Vulnerabilities > Microsoft > Windows 10 1607 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-28 | CVE-2023-1017 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. | 7.8 |
| 2023-02-14 | CVE-2023-21695 | Unspecified vulnerability in Microsoft products Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | 8.8 |
| 2023-02-12 | CVE-2022-38396 | Unspecified vulnerability in Microsoft products HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. | 7.8 |
| 2022-09-13 | CVE-2022-37969 | Out-of-bounds Write vulnerability in Microsoft products Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
| 2022-08-09 | CVE-2022-34713 | Unspecified vulnerability in Microsoft products Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | 7.8 |
| 2022-01-11 | CVE-2022-21871 | Unspecified vulnerability in Microsoft products Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability | 7.8 |
| 2020-03-12 | CVE-2020-0787 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-06-12 | CVE-2019-1069 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'. | 7.8 |
| 2018-10-10 | CVE-2018-8493 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. | 7.5 |
| 2018-10-10 | CVE-2018-8453 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 7.8 |