Windows 10 1607@* Security Vulnerabilities and Issues — Page 35 of Windows 10 1607@* CVE List

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'.

5.9CVSS7AI score0.03185EPSS

CVE•added 2019/10/10 2:15 p.m.•100 views

CVE-2019-1326

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

7.8CVSS8.1AI score0.11204EPSS

CVE•added 2019/11/12 7:15 p.m.•100 views

CVE-2019-1397

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1389, CVE-2019-1398.

8.4CVSS9.2AI score0.01157EPSS

CVE•added 2020/01/14 11:15 p.m.•100 views

CVE-2020-0614

An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628...

7.8CVSS7.7AI score0.00511EPSS

CVE•added 2020/01/14 11:15 p.m.•100 views

CVE-2020-0641

An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00549EPSS

CVE•added 2020/02/11 10:15 p.m.•100 views

CVE-2020-0708

A remote code execution vulnerability exists when the Windows Imaging Library improperly handles memory.To exploit this vulnerability, an attacker would first have to coerce a victim to open a specially crafted file.The security update addresses the vulnerability by correcting how the Windows Imagi...

7.8CVSS8.3AI score0.20038EPSS

CVE•added 2020/04/15 3:15 p.m.•100 views

CVE-2020-0985

An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0996.

7.8CVSS8AI score0.00397EPSS

CVE•added 2020/04/15 3:15 p.m.•100 views

CVE-2020-0994

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992,...

9.3CVSS8AI score0.33652EPSS

CVE•added 2020/04/15 3:15 p.m.•100 views

CVE-2020-1000

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1003, CVE-2020-1027.

7.8CVSS7.8AI score0.13961EPSS

In wild

CVE•added 2020/04/15 3:15 p.m.•100 views

CVE-2020-1004

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'.

7.8CVSS8.1AI score0.00397EPSS

CVE•added 2020/06/09 8:15 p.m.•100 views

CVE-2020-1235

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306, CVE-2020-133...

7.8CVSS7.7AI score0.12134EPSS

CVE•added 2020/07/14 11:15 p.m.•100 views

CVE-2020-1398

An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly handle Ease of Access dialog.An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.The security update addresses the vulnerability by ensuring that the Ease o...

6.8CVSS8AI score0.00285EPSS

CVE•added 2022/01/11 9:15 p.m.•100 views

CVE-2022-21860

Windows AppContracts API Server Elevation of Privilege Vulnerability

7CVSS8.1AI score0.00492EPSS

CVE•added 2022/05/10 9:15 p.m.•100 views

CVE-2022-29105

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.03165EPSS

CVE•added 2022/12/13 7:15 p.m.•100 views

CVE-2022-44675

Windows Bluetooth Driver Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.0637EPSS

CVE•added 2022/12/13 7:15 p.m.•100 views

CVE-2022-44681

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00268EPSS

CVE•added 2023/04/11 9:15 p.m.•100 views

CVE-2023-28241

Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability

7.5CVSS7.4AI score0.03801EPSS

CVE•added 2024/08/13 6:15 p.m.•100 views

CVE-2024-38185

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00479EPSS

CVE•added 2024/12/12 2:4 a.m.•100 views

CVE-2024-49124

Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability

8.1CVSS8.2AI score0.00302EPSS

CVE•added 2025/04/08 6:15 p.m.•100 views

CVE-2025-21191

Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

7CVSS7.1AI score0.00023EPSS

CVE•added 2025/01/14 6:15 p.m.•100 views

CVE-2025-21242

Windows Kerberos Information Disclosure Vulnerability

5.9CVSS5.5AI score0.00125EPSS

CVE•added 2025/03/11 5:16 p.m.•100 views

CVE-2025-26645

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

8.8CVSS8.8AI score0.00459EPSS

CVE•added 2018/04/12 1:29 a.m.•99 views

CVE-2018-0968

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Win...

5.5CVSS5AI score0.04687EPSS

CVE•added 2018/04/12 1:29 a.m.•99 views

CVE-2018-0970

5.5CVSS5AI score0.04687EPSS

Web

CVE•added 2018/06/14 12:29 p.m.•99 views

CVE-2018-0982

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

7CVSS7.6AI score0.11334EPSS

CVE•added 2018/05/21 1:29 p.m.•99 views

CVE-2018-8142

A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1035.

5.3CVSS5.4AI score0.00995EPSS

CVE•added 2018/06/14 12:29 p.m.•99 views

CVE-2018-8212

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. T...

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/09/13 12:29 a.m.•99 views

CVE-2018-8335

A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Win...

7.8CVSS7.1AI score0.09653EPSS

CVE•added 2019/09/11 10:15 p.m.•99 views

CVE-2019-0788

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-1290, CVE-2019-1291.

9.3CVSS8.8AI score0.32912EPSS

CVE•added 2019/09/11 10:15 p.m.•99 views

CVE-2019-0928

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'.

6.2CVSS6.6AI score0.0021EPSS

CVE•added 2019/09/11 10:15 p.m.•99 views

CVE-2019-1248

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1246, CVE-2019-1247,...

9.3CVSS8.5AI score0.35463EPSS

CVE•added 2019/11/12 7:15 p.m.•99 views

CVE-2019-1456

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts, aka 'OpenType Font Parsing Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1419.

8.8CVSS9.3AI score0.23721EPSS

CVE•added 2020/03/12 4:15 p.m.•99 views

CVE-2020-0684

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

8.8CVSS8.2AI score0.33494EPSS

CVE•added 2020/03/12 4:15 p.m.•99 views

CVE-2020-0840

An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0841, CVE-2020-0849, CVE-2020-0896.

7.8CVSS7.5AI score0.00397EPSS

CVE•added 2020/04/15 3:15 p.m.•99 views

CVE-2020-0965

A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'.

7.8CVSS8.2AI score0.01329EPSS

CVE•added 2020/04/15 3:15 p.m.•99 views

CVE-2020-0995

9.3CVSS8AI score0.33652EPSS

CVE•added 2020/06/09 8:15 p.m.•99 views

CVE-2020-1208

9.3CVSS8.4AI score0.33652EPSS

CVE•added 2020/07/14 11:15 p.m.•99 views

CVE-2020-1333

An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points, aka 'Group Policy Services Policy Processing Elevation of Privilege Vulnerability'.

6.7CVSS7.7AI score0.0042EPSS

CVE•added 2020/07/14 11:15 p.m.•99 views

CVE-2020-1463

An elevation of privilege vulnerability exists in the way that the SharedStream Library handles objects in memory, aka 'Windows SharedStream Library Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00278EPSS

CVE•added 2022/03/09 5:15 p.m.•99 views

CVE-2022-23290

Windows Inking COM Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00227EPSS

CVE•added 2022/12/13 7:15 p.m.•99 views

CVE-2022-41094

Windows Hyper-V Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.00219EPSS

CVE•added 2023/02/14 8:15 p.m.•99 views

CVE-2023-21691

Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability