Windows 10 1507 Security Vulnerabilities and Issues — Page 26 of Windows 10 1507 CVE List

An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The sec...

7.8CVSS8.1AI score0.00399EPSS

CVE•added 2020/08/17 7:15 p.m.•112 views

CVE-2020-1538

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The securit...

7.8CVSS8.6AI score0.00513EPSS

CVE•added 2020/12/10 12:15 a.m.•112 views

CVE-2020-16959

Windows Backup Engine Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.01076EPSS

CVE•added 2021/01/12 8:15 p.m.•112 views

CVE-2021-1655

Windows CSC Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00313EPSS

CVE•added 2021/01/12 8:15 p.m.•112 views

CVE-2021-1700

Remote Procedure Call Runtime Remote Code Execution Vulnerability

9CVSS8.3AI score0.07046EPSS

CVE•added 2021/01/12 8:15 p.m.•112 views

CVE-2021-1701

Remote Procedure Call Runtime Remote Code Execution Vulnerability

9CVSS8.3AI score0.07046EPSS

CVE•added 2021/04/13 8:15 p.m.•112 views

CVE-2021-27095

Windows Media Video Decoder Remote Code Execution Vulnerability

7.8CVSS8.3AI score0.01263EPSS

CVE•added 2021/04/13 8:15 p.m.•112 views

CVE-2021-28343

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.12162EPSS

CVE•added 2021/09/15 12:15 p.m.•112 views

CVE-2021-36959

Windows Authenticode Spoofing Vulnerability

5.5CVSS6.8AI score0.02097EPSS

CVE•added 2021/10/13 1:15 a.m.•112 views

CVE-2021-40463

Windows Network Address Translation (NAT) Denial of Service Vulnerability

7.7CVSS7.9AI score0.11676EPSS

CVE•added 2022/10/11 7:15 p.m.•112 views

CVE-2022-24504

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.00263EPSS

CVE•added 2022/09/13 7:15 p.m.•112 views

CVE-2022-35840

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.5AI score0.03169EPSS

CVE•added 2022/12/13 7:15 p.m.•112 views

CVE-2022-41121

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.00188EPSS

CVE•added 2023/02/14 8:15 p.m.•112 views

CVE-2023-21693

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

5.7CVSS5.5AI score0.00634EPSS

CVE•added 2023/04/11 9:15 p.m.•112 views

CVE-2023-28272

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00386EPSS

CVE•added 2023/07/11 6:15 p.m.•112 views

CVE-2023-32038

Microsoft ODBC Driver Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.00379EPSS

CVE•added 2024/05/14 5:16 p.m.•112 views

CVE-2024-30014

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

7.5CVSS7AI score0.01729EPSS

CVE•added 2024/05/14 5:17 p.m.•112 views

CVE-2024-30029

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

7.5CVSS7AI score0.01744EPSS

CVE•added 2024/11/12 6:15 p.m.•112 views

CVE-2024-43634

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.0037EPSS

CVE•added 2019/06/12 2:29 p.m.•111 views

CVE-2019-1012

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

6.5CVSS5.6AI score0.07622EPSS

CVE•added 2020/09/11 5:15 p.m.•111 views

CVE-2020-1285

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or dele...

9.3CVSS8.7AI score0.1092EPSS

CVE•added 2020/11/11 7:15 a.m.•111 views

CVE-2020-17044

Windows Remote Access Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.07947EPSS

CVE•added 2021/01/12 8:15 p.m.•111 views

CVE-2021-1709

Windows Win32k Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00275EPSS

CVE•added 2021/04/13 8:15 p.m.•111 views

CVE-2021-28331

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.12162EPSS

CVE•added 2021/09/15 12:15 p.m.•111 views

CVE-2021-36962

Windows Installer Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00478EPSS

CVE•added 2023/05/31 7:15 p.m.•111 views

CVE-2022-35750

Win32k Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.04896EPSS

CVE•added 2022/09/13 7:15 p.m.•111 views

CVE-2022-35831

Windows Remote Access Connection Manager Information Disclosure Vulnerability

5.5CVSS7.1AI score0.00204EPSS

CVE•added 2022/10/11 7:15 p.m.•111 views

CVE-2022-37975

Windows Group Policy Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.05362EPSS

CVE•added 2023/03/14 5:15 p.m.•111 views

CVE-2023-24857

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

6.5CVSS6.3AI score0.04108EPSS

CVE•added 2023/04/11 9:15 p.m.•111 views

CVE-2023-28236

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00153EPSS

CVE•added 2024/08/13 6:15 p.m.•111 views

CVE-2024-38198

Windows Print Spooler Elevation of Privilege Vulnerability

7.5CVSS7.6AI score0.01448EPSS

CVE•added 2025/02/11 6:15 p.m.•111 views

CVE-2025-21376

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.00512EPSS

CVE•added 2025/04/08 6:16 p.m.•111 views

CVE-2025-29810

Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.1AI score0.00019EPSS

CVE•added 2025/06/10 5:23 p.m.•111 views

CVE-2025-47160

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

5.4CVSS5.4AI score0.00087EPSS

CVE•added 2019/08/14 9:15 p.m.•110 views

CVE-2019-0718

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabi...

5.8CVSS6.9AI score0.01591EPSS

CVE•added 2019/06/12 2:29 p.m.•110 views

CVE-2019-0888

A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges.An attacker could craft a website that exploits the vulnerability...

9.3CVSS8.1AI score0.57073EPSS

CVE•added 2019/06/12 2:29 p.m.•110 views

CVE-2019-0908

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8AI score0.07323EPSS

CVE•added 2019/06/12 2:29 p.m.•110 views

CVE-2019-1014

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; o...

7.8CVSS7.8AI score0.00167EPSS

CVE•added 2019/08/14 9:15 p.m.•110 views

CVE-2019-1164

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new ...

7.8CVSS8.6AI score0.00663EPSS

CVE•added 2020/08/17 7:15 p.m.•110 views

CVE-2020-1515

An elevation of privilege vulnerability exists when the Windows Telephony Server improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The securit...

7.8CVSS8.5AI score0.00387EPSS

CVE•added 2020/08/17 7:15 p.m.•110 views

CVE-2020-1527

An elevation of privilege vulnerability exists when the Windows Custom Protocol Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s...

7.8CVSS8.1AI score0.00514EPSS

CVE•added 2020/08/17 7:15 p.m.•110 views

CVE-2020-1533

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specia...

7.8CVSS8.1AI score0.00387EPSS

CVE•added 2020/08/17 7:15 p.m.•110 views

CVE-2020-1535

An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u...

7.8CVSS8.1AI score0.00387EPSS

CVE•added 2021/01/12 8:15 p.m.•110 views

CVE-2021-1704

Windows Hyper-V Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.00646EPSS

CVE•added 2021/01/12 8:15 p.m.•110 views

CVE-2021-1706

Windows LUAFV Elevation of Privilege Vulnerability

9CVSS7.8AI score0.00676EPSS

CVE•added 2021/06/08 11:15 p.m.•110 views

CVE-2021-31970

Windows TCP/IP Driver Security Feature Bypass Vulnerability