Windows 10 1607 Security Vulnerabilities and Issues — Windows 10 1607 CVE List

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

4.7CVSS6.6AI score0.0065EPSS

CVE•added 2025/01/14 6:15 p.m.•318 views

CVE-2025-21189

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00162EPSS

CVE•added 2022/01/11 9:15 p.m.•317 views

CVE-2022-21894

Secure Boot Security Feature Bypass Vulnerability

4.9CVSS6.2AI score0.45082EPSS

CVE•added 2022/03/09 5:15 p.m.•267 views

CVE-2022-21977

Media Foundation Information Disclosure Vulnerability

4.3CVSS5.7AI score0.01025EPSS

CVE•added 2022/11/09 10:15 p.m.•213 views

CVE-2022-41099

BitLocker Security Feature Bypass Vulnerability

4.6CVSS6.3AI score0.01664EPSS

CVE•added 2022/10/11 7:15 p.m.•210 views

CVE-2022-37981

Windows Event Logging Service Denial of Service Vulnerability

4.3CVSS6.3AI score0.04734EPSS

CVE•added 2025/03/11 5:16 p.m.•209 views

CVE-2025-24984

Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

4.6CVSS6.1AI score0.19409EPSS

CVE•added 2022/03/09 5:15 p.m.•203 views

CVE-2022-21975

Windows Hyper-V Denial of Service Vulnerability

4.7CVSS6.2AI score0.00137EPSS

CVE•added 2022/07/12 11:15 p.m.•202 views

CVE-2022-21845

Windows Kernel Information Disclosure Vulnerability

4.7CVSS6.1AI score0.00891EPSS

CVE•added 2022/08/09 8:15 p.m.•196 views

CVE-2022-34704

Windows Defender Credential Guard Information Disclosure Vulnerability

4.7CVSS6.5AI score0.0173EPSS

CVE•added 2023/06/14 12:15 a.m.•190 views

CVE-2023-32019

Windows Kernel Information Disclosure Vulnerability

4.7CVSS6.5AI score0.02317EPSS

CVE•added 2024/01/09 6:15 p.m.•178 views

CVE-2024-20691

Windows Themes Information Disclosure Vulnerability

4.7CVSS5.3AI score0.00095EPSS

CVE•added 2018/11/14 1:29 a.m.•160 views

CVE-2018-8566

A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption, aka "BitLocker Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

4.6CVSS4.9AI score0.00217EPSS

CVE•added 2022/05/10 9:15 p.m.•152 views

CVE-2022-29127

BitLocker Security Feature Bypass Vulnerability

4.2CVSS6.5AI score0.00193EPSS

CVE•added 2024/04/09 5:15 p.m.•151 views

CVE-2024-28922

Secure Boot Security Feature Bypass Vulnerability

4.1CVSS6.1AI score0.00165EPSS

CVE•added 2019/03/06 12:0 a.m.•146 views

CVE-2019-0601

An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600.

4.7CVSS6.2AI score0.00549EPSS

CVE•added 2021/11/10 1:18 a.m.•134 views

CVE-2021-38631

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

4.4CVSS6.3AI score0.00332EPSS

CVE•added 2023/03/14 5:15 p.m.•130 views

CVE-2023-24911

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

4.3CVSS4.6AI score0.01968EPSS

CVE•added 2018/09/13 12:29 a.m.•128 views

CVE-2018-8468

An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008...

4.7CVSS5.8AI score0.05739EPSS

CVE•added 2019/04/09 9:29 p.m.•128 views

CVE-2019-0839

An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838.

4.4CVSS5.7AI score0.00695EPSS

CVE•added 2022/01/11 9:15 p.m.•127 views

CVE-2022-21900

Windows Hyper-V Security Feature Bypass Vulnerability

4.6CVSS6.7AI score0.00274EPSS

CVE•added 2021/11/10 1:19 a.m.•126 views

CVE-2021-41371

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

4.4CVSS6.3AI score0.00408EPSS

CVE•added 2018/08/15 5:29 p.m.•123 views

CVE-2018-8348

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Serv...

4.7CVSS5.6AI score0.01452EPSS

CVE•added 2019/04/09 3:29 a.m.•123 views

CVE-2019-0775

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782.

4.7CVSS5.6AI score0.00908EPSS

CVE•added 2025/01/14 6:15 p.m.•122 views

CVE-2025-21329

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00103EPSS

CVE•added 2025/01/14 6:15 p.m.•121 views

CVE-2025-21213

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00126EPSS

CVE•added 2019/03/06 12:0 a.m.•120 views

CVE-2019-0600

4.7CVSS6.2AI score0.00549EPSS

CVE•added 2018/08/15 5:29 p.m.•117 views

CVE-2018-8341

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Serv...

4.7CVSS5.6AI score0.01452EPSS

CVE•added 2022/05/10 9:15 p.m.•109 views

CVE-2022-24466

Windows Hyper-V Security Feature Bypass Vulnerability

4.1CVSS6.5AI score0.01318EPSS

CVE•added 2018/06/14 12:29 p.m.•105 views

CVE-2018-8207

4.7CVSS5.3AI score0.01934EPSS

CVE•added 2018/10/10 1:29 p.m.•105 views

CVE-2018-8320

A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka "Windows DNS Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windo...

4.3CVSS5.6AI score0.01976EPSS

CVE•added 2023/01/10 10:15 p.m.•105 views

CVE-2023-21766

Windows Overlay Filter Information Disclosure Vulnerability

4.7CVSS4.8AI score0.03918EPSS

CVE•added 2024/07/09 5:15 p.m.•104 views

CVE-2024-30071

Windows Remote Access Connection Manager Information Disclosure Vulnerability

4.7CVSS6.1AI score0.00208EPSS

CVE•added 2021/04/13 8:15 p.m.•102 views

CVE-2021-28447

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability

4.4CVSS6.3AI score0.00407EPSS

CVE•added 2018/09/13 12:29 a.m.•100 views

CVE-2018-8433

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,...

4.7CVSS5.2AI score0.01419EPSS

CVE•added 2023/04/11 9:15 p.m.•97 views

CVE-2023-28276

Windows Group Policy Security Feature Bypass Vulnerability

4.4CVSS4.9AI score0.00196EPSS

CVE•added 2019/08/14 9:15 p.m.•94 views

CVE-2019-1172

An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account.To exploit the vulnerability, an attacker would have to trick a user int...

4.3CVSS6AI score0.065EPSS

CVE•added 2021/04/13 8:15 p.m.•94 views

CVE-2021-27094

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability

4.4CVSS6.3AI score0.00407EPSS

CVE•added 2024/08/13 6:15 p.m.•94 views

CVE-2024-38143

Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability

4.2CVSS4.6AI score0.02126EPSS

CVE•added 2018/06/14 12:29 p.m.•93 views

CVE-2018-8201

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. T...

4.5CVSS5.2AI score0.01097EPSS

CVE•added 2025/01/14 6:15 p.m.•93 views

CVE-2025-21215

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00104EPSS

CVE•added 2018/09/13 12:29 a.m.•92 views

CVE-2018-8435

A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

4.2CVSS5.4AI score0.0031EPSS

CVE•added 2025/01/14 6:15 p.m.•88 views

CVE-2025-21219

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00142EPSS

CVE•added 2021/04/13 8:15 p.m.•87 views

CVE-2021-28316

Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability

4.6CVSS6.1AI score0.00314EPSS

CVE•added 2024/06/11 5:15 p.m.•87 views

CVE-2024-30069

Windows Remote Access Connection Manager Information Disclosure Vulnerability