Windows 10 1507 Security Vulnerabilities and Issues — Page 27 of Windows 10 1507 CVE List

A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges.An attacker could craft a website that exploits the vulnerability...

9.3CVSS8.1AI score0.40625EPSS

CVE•added 2020/08/17 7:15 p.m.•108 views

CVE-2020-1478

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.There are multiple ways an attacke...

7.8CVSS8.6AI score0.13239EPSS

CVE•added 2020/08/17 7:15 p.m.•108 views

CVE-2020-1511

An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a spe...

7.8CVSS8AI score0.00681EPSS

CVE•added 2020/08/17 7:15 p.m.•108 views

CVE-2020-1536

An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security u...

7.8CVSS8.1AI score0.00513EPSS

CVE•added 2020/10/16 11:15 p.m.•108 views

CVE-2020-16892

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a speciall...

7.8CVSS8AI score0.00717EPSS

CVE•added 2021/04/13 8:15 p.m.•108 views

CVE-2021-27089

Microsoft Internet Messaging API Remote Code Execution Vulnerability

7.8CVSS8.2AI score0.00429EPSS

CVE•added 2021/07/14 6:15 p.m.•108 views

CVE-2021-33782

Windows Authenticode Spoofing Vulnerability

5.5CVSS6.7AI score0.01232EPSS

CVE•added 2021/07/14 6:15 p.m.•108 views

CVE-2021-34507

Windows Remote Assistance Information Disclosure Vulnerability

6.5CVSS7.2AI score0.04042EPSS

CVE•added 2021/09/15 12:15 p.m.•108 views

CVE-2021-36972

Windows SMB Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00442EPSS

CVE•added 2021/10/13 1:15 a.m.•108 views

CVE-2021-40478

Storage Spaces Controller Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.00496EPSS

CVE•added 2022/01/11 9:15 p.m.•108 views

CVE-2022-21958

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

7.2CVSS8.2AI score0.02021EPSS

CVE•added 2022/02/09 5:15 p.m.•108 views

CVE-2022-21993

Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability

7.8CVSS7.3AI score0.20315EPSS

CVE•added 2022/05/10 9:15 p.m.•108 views

CVE-2022-29103

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00437EPSS

CVE•added 2022/12/13 7:15 p.m.•108 views

CVE-2022-41074

Windows Graphics Component Information Disclosure Vulnerability

5.5CVSS6.3AI score0.00819EPSS

CVE•added 2023/06/14 12:15 a.m.•108 views

CVE-2023-32008

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.00437EPSS

CVE•added 2023/07/11 6:15 p.m.•108 views

CVE-2023-35302

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.03462EPSS

CVE•added 2023/08/08 6:15 p.m.•108 views

CVE-2023-36912

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS8.4AI score0.0483EPSS

CVE•added 2024/07/09 5:15 p.m.•108 views

CVE-2024-38058

BitLocker Security Feature Bypass Vulnerability

6.8CVSS7.4AI score0.00863EPSS

CVE•added 2025/06/10 5:21 p.m.•108 views

CVE-2025-24068

Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.3AI score0.00048EPSS

CVE•added 2019/06/12 2:29 p.m.•107 views

CVE-2019-0972

This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the ...

6.8CVSS7.3AI score0.17994EPSS

CVE•added 2019/06/12 2:29 p.m.•107 views

CVE-2019-1025

A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a special...

7.8CVSS7.3AI score0.16561EPSS

CVE•added 2019/06/12 2:29 p.m.•107 views

CVE-2019-1043

A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could ...

8.5CVSS7.8AI score0.02663EPSS

CVE•added 2019/08/14 9:15 p.m.•107 views

CVE-2019-1156

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS7.9AI score0.09677EPSS

CVE•added 2020/08/17 7:15 p.m.•107 views

CVE-2020-1552

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.An attacker could exploit this vulnerability by running a specially crafted ap...

8CVSS8AI score0.00792EPSS

CVE•added 2020/10/16 11:15 p.m.•107 views

CVE-2020-16919

An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files.An attacker with unprivileged access to a vulnerable system could exploi...

5.5CVSS6.5AI score0.00455EPSS

CVE•added 2021/01/12 8:15 p.m.•107 views

CVE-2021-1656

TPM Device Driver Information Disclosure Vulnerability

5.5CVSS6.6AI score0.04026EPSS

CVE•added 2021/07/14 6:15 p.m.•107 views

CVE-2021-33788

Windows LSA Denial of Service Vulnerability

7.5CVSS7.9AI score0.04338EPSS

CVE•added 2021/07/14 6:15 p.m.•107 views

CVE-2021-34491

Win32k Information Disclosure Vulnerability

5.5CVSS6.5AI score0.00581EPSS

CVE•added 2021/09/15 12:15 p.m.•107 views

CVE-2021-38630

Windows Event Tracing Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00243EPSS

CVE•added 2022/07/12 11:15 p.m.•107 views

CVE-2022-22031

Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00253EPSS

CVE•added 2022/12/13 7:15 p.m.•107 views

CVE-2022-41077

Windows Fax Compose Form Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.00208EPSS

CVE•added 2024/06/11 5:15 p.m.•107 views

CVE-2024-30077

Windows OLE Remote Code Execution Vulnerability

8CVSS8.9AI score0.05477EPSS

CVE•added 2024/10/08 6:15 p.m.•107 views

CVE-2024-43554

Windows Kernel-Mode Driver Information Disclosure Vulnerability

5.5CVSS6.5AI score0.00227EPSS

CVE•added 2024/11/12 6:15 p.m.•107 views

CVE-2024-43637

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00307EPSS

CVE•added 2025/02/11 6:15 p.m.•107 views

CVE-2025-21369

Microsoft Digest Authentication Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00532EPSS

CVE•added 2025/04/08 6:16 p.m.•107 views

CVE-2025-29810

Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.1AI score0.00047EPSS

CVE•added 2019/06/12 2:29 p.m.•106 views

CVE-2019-0973

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then insta...

7.8CVSS7.9AI score0.00245EPSS

CVE•added 2019/08/14 9:15 p.m.•106 views

CVE-2019-1078

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.An authenticated attacker could exploit this vulnerabil...

5.5CVSS6.7AI score0.00652EPSS

CVE•added 2020/09/11 5:15 p.m.•106 views

CVE-2020-1152

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.To exploit the vulnerability, an attacker would have to log on to an affected system and r...

7.8CVSS6.8AI score0.00246EPSS

CVE•added 2020/09/11 5:15 p.m.•106 views

CVE-2020-1308

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ful...

7.8CVSS7.7AI score0.00909EPSS

Total number of security vulnerabilities2231