Windows 10 1607 Security Vulnerabilities and Issues — Page 8 of Windows 10 1607 CVE List

7.8CVSS7.5AI score0.00057EPSS

CVE-2025-49761

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

5.5CVSS6.6AI score0.0005EPSS

CVE-2025-53136

Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose information locally.

CVE-2025-53723

Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

CVE-2025-53724

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

7CVSS7.3AI score0.00047EPSS

CVE-2025-49762

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00057EPSS

CVE-2025-50153

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.

7.3CVSS7.6AI score0.00067EPSS

CVE-2025-50159

Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally.

7CVSS7.2AI score0.00047EPSS

CVE-2025-50167

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7CVSS7.2AI score0.00047EPSS

CVE-2025-53135

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally.

8.8CVSS7.5AI score0.00395EPSS

CVE-2025-53144

Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00395EPSS

CVE-2025-53145

Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.

7.8CVSS7.9AI score0.00057EPSS

CVE-2025-53152

Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally.

7.8CVSS7.1AI score0.00057EPSS

CVE-2025-53154

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2025-53726

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2025-50155

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

7.3CVSS7.6AI score0.00067EPSS

CVE-2025-50161

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

6.5CVSS7AI score0.00118EPSS

CVE-2025-50166

Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose information over a network.

7CVSS7.3AI score0.00049EPSS

CVE-2025-53134

7CVSS7.6AI score0.00052EPSS

CVE-2025-53137

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00057EPSS

CVE-2025-53141

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

7CVSS7.6AI score0.00052EPSS

CVE-2025-53147

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2025-53725

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.