Windows 10 1607@* Security Vulnerabilities and Issues — Page 44 of Windows 10 1607@* CVE List

An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka "Microsoft Cortana Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10.

4.6CVSS6.3AI score0.01545EPSS

CVE•added 2020/02/11 10:15 p.m.•85 views

CVE-2020-0675

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addre...

5.5CVSS5.2AI score0.00996EPSS

CVE•added 2020/03/12 4:15 p.m.•85 views

CVE-2020-0773

An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. This ...

7.8CVSS8.2AI score0.00656EPSS

CVE•added 2020/03/12 4:15 p.m.•85 views

CVE-2020-0845

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0804.

7.8CVSS8.1AI score0.00549EPSS

CVE•added 2020/05/21 11:15 p.m.•85 views

CVE-2020-0909

A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolv...

7.5CVSS8.1AI score0.12525EPSS

CVE•added 2020/04/15 3:15 p.m.•85 views

CVE-2020-0948

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0949, CVE-2020-0950.

9.3CVSS8.7AI score0.2125EPSS

CVE•added 2020/04/15 3:15 p.m.•85 views

CVE-2020-0993

A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka 'Windows DNS Denial of Service Vulnerability'.

6.8CVSS6.9AI score0.11053EPSS

CVE•added 2020/04/15 3:15 p.m.•85 views

CVE-2020-1005

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-0987.

5.5CVSS6.2AI score0.0176EPSS

CVE•added 2020/05/21 11:15 p.m.•85 views

CVE-2020-1123

A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-1084.

5.5CVSS6.9AI score0.00266EPSS

CVE•added 2020/06/09 8:15 p.m.•85 views

CVE-2020-1304

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1306, CVE-2020-133...

7.8CVSS7.7AI score0.12134EPSS

CVE•added 2020/07/14 11:15 p.m.•85 views

CVE-2020-1368

An elevation of privilege vulnerability exists in the way that the Credential Enrollment Manager service handles objects in memory, aka 'Windows Credential Enrollment Manager Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00278EPSS

CVE•added 2020/07/14 11:15 p.m.•85 views

CVE-2020-1399

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1353, CVE-2020-1370, CVE-2020-1404, CVE-2020-1413, CVE-2020-1414, CVE-2020-141...

7.8CVSS7.7AI score0.00513EPSS

CVE•added 2021/12/15 3:15 p.m.•85 views

CVE-2021-43216

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

6.8CVSS7.5AI score0.13521EPSS

CVE•added 2021/12/15 3:15 p.m.•85 views

CVE-2021-43238

Windows Remote Access Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00305EPSS

CVE•added 2023/02/14 8:15 p.m.•85 views

CVE-2023-21702

Windows iSCSI Service Denial of Service Vulnerability

7.5CVSS7.5AI score0.03441EPSS

CVE•added 2023/07/11 6:15 p.m.•85 views

CVE-2023-32035

Remote Procedure Call Runtime Denial of Service Vulnerability

7.5CVSS7.8AI score0.03672EPSS

CVE•added 2023/07/11 6:15 p.m.•85 views

CVE-2023-32043

Windows Remote Desktop Security Feature Bypass Vulnerability

6.8CVSS8AI score0.00065EPSS

CVE•added 2023/07/11 6:15 p.m.•85 views

CVE-2023-35309

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

7.5CVSS8.7AI score0.00691EPSS

CVE•added 2023/07/11 6:15 p.m.•85 views

CVE-2023-35314

Remote Procedure Call Runtime Denial of Service Vulnerability

6.5CVSS7.8AI score0.03672EPSS

CVE•added 2023/07/11 6:15 p.m.•85 views

CVE-2023-35341

Microsoft DirectMusic Information Disclosure Vulnerability

6.2CVSS6.9AI score0.00243EPSS

CVE•added 2024/07/09 5:15 p.m.•85 views

CVE-2024-37970

Secure Boot Security Feature Bypass Vulnerability

8CVSS8.4AI score0.00951EPSS

CVE•added 2024/07/09 5:15 p.m.•85 views

CVE-2024-37988

Secure Boot Security Feature Bypass Vulnerability

8CVSS8.1AI score0.01385EPSS

CVE•added 2024/07/09 5:15 p.m.•85 views

CVE-2024-38048

Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability

6.5CVSS7.8AI score0.0017EPSS

CVE•added 2024/08/13 6:15 p.m.•85 views

CVE-2024-38126

Windows Network Address Translation (NAT) Denial of Service Vulnerability

7.5CVSS7.5AI score0.26137EPSS

CVE•added 2025/01/14 6:15 p.m.•85 views

CVE-2025-21233

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0052EPSS

CVE•added 2025/01/14 6:15 p.m.•85 views

CVE-2025-21316

Windows Kernel Memory Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00178EPSS

CVE•added 2025/04/08 6:15 p.m.•85 views

CVE-2025-27484

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.1AI score0.00036EPSS

CVE•added 2019/05/16 7:29 p.m.•84 views

CVE-2019-0886

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.

6.8CVSS6.2AI score0.0078EPSS

CVE•added 2020/02/11 10:15 p.m.•84 views

CVE-2020-0680

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0682.

7.8CVSS8.1AI score0.00511EPSS

CVE•added 2020/03/12 4:15 p.m.•84 views

CVE-2020-0781

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0783.

7.8CVSS8.5AI score0.00538EPSS

CVE•added 2020/03/12 4:15 p.m.•84 views

CVE-2020-0853

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.

6.5CVSS7.1AI score0.27243EPSS

CVE•added 2020/03/12 4:15 p.m.•84 views

CVE-2020-0869

8.8CVSS8.7AI score0.17369EPSS

CVE•added 2020/04/15 3:15 p.m.•84 views

CVE-2020-1014

An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.0047EPSS

CVE•added 2020/05/21 11:15 p.m.•84 views

CVE-2020-1116

An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.00505EPSS

CVE•added 2020/07/14 11:15 p.m.•84 views

CVE-2020-1361

An information disclosure vulnerability exists in the way that the WalletService handles memory.To exploit the vulnerability, an attacker would first need code execution on a victim system, aka 'Windows WalletService Information Disclosure Vulnerability'.

5.5CVSS6.9AI score0.0104EPSS

CVE•added 2020/07/14 11:15 p.m.•84 views

CVE-2020-1385

An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory, aka 'Windows Credential Picker Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00278EPSS

CVE•added 2020/07/14 11:15 p.m.•84 views

CVE-2020-1397

6.5CVSS7.1AI score0.2819EPSS

CVE•added 2021/12/15 3:15 p.m.•84 views

CVE-2021-43231

Windows NTFS Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00542EPSS

CVE•added 2023/07/11 6:15 p.m.•84 views

CVE-2023-35358

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00202EPSS