Vulnerabilities > Microsoft > Windows 10 1607 > 10.0.14393.5125

DATE CVE VULNERABILITY TITLE RISK
2025-05-13 CVE-2025-30385 Use After Free vulnerability in Microsoft products
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-416
7.8
7.8
2025-05-13 CVE-2025-30388 Heap-based Buffer Overflow vulnerability in Microsoft products
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
local
low complexity
microsoft CWE-122
7.8
7.8
2025-05-13 CVE-2025-30397 Type Confusion vulnerability in Microsoft products
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
network
high complexity
microsoft CWE-843
7.5
7.5
2025-05-13 CVE-2025-32701 Use After Free vulnerability in Microsoft products
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-416
7.8
7.8
2025-05-13 CVE-2025-32706 Improper Input Validation vulnerability in Microsoft products
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-20
7.8
7.8
2025-05-13 CVE-2025-32707 Out-of-bounds Read vulnerability in Microsoft products
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-125
7.8
7.8
2025-05-13 CVE-2025-24063 Heap-based Buffer Overflow vulnerability in Microsoft products
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
local
low complexity
microsoft CWE-122
7.8
7.8
2025-05-13 CVE-2025-27468 Improper Privilege Management vulnerability in Microsoft products
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
local
high complexity
microsoft CWE-269
7.0
7.0
2025-05-13 CVE-2025-29829 Use of Uninitialized Resource vulnerability in Microsoft products
Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.
local
low complexity
microsoft CWE-908
5.5
5.5
2025-05-13 CVE-2025-29830 Use of Uninitialized Resource vulnerability in Microsoft products
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
network
low complexity
microsoft CWE-908
6.5
6.5