Windows 10 1607
by Microsoft
CVEs (3,413)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-38144 | 0.06 | — | 0.32 | Aug 13, 2024 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | |||
| CVE-2023-21752 | 0.06 | — | 0.05 | Jan 10, 2023 | Windows Backup Service Elevation of Privilege Vulnerability | |||
| CVE-2021-1678 | 0.06 | — | 0.09 | Jan 12, 2021 | Windows Print Spooler Spoofing Vulnerability | |||
| CVE-2019-1181 | 0.06 | — | 0.75 | Aug 14, 2019 | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and… | |||
| CVE-2019-1152 | 0.06 | — | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-1144 | 0.06 | — | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-1145 | 0.06 | — | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-1149 | 0.06 | — | 0.14 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-0948 | 0.06 | — | 0.13 | Jun 12, 2019 | An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external… | |||
| CVE-2015-6103 | 0.06 | — | 0.35 | Nov 11, 2015 | The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via… | |||
| CVE-2025-50154 | 0.05 | — | 0.26 | Aug 12, 2025 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2024-43532 | 0.05 | — | 0.12 | Oct 8, 2024 | Remote Registry Service Elevation of Privilege Vulnerability | |||
| CVE-2024-38030 | 0.05 | — | 0.51 | Jul 9, 2024 | Windows Themes Spoofing Vulnerability | |||
| CVE-2024-21320 | 0.05 | — | 0.23 | Jan 9, 2024 | Windows Themes Spoofing Vulnerability | |||
| CVE-2022-30216 | 0.05 | — | 0.88 | Jul 12, 2022 | Windows Server Service Tampering Vulnerability | |||
| CVE-2019-1125 | 0.05 | — | 0.05 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would… | |||
| CVE-2019-1151 | 0.05 | — | 0.15 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-1150 | 0.05 | — | 0.29 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-0888 | 0.05 | — | 0.11 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that… | |||
| CVE-2025-47987 | 0.04 | — | 0.02 | Jul 8, 2025 | Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. |
- CVE-2024-38144Aug 13, 2024risk 0.06cvss —epss 0.32
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2023-21752Jan 10, 2023risk 0.06cvss —epss 0.05
Windows Backup Service Elevation of Privilege Vulnerability
- CVE-2021-1678Jan 12, 2021risk 0.06cvss —epss 0.09
Windows Print Spooler Spoofing Vulnerability
- CVE-2019-1181Aug 14, 2019risk 0.06cvss —epss 0.75
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and…
- CVE-2019-1152Aug 14, 2019risk 0.06cvss —epss 0.13
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-1144Aug 14, 2019risk 0.06cvss —epss 0.13
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-1145Aug 14, 2019risk 0.06cvss —epss 0.13
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-1149Aug 14, 2019risk 0.06cvss —epss 0.14
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-0948Jun 12, 2019risk 0.06cvss —epss 0.13
An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external…
- CVE-2015-6103Nov 11, 2015risk 0.06cvss —epss 0.35
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via…
- CVE-2025-50154Aug 12, 2025risk 0.05cvss —epss 0.26
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
- CVE-2024-43532Oct 8, 2024risk 0.05cvss —epss 0.12
Remote Registry Service Elevation of Privilege Vulnerability
- CVE-2024-38030Jul 9, 2024risk 0.05cvss —epss 0.51
Windows Themes Spoofing Vulnerability
- CVE-2024-21320Jan 9, 2024risk 0.05cvss —epss 0.23
Windows Themes Spoofing Vulnerability
- CVE-2022-30216Jul 12, 2022risk 0.05cvss —epss 0.88
Windows Server Service Tampering Vulnerability
- CVE-2019-1125Sep 3, 2019risk 0.05cvss —epss 0.05
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would…
- CVE-2019-1151Aug 14, 2019risk 0.05cvss —epss 0.15
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-1150Aug 14, 2019risk 0.05cvss —epss 0.29
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-0888Jun 12, 2019risk 0.05cvss —epss 0.11
A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that…
- CVE-2025-47987Jul 8, 2025risk 0.04cvss —epss 0.02
Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
Page 23 of 171