Windows 10 1607
by Microsoft
CVEs (3,413)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-50154 | 0.05 | — | 0.26 | Aug 12, 2025 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2024-43532 | 0.05 | — | 0.12 | Oct 8, 2024 | Remote Registry Service Elevation of Privilege Vulnerability | |||
| CVE-2024-38030 | 0.05 | — | 0.51 | Jul 9, 2024 | Windows Themes Spoofing Vulnerability | |||
| CVE-2025-47987 | 0.04 | — | 0.02 | Jul 8, 2025 | Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-32724 | 0.04 | — | 0.02 | Jun 10, 2025 | Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | |||
| CVE-2024-30038 | 0.04 | — | 0.03 | May 14, 2024 | Win32k Elevation of Privilege Vulnerability | |||
| CVE-2024-26230 | 0.04 | — | 0.24 | Apr 9, 2024 | Windows Telephony Server Elevation of Privilege Vulnerability | |||
| CVE-2026-21244 | 0.03 | — | 0.01 | Feb 10, 2026 | Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. | |||
| CVE-2026-21248 | 0.03 | — | 0.01 | Feb 10, 2026 | Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. | |||
| CVE-2025-59254 | 0.03 | — | 0.01 | Oct 14, 2025 | Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-53722 | 0.03 | — | 0.17 | Aug 12, 2025 | Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-50172 | 0.03 | — | 0.01 | Aug 12, 2025 | Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a network. | |||
| CVE-2025-49744 | 0.03 | — | 0.01 | Jul 8, 2025 | Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49730 | 0.03 | — | 0.01 | Jul 8, 2025 | Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49683 | 0.03 | — | 0.02 | Jul 8, 2025 | Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-21420 | 0.03 | — | 0.03 | Feb 11, 2025 | Windows Disk Cleanup Tool Elevation of Privilege Vulnerability | |||
| CVE-2025-21285 | 0.03 | — | 0.55 | Jan 14, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||
| CVE-2024-38054 | 0.03 | — | 0.10 | Jul 9, 2024 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-29050 | 0.03 | — | 0.01 | Apr 9, 2024 | Windows Cryptographic Services Remote Code Execution Vulnerability | |||
| CVE-2015-6102 | 0.03 | — | 0.04 | Nov 11, 2015 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and… |
- CVE-2025-50154Aug 12, 2025risk 0.05cvss —epss 0.26
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
- CVE-2024-43532Oct 8, 2024risk 0.05cvss —epss 0.12
Remote Registry Service Elevation of Privilege Vulnerability
- CVE-2024-38030Jul 9, 2024risk 0.05cvss —epss 0.51
Windows Themes Spoofing Vulnerability
- CVE-2025-47987Jul 8, 2025risk 0.04cvss —epss 0.02
Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
- CVE-2025-32724Jun 10, 2025risk 0.04cvss —epss 0.02
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
- CVE-2024-30038May 14, 2024risk 0.04cvss —epss 0.03
Win32k Elevation of Privilege Vulnerability
- CVE-2024-26230Apr 9, 2024risk 0.04cvss —epss 0.24
Windows Telephony Server Elevation of Privilege Vulnerability
- CVE-2026-21244Feb 10, 2026risk 0.03cvss —epss 0.01
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
- CVE-2026-21248Feb 10, 2026risk 0.03cvss —epss 0.01
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
- CVE-2025-59254Oct 14, 2025risk 0.03cvss —epss 0.01
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2025-53722Aug 12, 2025risk 0.03cvss —epss 0.17
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network.
- CVE-2025-50172Aug 12, 2025risk 0.03cvss —epss 0.01
Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a network.
- CVE-2025-49744Jul 8, 2025risk 0.03cvss —epss 0.01
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
- CVE-2025-49730Jul 8, 2025risk 0.03cvss —epss 0.01
Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.
- CVE-2025-49683Jul 8, 2025risk 0.03cvss —epss 0.02
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.
- CVE-2025-21420Feb 11, 2025risk 0.03cvss —epss 0.03
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
- CVE-2025-21285Jan 14, 2025risk 0.03cvss —epss 0.55
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2024-38054Jul 9, 2024risk 0.03cvss —epss 0.10
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2024-29050Apr 9, 2024risk 0.03cvss —epss 0.01
Windows Cryptographic Services Remote Code Execution Vulnerability
- CVE-2015-6102Nov 11, 2015risk 0.03cvss —epss 0.04
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and…
Page 112 of 171