Windows 10 1607
by Microsoft
CVEs (3,413)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-41091 | 0.19 | — | 0.02 | KEV | Nov 9, 2022 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2022-24521 | 0.19 | — | 0.07 | KEV | Apr 15, 2022 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2022-21971 | 0.19 | — | 0.54 | KEV | Feb 9, 2022 | Windows Runtime Remote Code Execution Vulnerability | ||
| CVE-2021-31956 | 0.19 | — | 0.20 | KEV | Jun 8, 2021 | Windows NTFS Elevation of Privilege Vulnerability | ||
| CVE-2019-1064 | 0.19 | — | 0.07 | KEV | Jun 12, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view,… | ||
| CVE-2025-29824 | 0.18 | — | 0.18 | KEV | Apr 8, 2025 | Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2023-36802 | 0.18 | — | 0.26 | KEV | Sep 12, 2023 | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability | ||
| CVE-2022-41073 | 0.18 | — | 0.02 | KEV | Nov 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2021-41379 | 0.18 | — | 0.20 | KEV | Nov 10, 2021 | Windows Installer Elevation of Privilege Vulnerability | ||
| CVE-2021-33742 | 0.18 | — | 0.59 | KEV | Jun 8, 2021 | Windows MSHTML Platform Remote Code Execution Vulnerability | ||
| CVE-2025-30397 | 0.17 | — | 0.22 | KEV | May 13, 2025 | Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network. | ||
| CVE-2024-38213 | 0.17 | — | 0.13 | KEV | Aug 13, 2024 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2024-29988 | 0.17 | — | 0.45 | KEV | Apr 9, 2024 | SmartScreen Prompt Security Feature Bypass Vulnerability | ||
| CVE-2022-26904 | 0.17 | — | 0.10 | KEV | Apr 15, 2022 | Windows User Profile Service Elevation of Privilege Vulnerability | ||
| CVE-2025-24054 | 0.16 | — | 0.59 | KEV | Mar 11, 2025 | External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2024-43572 | 0.16 | — | 0.61 | KEV | Oct 8, 2024 | Microsoft Management Console Remote Code Execution Vulnerability | ||
| CVE-2021-28310 | 0.16 | — | 0.08 | KEV | Apr 13, 2021 | Win32k Elevation of Privilege Vulnerability | ||
| CVE-2025-62215 | 0.15 | — | 0.06 | KEV | Nov 11, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||
| CVE-2023-32046 | 0.15 | — | 0.09 | KEV | Jul 11, 2023 | Windows MSHTML Platform Elevation of Privilege Vulnerability | ||
| CVE-2022-41128 | 0.15 | — | 0.25 | KEV | Nov 9, 2022 | Windows Scripting Languages Remote Code Execution Vulnerability |
- risk 0.19cvss —epss 0.02
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.19cvss —epss 0.07
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.54
Windows Runtime Remote Code Execution Vulnerability
- risk 0.19cvss —epss 0.20
Windows NTFS Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.07
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view,…
- risk 0.18cvss —epss 0.18
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- risk 0.18cvss —epss 0.26
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
- risk 0.18cvss —epss 0.02
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.18cvss —epss 0.20
Windows Installer Elevation of Privilege Vulnerability
- risk 0.18cvss —epss 0.59
Windows MSHTML Platform Remote Code Execution Vulnerability
- risk 0.17cvss —epss 0.22
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
- risk 0.17cvss —epss 0.13
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.17cvss —epss 0.45
SmartScreen Prompt Security Feature Bypass Vulnerability
- risk 0.17cvss —epss 0.10
Windows User Profile Service Elevation of Privilege Vulnerability
- risk 0.16cvss —epss 0.59
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
- risk 0.16cvss —epss 0.61
Microsoft Management Console Remote Code Execution Vulnerability
- risk 0.16cvss —epss 0.08
Win32k Elevation of Privilege Vulnerability
- risk 0.15cvss —epss 0.06
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.
- risk 0.15cvss —epss 0.09
Windows MSHTML Platform Elevation of Privilege Vulnerability
- risk 0.15cvss —epss 0.25
Windows Scripting Languages Remote Code Execution Vulnerability
Page 18 of 171