Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows 10 1607
Subscriptions
Total
1731 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-36425 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-04-29 | 8 High |
| Windows Distributed File System (DFS) Remote Code Execution Vulnerability | ||||
| CVE-2023-36428 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-04-29 | 5.5 Medium |
| Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | ||||
| CVE-2023-36036 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-04-29 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2025-26633 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-04-29 | 7 High |
| Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2025-24993 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-04-29 | 7.8 High |
| Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24991 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-04-29 | 5.5 Medium |
| Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-24985 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-04-29 | 7.8 High |
| Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24984 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-04-29 | 4.6 Medium |
| Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. | ||||
| CVE-2025-24983 | 1 Microsoft | 5 Windows 10 1507, Windows 10 1607, Windows Server 2008 and 2 more | 2025-04-29 | 7 High |
| Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24054 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-04-29 | 6.5 Medium |
| External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2024-49138 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-04-28 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-49113 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-04-23 | 7.5 High |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | ||||
| CVE-2017-0001 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1511, Windows 10 1607 and 7 more | 2025-04-20 | 7.8 High |
| The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0005, CVE-2017-0025, and CVE-2017-0047. | ||||
| CVE-2017-0143 | 3 Microsoft, Philips, Siemens | 28 Server Message Block, Windows 10 1507, Windows 10 1511 and 25 more | 2025-04-20 | 8.8 High |
| The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148. | ||||
| CVE-2017-0059 | 1 Microsoft | 11 Internet Explorer, Windows 10 1507, Windows 10 1511 and 8 more | 2025-04-20 | 4.3 Medium |
| Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0008 and CVE-2017-0009. | ||||
| CVE-2017-0005 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1511, Windows 10 1607 and 7 more | 2025-04-20 | 7.8 High |
| The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0001, CVE-2017-0025, and CVE-2017-0047. | ||||
| CVE-2017-8543 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1511, Windows 10 1607 and 7 more | 2025-04-20 | 9.8 Critical |
| Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability". | ||||
| CVE-2017-8759 | 1 Microsoft | 11 .net Framework, Windows 10 1507, Windows 10 1511 and 8 more | 2025-04-20 | 7.8 High |
| Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability." | ||||
| CVE-2017-0145 | 2 Microsoft, Siemens | 27 Server Message Block, Windows 10 1507, Windows 10 1511 and 24 more | 2025-04-20 | 8.8 High |
| The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148. | ||||
| CVE-2017-0037 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 1507 and 6 more | 2025-04-20 | 8.1 High |
| Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element. | ||||