Windows 10 1607
by Microsoft
CVEs (3,413)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49730 | 0.03 | — | 0.01 | Jul 8, 2025 | Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-49683 | 0.03 | — | 0.02 | Jul 8, 2025 | Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-21420 | 0.03 | — | 0.03 | Feb 11, 2025 | Windows Disk Cleanup Tool Elevation of Privilege Vulnerability | |||
| CVE-2025-21285 | 0.03 | — | 0.55 | Jan 14, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||
| CVE-2024-38054 | 0.03 | — | 0.10 | Jul 9, 2024 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-29050 | 0.03 | — | 0.01 | Apr 9, 2024 | Windows Cryptographic Services Remote Code Execution Vulnerability | |||
| CVE-2023-36003 | 0.03 | — | 0.03 | Dec 12, 2023 | XAML Diagnostics Elevation of Privilege Vulnerability | |||
| CVE-2023-28302 | 0.03 | — | 0.94 | Apr 11, 2023 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||
| CVE-2023-21683 | 0.03 | — | 0.02 | Jan 10, 2023 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | |||
| CVE-2023-21758 | 0.03 | — | 0.92 | Jan 10, 2023 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | |||
| CVE-2022-41076 | 0.03 | — | 0.62 | Dec 13, 2022 | PowerShell Remote Code Execution Vulnerability | |||
| CVE-2022-22025 | 0.03 | — | 0.32 | Jul 12, 2022 | Windows Internet Information Services Cachuri Module Denial of Service Vulnerability | |||
| CVE-2022-24497 | 0.03 | — | 0.35 | Apr 15, 2022 | Windows Network File System Remote Code Execution Vulnerability | |||
| CVE-2022-24491 | 0.03 | — | 0.34 | Apr 15, 2022 | Windows Network File System Remote Code Execution Vulnerability | |||
| CVE-2022-21894 | 0.03 | — | 0.07 | Jan 11, 2022 | Secure Boot Security Feature Bypass Vulnerability | |||
| CVE-2021-38666 | 0.03 | — | 0.13 | Nov 10, 2021 | Remote Desktop Client Remote Code Execution Vulnerability | |||
| CVE-2021-1645 | 0.03 | — | 0.07 | Jan 12, 2021 | Windows Docker Information Disclosure Vulnerability | |||
| CVE-2020-1074 | 0.03 | — | 0.53 | Sep 11, 2020 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this… | |||
| CVE-2019-1153 | 0.03 | — | 0.03 | Aug 14, 2019 | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this… | |||
| CVE-2019-1148 | 0.03 | — | 0.03 | Aug 14, 2019 | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this… |
- CVE-2025-49730Jul 8, 2025risk 0.03cvss —epss 0.01
Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.
- CVE-2025-49683Jul 8, 2025risk 0.03cvss —epss 0.02
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.
- CVE-2025-21420Feb 11, 2025risk 0.03cvss —epss 0.03
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
- CVE-2025-21285Jan 14, 2025risk 0.03cvss —epss 0.55
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2024-38054Jul 9, 2024risk 0.03cvss —epss 0.10
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2024-29050Apr 9, 2024risk 0.03cvss —epss 0.01
Windows Cryptographic Services Remote Code Execution Vulnerability
- CVE-2023-36003Dec 12, 2023risk 0.03cvss —epss 0.03
XAML Diagnostics Elevation of Privilege Vulnerability
- CVE-2023-28302Apr 11, 2023risk 0.03cvss —epss 0.94
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2023-21683Jan 10, 2023risk 0.03cvss —epss 0.02
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
- CVE-2023-21758Jan 10, 2023risk 0.03cvss —epss 0.92
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
- CVE-2022-41076Dec 13, 2022risk 0.03cvss —epss 0.62
PowerShell Remote Code Execution Vulnerability
- CVE-2022-22025Jul 12, 2022risk 0.03cvss —epss 0.32
Windows Internet Information Services Cachuri Module Denial of Service Vulnerability
- CVE-2022-24497Apr 15, 2022risk 0.03cvss —epss 0.35
Windows Network File System Remote Code Execution Vulnerability
- CVE-2022-24491Apr 15, 2022risk 0.03cvss —epss 0.34
Windows Network File System Remote Code Execution Vulnerability
- CVE-2022-21894Jan 11, 2022risk 0.03cvss —epss 0.07
Secure Boot Security Feature Bypass Vulnerability
- CVE-2021-38666Nov 10, 2021risk 0.03cvss —epss 0.13
Remote Desktop Client Remote Code Execution Vulnerability
- CVE-2021-1645Jan 12, 2021risk 0.03cvss —epss 0.07
Windows Docker Information Disclosure Vulnerability
- CVE-2020-1074Sep 11, 2020risk 0.03cvss —epss 0.53
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this…
- CVE-2019-1153Aug 14, 2019risk 0.03cvss —epss 0.03
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this…
- CVE-2019-1148Aug 14, 2019risk 0.03cvss —epss 0.03
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this…
Page 25 of 171