VYPR

Windows 10 1607

by Microsoft

CVEs (3,413)

  • CVE-2026-26160HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

  • CVE-2026-26159HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

  • CVE-2026-26156HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.

  • CVE-2026-26153HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.

  • CVE-2026-20930HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

  • CVE-2026-26128HigMar 10, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

  • CVE-2026-25187HigMar 10, 2026
    risk 0.51cvss 7.8epss 0.03

    Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.

  • CVE-2026-20864HigJan 13, 2026
    risk 0.51cvss 7.8epss 0.01

    Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.

  • CVE-2026-20817HigJan 13, 2026
    risk 0.51cvss 7.8epss 0.05

    Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.

  • CVE-2025-30388HigMay 13, 2025
    risk 0.51cvss 7.8epss 0.03

    Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

  • CVE-2025-21338HigJan 14, 2025
    risk 0.51cvss 7.8epss 0.00

    GDI+ Remote Code Execution Vulnerability

  • CVE-2024-38250HigSep 10, 2024
    risk 0.51cvss 7.8epss 0.01

    Windows Graphics Component Elevation of Privilege Vulnerability

  • CVE-2022-26926HigMay 10, 2022
    risk 0.51cvss 7.8epss 0.03

    Windows Address Book Remote Code Execution Vulnerability

  • CVE-2022-26795HigApr 15, 2022
    risk 0.51cvss 7.8epss 0.01

    Windows Print Spooler Elevation of Privilege Vulnerability

  • CVE-2018-8400HigAug 15, 2018
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from…

  • CVE-2018-0902HigMar 14, 2018
    risk 0.51cvss 7.8epss 0.01

    The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709. Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver validates and enforces…

  • CVE-2018-0831HigFeb 15, 2018
    risk 0.51cvss 7.8epss 0.01

    The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability".

  • CVE-2018-0756HigFeb 15, 2018
    risk 0.51cvss 7.8epss 0.01

    The Windows kernel in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Kernel Elevation of Privilege Vulnerability". This CVE…

  • CVE-2013-3900MedKEVDec 11, 2013
    risk 0.51cvss 5.5epss 0.45

    Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows…

  • CVE-2018-0956HigApr 12, 2018
    risk 0.50cvss 7.5epss 0.14

    A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

Page 8 of 171