Windows 10 1607
by Microsoft
CVEs (3,413)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-17042 | 0.02 | — | 0.05 | Nov 11, 2020 | Windows Print Spooler Remote Code Execution Vulnerability | |||
| CVE-2020-16939 | 0.02 | — | 0.02 | Oct 16, 2020 | An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the… | |||
| CVE-2020-1256 | 0.02 | — | 0.05 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are… | |||
| CVE-2020-1097 | 0.02 | — | 0.05 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple… | |||
| CVE-2020-1091 | 0.02 | — | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple… | |||
| CVE-2020-1013 | 0.02 | — | 0.06 | Sep 11, 2020 | An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine. To… | |||
| CVE-2020-0875 | 0.02 | — | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system (low-integrity to medium-integrity). This… | |||
| CVE-2020-1577 | 0.02 | — | 0.07 | Aug 17, 2020 | An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could… | |||
| CVE-2020-1512 | 0.02 | — | 0.04 | Aug 17, 2020 | An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An attacker could exploit… | |||
| CVE-2020-1487 | 0.02 | — | 0.04 | Aug 17, 2020 | An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker… | |||
| CVE-2020-1379 | 0.02 | — | 0.03 | Aug 17, 2020 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are… | |||
| CVE-2019-1182 | 0.02 | — | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and… | |||
| CVE-2015-2435 | 0.02 | — | 0.22 | Aug 15, 2015 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1,… | |||
| CVE-2025-53143 | 0.01 | — | 0.01 | Aug 12, 2025 | Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. | |||
| CVE-2025-47984 | 0.01 | — | 0.14 | Jul 8, 2025 | Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2025-33057 | 0.01 | — | 0.01 | Jun 10, 2025 | Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network. | |||
| CVE-2025-27469 | 0.01 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-26673 | 0.01 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-26641 | 0.01 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-21181 | 0.01 | — | 0.03 | Feb 11, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability |
- CVE-2020-17042Nov 11, 2020risk 0.02cvss —epss 0.05
Windows Print Spooler Remote Code Execution Vulnerability
- CVE-2020-16939Oct 16, 2020risk 0.02cvss —epss 0.02
An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the…
- CVE-2020-1256Sep 11, 2020risk 0.02cvss —epss 0.05
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are…
- CVE-2020-1097Sep 11, 2020risk 0.02cvss —epss 0.05
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple…
- CVE-2020-1091Sep 11, 2020risk 0.02cvss —epss 0.04
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple…
- CVE-2020-1013Sep 11, 2020risk 0.02cvss —epss 0.06
An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine. To…
- CVE-2020-0875Sep 11, 2020risk 0.02cvss —epss 0.04
An information disclosure vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system (low-integrity to medium-integrity). This…
- CVE-2020-1577Aug 17, 2020risk 0.02cvss —epss 0.07
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could…
- CVE-2020-1512Aug 17, 2020risk 0.02cvss —epss 0.04
An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An attacker could exploit…
- CVE-2020-1487Aug 17, 2020risk 0.02cvss —epss 0.04
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker…
- CVE-2020-1379Aug 17, 2020risk 0.02cvss —epss 0.03
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are…
- CVE-2019-1182Aug 14, 2019risk 0.02cvss —epss 0.13
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and…
- CVE-2015-2435Aug 15, 2015risk 0.02cvss —epss 0.22
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1,…
- CVE-2025-53143Aug 12, 2025risk 0.01cvss —epss 0.01
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.
- CVE-2025-47984Jul 8, 2025risk 0.01cvss —epss 0.14
Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.
- CVE-2025-33057Jun 10, 2025risk 0.01cvss —epss 0.01
Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.
- CVE-2025-27469Apr 8, 2025risk 0.01cvss —epss 0.02
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.
- CVE-2025-26673Apr 8, 2025risk 0.01cvss —epss 0.02
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.
- CVE-2025-26641Apr 8, 2025risk 0.01cvss —epss 0.02
Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.
- CVE-2025-21181Feb 11, 2025risk 0.01cvss —epss 0.03
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Page 30 of 171