Vulnerabilities > Microsoft > Windows 10 21H2 > 10.0.19041.3208
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-13 | CVE-2025-30385 | Use After Free vulnerability in Microsoft products Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-05-13 | CVE-2025-30388 | Heap-based Buffer Overflow vulnerability in Microsoft products Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. | 7.8 |
| 2025-05-13 | CVE-2025-30397 | Type Confusion vulnerability in Microsoft products Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network. | 7.5 |
| 2025-05-13 | CVE-2025-30400 | Use After Free vulnerability in Microsoft products Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-05-13 | CVE-2025-32701 | Use After Free vulnerability in Microsoft products Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-05-13 | CVE-2025-32706 | Improper Input Validation vulnerability in Microsoft products Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-05-13 | CVE-2025-32709 | Use After Free vulnerability in Microsoft products Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.8 |
| 2025-03-11 | CVE-2025-24984 | Information Exposure Through Log Files vulnerability in Microsoft products Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. | 4.6 |
| 2025-03-11 | CVE-2025-24985 | Heap-based Buffer Overflow vulnerability in Microsoft products Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | 7.8 |
| 2025-02-11 | CVE-2025-21184 | Unspecified vulnerability in Microsoft products Windows Core Messaging Elevation of Privileges Vulnerability | 7.0 |