Vulnerabilities > Microsoft > Windows 10 > Low

DATE CVE VULNERABILITY TITLE RISK
2016-11-10 CVE-2016-7218 Information Exposure vulnerability in Microsoft products
Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, aka "Windows Bowser.sys Information Disclosure Vulnerability."
1.9
2016-11-10 CVE-2016-7220 Information Exposure vulnerability in Microsoft Windows 10
Virtual Secure Mode in Microsoft Windows 10 allows local users to obtain sensitive information via a crafted application, aka "Virtual Secure Mode Information Disclosure Vulnerability."
local
low complexity
microsoft CWE-200
2.1
2016-11-10 CVE-2016-7223 Improper Access Control vulnerability in Microsoft products
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."
local
low complexity
microsoft CWE-284
3.6
2016-11-10 CVE-2016-7224 Improper Access Control vulnerability in Microsoft products
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."
local
low complexity
microsoft CWE-284
3.6
2016-11-10 CVE-2016-7225 Improper Access Control vulnerability in Microsoft Windows 10 and Windows Server 2016
Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."
local
low complexity
microsoft CWE-284
3.6
2016-11-10 CVE-2016-7226 Improper Access Control vulnerability in Microsoft Windows 10 and Windows Server 2016
Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."
local
low complexity
microsoft CWE-284
3.6
2016-10-14 CVE-2016-0073 Information Exposure vulnerability in Microsoft products
The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0075.
local
low complexity
microsoft CWE-200
2.1
2016-10-14 CVE-2016-0075 Information Exposure vulnerability in Microsoft products
The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0073.
local
low complexity
microsoft CWE-200
2.1
2016-10-14 CVE-2016-0079 Information Exposure vulnerability in Microsoft Windows 10 1511/1607
The kernel in Microsoft Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability."
local
low complexity
microsoft CWE-200
2.1
2016-09-14 CVE-2016-3344 Information Exposure vulnerability in Microsoft Windows 10 1511
The Secure Kernel Mode feature in Microsoft Windows 10 Gold and 1511 allows local users to obtain sensitive information via a crafted application, aka "Windows Secure Kernel Mode Information Disclosure Vulnerability."
local
low complexity
microsoft CWE-200
2.1