VYPR

Windows 10 1607

by Microsoft

CVEs (3,413)

  • CVE-2025-54894Sep 9, 2025
    risk 0.00cvss epss 0.00

    Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

  • CVE-2025-54111Sep 9, 2025
    risk 0.00cvss epss 0.00

    Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally.

  • CVE-2025-54110Sep 9, 2025
    risk 0.00cvss epss 0.04

    Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2025-54102Sep 9, 2025
    risk 0.00cvss epss 0.00

    Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

  • CVE-2025-54101Sep 9, 2025
    risk 0.00cvss epss 0.02

    Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network.

  • CVE-2025-54099Sep 9, 2025
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2025-49734Sep 9, 2025
    risk 0.00cvss epss 0.00

    Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.

  • CVE-2025-55229Aug 21, 2025
    risk 0.00cvss epss 0.00

    Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-55230Aug 21, 2025
    risk 0.00cvss epss 0.00

    Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

  • CVE-2025-48807Aug 12, 2025
    risk 0.00cvss epss 0.00

    Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally.

  • CVE-2025-53789Aug 12, 2025
    risk 0.00cvss epss 0.00

    Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53778Aug 12, 2025
    risk 0.00cvss epss 0.36

    Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

  • CVE-2025-50155Aug 12, 2025
    risk 0.00cvss epss 0.00

    Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53726Aug 12, 2025
    risk 0.00cvss epss 0.00

    Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53725Aug 12, 2025
    risk 0.00cvss epss 0.00

    Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53724Aug 12, 2025
    risk 0.00cvss epss 0.00

    Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53723Aug 12, 2025
    risk 0.00cvss epss 0.00

    Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53721Aug 12, 2025
    risk 0.00cvss epss 0.00

    Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53718Aug 12, 2025
    risk 0.00cvss epss 0.00

    Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2025-53716Aug 12, 2025
    risk 0.00cvss epss 0.01

    Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.

Page 65 of 171