Skip to main content
CVE-2016-7237 MEDIUM POC THREAT This Month

Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 63.9%.

Microsoft Denial Of Service Authentication Bypass Windows 10 Windows 7 +6
NVD Exploit-DB
CVSS 3.0
6.5
EPSS
63.9%
Threat
4.7
CVE-2016-7210 MEDIUM This Month

atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 35.5% and no vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.5
EPSS
35.5%
CVE-2016-7252 MEDIUM This Month

Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Analysis Services Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.7% and no vendor patch available.

Information Disclosure Microsoft Sql Server
NVD
CVSS 3.0
6.5
EPSS
19.7%
CVE-2016-7226 MEDIUM POC This Month

Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application,. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Windows 10 Windows Server 2016
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
1.1%
CVE-2016-7225 MEDIUM POC This Month

Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application,. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Windows 10 Windows Server 2016
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
1.1%
CVE-2016-7224 MEDIUM POC This Month

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
1.1%
CVE-2016-7146 MEDIUM POC PATCH This Month

MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting (XSS)" issue affecting the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Moinmoin
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-7148 MEDIUM POC PATCH This Month

MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Moinmoin
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-7216 MEDIUM POC This Month

The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users to gain privileges via a crafted application, aka. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
2.8%
CVE-2016-7233 MEDIUM This Month

Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 14.6% and no vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure Microsoft Excel For Mac +8
NVD
CVSS 3.0
6.5
EPSS
14.6%
CVE-2016-7244 MEDIUM This Month

Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability.". Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 16.7% and no vendor patch available.

Microsoft Denial Of Service Authentication Bypass Office
NVD
CVSS 3.0
5.5
EPSS
16.7%
CVE-2016-7251 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "MDS API XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Sql Server
NVD
CVSS 3.0
6.1
EPSS
7.6%
CVE-2016-7209 MEDIUM This Month

Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability.". Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Microsoft Edge
NVD
CVSS 3.0
5.3
EPSS
6.8%
CVE-2016-7223 MEDIUM This Month

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2016-7218 MEDIUM This Month

Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
4.7
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy