Windows 10 1607 Security Vulnerabilities and Issues — Windows 10 1607 CVE List

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

4.7CVSS6.6AI score0.00633EPSS

CVE•added 2022/01/11 9:15 p.m.•355 views

CVE-2022-21894

Secure Boot Security Feature Bypass Vulnerability

4.9CVSS6.2AI score0.45082EPSS

In wild

CVE•added 2025/01/14 6:15 p.m.•319 views

CVE-2025-21189

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00174EPSS

CVE•added 2022/03/09 5:15 p.m.•268 views

CVE-2022-21977

Media Foundation Information Disclosure Vulnerability

4.3CVSS5.7AI score0.01033EPSS

CVE•added 2025/03/11 5:16 p.m.•240 views

CVE-2025-24984

Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

4.6CVSS6.1AI score0.17667EPSS

In wild

CVE•added 2022/11/09 10:15 p.m.•216 views

CVE-2022-41099

BitLocker Security Feature Bypass Vulnerability

4.6CVSS6.3AI score0.01773EPSS

CVE•added 2022/10/11 7:15 p.m.•211 views

CVE-2022-37981

Windows Event Logging Service Denial of Service Vulnerability

4.3CVSS6.3AI score0.05031EPSS

CVE•added 2022/07/12 11:15 p.m.•205 views

CVE-2022-21845

Windows Kernel Information Disclosure Vulnerability

4.7CVSS6.1AI score0.00875EPSS

CVE•added 2022/03/09 5:15 p.m.•204 views

CVE-2022-21975

Windows Hyper-V Denial of Service Vulnerability

4.7CVSS6.2AI score0.00137EPSS

CVE•added 2022/08/09 8:15 p.m.•198 views

CVE-2022-34704

Windows Defender Credential Guard Information Disclosure Vulnerability

4.7CVSS6.5AI score0.0173EPSS

CVE•added 2023/06/14 12:15 a.m.•191 views

CVE-2023-32019

Windows Kernel Information Disclosure Vulnerability

4.7CVSS6.5AI score0.03184EPSS

CVE•added 2024/01/09 6:15 p.m.•179 views

CVE-2024-20691

Windows Themes Information Disclosure Vulnerability

4.7CVSS5.3AI score0.00095EPSS

CVE•added 2018/11/14 1:29 a.m.•165 views

CVE-2018-8566

A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption, aka "BitLocker Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

4.6CVSS4.9AI score0.00217EPSS

CVE•added 2022/05/10 9:15 p.m.•153 views

CVE-2022-29127

BitLocker Security Feature Bypass Vulnerability

4.2CVSS6.5AI score0.00193EPSS

CVE•added 2024/04/09 5:15 p.m.•152 views

CVE-2024-28922

Secure Boot Security Feature Bypass Vulnerability

4.1CVSS6.1AI score0.0015EPSS

CVE•added 2019/03/06 12:0 a.m.•147 views

CVE-2019-0601

An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600.

4.7CVSS6.2AI score0.00549EPSS

CVE•added 2021/11/10 1:18 a.m.•136 views

CVE-2021-38631

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

4.4CVSS6.3AI score0.00352EPSS

CVE•added 2023/03/14 5:15 p.m.•131 views

CVE-2023-24911

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

4.3CVSS4.6AI score0.01968EPSS

CVE•added 2018/09/13 12:29 a.m.•129 views

CVE-2018-8468

An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008...

4.7CVSS5.8AI score0.06939EPSS

CVE•added 2019/04/09 9:29 p.m.•129 views

CVE-2019-0839

An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838.

4.4CVSS5.7AI score0.00695EPSS

CVE•added 2022/01/11 9:15 p.m.•128 views

CVE-2022-21900

Windows Hyper-V Security Feature Bypass Vulnerability

4.6CVSS6.7AI score0.00274EPSS

CVE•added 2021/11/10 1:19 a.m.•127 views

CVE-2021-41371

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

4.4CVSS6.3AI score0.00432EPSS

CVE•added 2018/08/15 5:29 p.m.•125 views

CVE-2018-8348

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Serv...

4.7CVSS5.6AI score0.01216EPSS

CVE•added 2019/04/09 3:29 a.m.•124 views

CVE-2019-0775

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782.

4.7CVSS5.6AI score0.00908EPSS

CVE•added 2025/01/14 6:15 p.m.•123 views

CVE-2025-21329

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00111EPSS

CVE•added 2025/01/14 6:15 p.m.•122 views

CVE-2025-21213

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00143EPSS

CVE•added 2019/03/06 12:0 a.m.•121 views

CVE-2019-0600

4.7CVSS6.2AI score0.00549EPSS

CVE•added 2018/08/15 5:29 p.m.•118 views

CVE-2018-8341

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Serv...

4.7CVSS5.6AI score0.01216EPSS

CVE•added 2022/05/10 9:15 p.m.•110 views

CVE-2022-24466

Windows Hyper-V Security Feature Bypass Vulnerability

4.1CVSS6.5AI score0.01318EPSS

CVE•added 2023/01/10 10:15 p.m.•108 views

CVE-2023-21766

Windows Overlay Filter Information Disclosure Vulnerability

4.7CVSS4.8AI score0.03918EPSS

CVE•added 2018/06/14 12:29 p.m.•107 views

CVE-2018-8207

4.7CVSS5.3AI score0.01934EPSS

CVE•added 2018/10/10 1:29 p.m.•106 views

CVE-2018-8320

A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka "Windows DNS Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windo...

4.3CVSS5.6AI score0.01939EPSS

CVE•added 2024/07/09 5:15 p.m.•105 views

CVE-2024-30071

Windows Remote Access Connection Manager Information Disclosure Vulnerability

4.7CVSS6.1AI score0.00172EPSS

CVE•added 2021/04/13 8:15 p.m.•103 views

CVE-2021-28447

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability

4.4CVSS6.3AI score0.00407EPSS

CVE•added 2018/06/14 12:29 p.m.•102 views

CVE-2018-8201

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. T...

4.5CVSS5.2AI score0.01097EPSS

CVE•added 2018/09/13 12:29 a.m.•101 views

CVE-2018-8433

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,...

4.7CVSS5.2AI score0.01913EPSS

CVE•added 2023/04/11 9:15 p.m.•98 views

CVE-2023-28276

Windows Group Policy Security Feature Bypass Vulnerability

4.4CVSS4.9AI score0.00196EPSS

CVE•added 2024/08/13 6:15 p.m.•98 views

CVE-2024-38143

Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability

4.2CVSS4.6AI score0.02126EPSS

CVE•added 2019/08/14 9:15 p.m.•96 views

CVE-2019-1172

An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account.To exploit the vulnerability, an attacker would have to trick a user int...

4.3CVSS6AI score0.065EPSS

CVE•added 2021/04/13 8:15 p.m.•96 views

CVE-2021-27094

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability

4.4CVSS6.3AI score0.00407EPSS

CVE•added 2025/01/14 6:15 p.m.•95 views

CVE-2025-21215

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00118EPSS

CVE•added 2018/09/13 12:29 a.m.•94 views

CVE-2018-8435

A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

4.2CVSS5.4AI score0.00298EPSS

CVE•added 2025/01/14 6:15 p.m.•89 views

CVE-2025-21219

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00153EPSS

CVE•added 2021/04/13 8:15 p.m.•88 views

CVE-2021-28316

Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability

4.6CVSS6.1AI score0.00314EPSS

CVE•added 2024/06/11 5:15 p.m.•88 views

CVE-2024-30069

Windows Remote Access Connection Manager Information Disclosure Vulnerability