This page lists publicly disclosed CVE vulnerabilities affecting microsoft windows_10_1507 (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-64680 | Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.36% | 2025-12-09 | 2026-06-17 |
| CVE-2025-64679 | Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.44% | 2025-12-09 | 2026-06-17 |
| CVE-2025-62209 | Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. | [email protected] | 5.5 | 0.49% | 2025-11-11 | 2026-06-17 |
| CVE-2025-62208 | Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. | [email protected] | 5.5 | 0.49% | 2025-11-11 | 2026-06-17 |
| CVE-2025-59295 | Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network. | [email protected] | 8.8 | 1.81% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59294 | Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack. | [email protected] | 2.1 | 0.57% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59282 | Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unauthorized attacker to execute code locally. | [email protected] | 7.0 | 0.57% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59280 | Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network. | [email protected] | 3.1 | 0.41% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59278 | Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.25% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59277 | Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.34% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59275 | Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.25% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59259 | Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network. | [email protected] | 6.5 | 1.37% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59254 | Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 1.03% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59253 | Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally. | [email protected] | 5.5 | 0.31% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59244 | External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 6.5 | 0.75% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59242 | Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.37% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59230 KEV | Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 2.61% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59214 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | [email protected] | 6.5 | 1.82% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59211 | Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. | [email protected] | 5.5 | 0.55% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59209 | Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. | [email protected] | 5.5 | 0.43% | 2025-10-14 | 2026-06-17 |