298 | 0.06 | — | 0.81 | Jan 14, 2025 | Windows OLE Remote Code Execution Vulnerability | |||
| CVE-2024-38144 | 0.06 | — | 0.32 | Aug 13, 2024 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | |||
| CVE-2015-6103 | 0.06 | — | 0.35 | Nov 11, 2015 | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via… |
- risk 0.12cvss —epss 0.02
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
- risk 0.12cvss —epss 0.02
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
- risk 0.12cvss —epss 0.02
Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
- risk 0.12cvss —epss 0.04
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
- risk 0.12cvss —epss 0.02
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
- risk 0.12cvss —epss 0.01
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
- risk 0.12cvss —epss 0.02
Windows Storage Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.02
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.02
Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.06
Windows Kernel Elevation of Privilege Vulnerability
- CVE-2025-24071Mar 11, 2025risk 0.09cvss —epss 0.25
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
- CVE-2025-21293Jan 14, 2025risk 0.09cvss —epss 0.18
Active Directory Domain Services Elevation of Privilege Vulnerability
- CVE-2024-30085Jun 11, 2024risk 0.08cvss —epss 0.15
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
- CVE-2024-49113Dec 10, 2024risk 0.07cvss —epss 0.84
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
- CVE-2024-49112Dec 10, 2024risk 0.07cvss —epss 0.71
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
- CVE-2024-38063Aug 13, 2024risk 0.07cvss —epss 0.71
Windows TCP/IP Remote Code Execution Vulnerability
- CVE-2024-26229Apr 9, 2024risk 0.07cvss —epss 0.09
Windows CSC Service Elevation of Privilege Vulnerability
- CVE-2025-21298Jan 14, 2025risk 0.06cvss —epss 0.81
Windows OLE Remote Code Execution Vulnerability
- CVE-2024-38144Aug 13, 2024risk 0.06cvss —epss 0.32
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2015-6103Nov 11, 2015risk 0.06cvss —epss 0.35
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via…
Page 111 of 171