Windows 10 1607
by Microsoft
CVEs (3,413)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-32209 | Med | 0.29 | 4.4 | 0.00 | May 12, 2026 | Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally. | ||
| CVE-2026-27906 | Med | 0.29 | 4.4 | 0.00 | Apr 14, 2026 | Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally. | ||
| CVE-2021-40444 | 0.29 | — | 0.97 | KEV | Sep 15, 2021 | Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker… | ||
| CVE-2021-34527 | 0.29 | — | 1.00 | KEV | Jul 2, 2021 | A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install… | ||
| CVE-2021-1675 | 0.29 | — | 0.86 | KEV | Jun 8, 2021 | Windows Print Spooler Remote Code Execution Vulnerability | ||
| CVE-2022-30190 | 0.28 | — | 0.99 | KEV | Jun 1, 2022 | A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then… | ||
| CVE-2021-40449 | 0.28 | — | 0.73 | KEV | Oct 13, 2021 | Win32k Elevation of Privilege Vulnerability | ||
| CVE-2021-1732 | 0.28 | — | 0.78 | KEV | Feb 25, 2021 | Windows Win32k Elevation of Privilege Vulnerability | ||
| CVE-2024-21338 | 0.27 | — | 0.52 | KEV | Feb 13, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2022-21999 | 0.27 | — | 0.42 | KEV | Feb 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2024-21412 | 0.26 | — | 0.95 | KEV | Feb 13, 2024 | Internet Shortcut Files Security Feature Bypass Vulnerability | ||
| CVE-2023-28252 | 0.26 | — | 0.49 | KEV | Apr 11, 2023 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2026-45642 | Low | 0.25 | 3.9 | 0.00 | Jun 9, 2026 | Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack. | ||
| CVE-2025-26633 | 0.25 | — | 0.32 | KEV | Mar 11, 2025 | Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. | ||
| CVE-2024-30088 | 0.25 | — | 0.68 | KEV | Jun 11, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2023-36884 | 0.25 | — | 0.99 | KEV | Jul 11, 2023 | Windows Search Remote Code Execution Vulnerability | ||
| CVE-2023-24880 | 0.24 | — | 0.78 | KEV | Mar 14, 2023 | Windows SmartScreen Security Feature Bypass Vulnerability | ||
| CVE-2024-49039 | 0.23 | — | 0.14 | KEV | Nov 12, 2024 | Windows Task Scheduler Elevation of Privilege Vulnerability | ||
| CVE-2022-44698 | 0.23 | — | 0.76 | KEV | Dec 13, 2022 | Windows SmartScreen Security Feature Bypass Vulnerability | ||
| CVE-2024-49138 | 0.22 | — | 0.25 | KEV | Dec 10, 2024 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
- risk 0.29cvss 4.4epss 0.00
Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.
- risk 0.29cvss 4.4epss 0.00
Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally.
- risk 0.29cvss —epss 0.97
Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker…
- risk 0.29cvss —epss 1.00
A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install…
- risk 0.29cvss —epss 0.86
Windows Print Spooler Remote Code Execution Vulnerability
- risk 0.28cvss —epss 0.99
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then…
- risk 0.28cvss —epss 0.73
Win32k Elevation of Privilege Vulnerability
- risk 0.28cvss —epss 0.78
Windows Win32k Elevation of Privilege Vulnerability
- risk 0.27cvss —epss 0.52
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.27cvss —epss 0.42
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.26cvss —epss 0.95
Internet Shortcut Files Security Feature Bypass Vulnerability
- risk 0.26cvss —epss 0.49
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.25cvss 3.9epss 0.00
Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack.
- risk 0.25cvss —epss 0.32
Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
- risk 0.25cvss —epss 0.68
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.25cvss —epss 0.99
Windows Search Remote Code Execution Vulnerability
- risk 0.24cvss —epss 0.78
Windows SmartScreen Security Feature Bypass Vulnerability
- risk 0.23cvss —epss 0.14
Windows Task Scheduler Elevation of Privilege Vulnerability
- risk 0.23cvss —epss 0.76
Windows SmartScreen Security Feature Bypass Vulnerability
- risk 0.22cvss —epss 0.25
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Page 16 of 171