Skip to main content

Windows 10

2872 CVEs product

Monthly

CVE-2017-11784 MEDIUM PATCH This Month

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, allows an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +3
NVD
CVSS 3.0
5.5
EPSS
8.0%
CVE-2017-11783 HIGH PATCH This Week

Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
7.0
EPSS
3.6%
CVE-2017-11782 HIGH PATCH This Week

The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-11781 HIGH PATCH Act Now

The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 21.8%.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.5
EPSS
21.8%
CVE-2017-11780 HIGH PATCH Act Now

The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 10.0%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
10.0%
CVE-2017-11779 HIGH PATCH Act Now

The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 38.3%.

RCE Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
8.1
EPSS
38.3%
CVE-2017-11772 HIGH PATCH Act Now

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.7%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.5
EPSS
22.7%
CVE-2017-11771 CRITICAL PATCH Act Now

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 65.6%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
9.8
EPSS
65.6%
CVE-2017-11769 HIGH PATCH Act Now

The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles loading dll files,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 33.9%.

RCE Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.8
EPSS
33.9%
CVE-2017-11765 MEDIUM PATCH This Month

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
8.0%
CVE-2017-11763 HIGH PATCH Act Now

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 40.7%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
8.8
EPSS
40.7%
CVE-2017-11762 HIGH PATCH Act Now

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 40.7%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
8.8
EPSS
40.7%
CVE-2017-8746 MEDIUM PATCH This Month

Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes functions and processes user supplied code, aka. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 Windows Server 2016
NVD
CVSS 3.0
5.3
EPSS
1.7%
CVE-2017-8720 HIGH PATCH This Week

The Microsoft Windows graphics component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2017-8719 MEDIUM PATCH This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
4.7
EPSS
3.5%
CVE-2017-8716 MEDIUM PATCH This Month

Windows Control Flow Guard in Microsoft Windows 10 Version 1703 allows an attacker to run a specially crafted application to bypass Control Flow Guard, due to the way that Control Flow Guard handles. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10
NVD
CVSS 3.0
5.3
EPSS
2.3%
CVE-2017-8714 HIGH PATCH This Week

The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to. Rated high severity (CVSS 7.8).

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2012 +1
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2017-8713 MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure. Rated medium severity (CVSS 5.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Server 2012 +1
NVD
CVSS 3.0
5.3
EPSS
3.2%
CVE-2017-8712 MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated. Rated medium severity (CVSS 5.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
5.3
EPSS
3.2%
CVE-2017-8711 MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user. Rated medium severity (CVSS 5.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
5.3
EPSS
3.2%
CVE-2017-8709 MEDIUM PATCH This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
4.7
EPSS
3.5%
CVE-2017-8708 MEDIUM POC PATCH THREAT This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 4.7). Public exploit code available and EPSS exploitation probability 19.3%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
4.7
EPSS
19.3%
CVE-2017-8707 MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an. Rated medium severity (CVSS 5.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Server 2008 +1
NVD
CVSS 3.0
5.3
EPSS
3.2%
CVE-2017-8706 MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from. Rated medium severity (CVSS 5.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
5.3
EPSS
3.2%
CVE-2017-8704 MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from an authenticated user on a. Rated medium severity (CVSS 5.3).

Denial Of Service Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2017-8702 HIGH PATCH This Week

Windows Error Reporting (WER) in Microsoft Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows an attacker to gain greater access to sensitive information and system functionality, due to. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.0
EPSS
0.9%
CVE-2017-8699 HIGH PATCH Act Now

Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Epss exploitation probability 30.6%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
30.6%
CVE-2017-8695 MEDIUM PATCH This Month

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016;. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 25.7%.

Microsoft Information Disclosure Live Meeting Lync Office +11
NVD
CVSS 3.0
5.3
EPSS
25.7%
CVE-2017-8692 HIGH PATCH Act Now

The Windows Uniscribe component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote code execution. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 25.6%.

Buffer Overflow RCE Microsoft Windows 10 Windows Rt 8 1 +2
NVD
CVSS 3.0
7.5
EPSS
25.6%
CVE-2017-8688 MEDIUM PATCH This Month

Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
6.2%
CVE-2017-8687 MEDIUM POC PATCH THREAT This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 22.7%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
22.7%
CVE-2017-8683 MEDIUM POC PATCH THREAT This Month

Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 18.2%.

RCE Microsoft Information Disclosure Windows 10 Windows 7 +4
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
18.2%
CVE-2017-8682 HIGH POC PATCH THREAT Act Now

Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, Windows Server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 66.0%.

RCE Microsoft Office 2007 Office 2010 Office Word Viewer +7
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
66.0%
Threat
5.2
CVE-2017-8681 MEDIUM POC PATCH THREAT This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 20.3%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
20.3%
CVE-2017-8679 MEDIUM PATCH This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
6.2%
CVE-2017-8678 MEDIUM POC PATCH THREAT This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 20.3%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
20.3%
CVE-2017-8677 MEDIUM PATCH This Month

The Windows GDI+ component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
8.0%
CVE-2017-8676 LOW PATCH Monitor

The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607,. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Live Meeting Lync Office +11
NVD
CVSS 3.0
3.3
EPSS
7.6%
CVE-2017-8675 HIGH PATCH This Week

The Windows Kernel-Mode Drivers component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607,. Rated high severity (CVSS 7.0). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
1.1%
CVE-2017-8648 MEDIUM PATCH This Month

Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.8%.

Microsoft Information Disclosure Windows 10
NVD
CVSS 3.0
4.3
EPSS
12.8%
CVE-2017-8628 MEDIUM PATCH This Month

Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +2
NVD
CVSS 3.0
6.8
EPSS
0.5%
CVE-2017-8597 MEDIUM PATCH This Month

Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.8%.

Microsoft Information Disclosure Windows 10
NVD
CVSS 3.0
4.3
EPSS
12.8%
CVE-2017-0161 HIGH PATCH Act Now

The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.8%.

RCE Race Condition Microsoft Windows 10 Windows 7 +5
NVD
CVSS 3.0
8.1
EPSS
16.8%
CVE-2017-8673 MEDIUM PATCH This Month

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 10 1703 allows an attacker to connect to a target system using RDP and send specially crafted requests, aka "Windows Remote. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 22.6%.

Denial Of Service Microsoft Windows 10
NVD
CVSS 3.0
5.9
EPSS
22.6%
CVE-2017-8666 MEDIUM PATCH This Month

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
2.8%
CVE-2017-8664 HIGH PATCH This Week

Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2012 +1
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2017-8633 HIGH PATCH Act Now

Windows Error Reporting (WER) in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 14.0%.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.5
EPSS
14.0%
CVE-2017-8627 MEDIUM PATCH This Month

Windows Subsystem for Linux in Windows 10 1703, allows a denial of service vulnerability due to the way it handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability". Rated medium severity (CVSS 4.7). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Microsoft Windows 10
NVD
CVSS 3.0
4.7
EPSS
0.6%
CVE-2017-8624 HIGH PATCH This Week

CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-8623 MEDIUM PATCH This Month

Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system,. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
6.8
EPSS
1.5%
CVE-2017-8622 HIGH PATCH This Week

Windows Subsystem for Linux in Windows 10 1703 allows an elevation of privilege vulnerability when it fails to properly handle handles NT pipes, aka "Windows Subsystem for Linux Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2017-8620 HIGH PATCH Act Now

Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 54.6%.

Buffer Overflow RCE Microsoft Windows 10 Windows 7 +5
NVD
CVSS 3.0
8.1
EPSS
54.6%
CVE-2017-8593 HIGH PATCH This Week

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
0.7%
CVE-2017-8591 HIGH PATCH This Week

Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
7.8
EPSS
3.1%
CVE-2017-0293 HIGH PATCH Act Now

Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 22.5%.

Buffer Overflow RCE Microsoft Windows 10 Windows 8 1 +4
NVD
CVSS 3.0
7.5
EPSS
22.5%
CVE-2017-0250 HIGH PATCH Act Now

Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 23.5%.

Buffer Overflow RCE Microsoft Windows 10 Windows 7 +5
NVD
CVSS 3.0
7.8
EPSS
23.5%
CVE-2017-0174 MEDIUM PATCH This Month

Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2017-8592 MEDIUM PATCH This Month

Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 29.4%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +6
NVD
CVSS 3.0
6.5
EPSS
29.4%
CVE-2017-8590 HIGH PATCH This Week

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2017-8589 CRITICAL PATCH Act Now

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 28.4%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
9.8
EPSS
28.4%
CVE-2017-8588 HIGH PATCH Act Now

Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Epss exploitation probability 28.9%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
28.9%
CVE-2017-8587 MEDIUM PATCH This Month

Windows Explorer in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511 allows a denial of service vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 16.5%.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +3
NVD
CVSS 3.0
6.5
EPSS
16.5%
CVE-2017-8584 HIGH PATCH This Week

Windows 10 1607 and Windows Server 2016 allow an attacker to execute code remotely via a specially crafted WiFi packet aka "HoloLens Remote Code Execution Vulnerability.". Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

RCE Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.5
EPSS
2.1%
CVE-2017-8582 MEDIUM PATCH This Month

HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.6%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.9
EPSS
12.6%
CVE-2017-8581 HIGH PATCH This Week

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
1.3%
CVE-2017-8580 HIGH PATCH This Week

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
1.0%
CVE-2017-8578 HIGH PATCH Act Now

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 12.1%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
12.1%
CVE-2017-8577 HIGH PATCH This Week

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
1.0%
CVE-2017-8574 HIGH PATCH This Week

Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.0
EPSS
1.0%
CVE-2017-8573 HIGH PATCH This Week

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
1.0%
CVE-2017-8566 HIGH PATCH This Week

Microsoft Windows 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows Input Method Editor (IME) improperly handling parameters in a method of a DCOM. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.0
EPSS
0.6%
CVE-2017-8565 HIGH PATCH Act Now

Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 31.4%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
8.1
EPSS
31.4%
CVE-2017-8564 MEDIUM POC PATCH THREAT This Month

Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 22.9%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
22.9%
CVE-2017-8563 HIGH PATCH Act Now

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 17.9%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
8.1
EPSS
17.9%
CVE-2017-8562 HIGH PATCH This Week

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
7.0
EPSS
0.5%
CVE-2017-8561 HIGH PATCH This Week

Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2017-8557 MEDIUM PATCH This Month

Windows System Information Console in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

Microsoft XXE Information Disclosure Windows 10 Windows 7 +5
NVD
CVSS 3.0
5.5
EPSS
1.5%
CVE-2017-8556 HIGH PATCH This Week

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
1.0%
CVE-2017-8495 HIGH PATCH Act Now

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 16.4%.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.5
EPSS
16.4%
CVE-2017-8486 MEDIUM PATCH This Month

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
4.7
EPSS
1.4%
CVE-2017-8467 HIGH PATCH This Week

Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
1.0%
CVE-2017-8463 HIGH PATCH Act Now

Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 35.6%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
35.6%
CVE-2017-0170 MEDIUM PATCH This Month

Windows Performance Monitor in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.0%.

Microsoft XXE Information Disclosure Windows 10 Windows 7 +4
NVD
CVSS 3.0
6.5
EPSS
18.0%
CVE-2017-8579 HIGH PATCH This Week

The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted. Rated high severity (CVSS 7.0).

RCE Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.0
EPSS
0.7%
CVE-2017-8576 HIGH PATCH This Week

The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted. Rated high severity (CVSS 7.0).

RCE Microsoft Windows 10 Windows Server 2016
NVD
CVSS 3.0
7.0
EPSS
1.3%
CVE-2017-8575 MEDIUM PATCH This Month

The kernel in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application, aka "Microsoft Graphics. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
5.5
EPSS
2.1%
CVE-2017-8554 MEDIUM PATCH This Month

The kernel in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
4.7
EPSS
1.3%
CVE-2017-8544 MEDIUM PATCH This Month

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
3.5%
CVE-2017-8533 MEDIUM PATCH This Month

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 24.5%.

Microsoft Information Disclosure Office Windows 10 Windows 7 +5
NVD
CVSS 3.0
6.5
EPSS
24.5%
CVE-2017-8532 MEDIUM PATCH This Month

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 21.6%.

Microsoft Information Disclosure Office Windows 10 Windows 7 +5
NVD
CVSS 3.0
6.5
EPSS
21.6%
EPSS 8% CVSS 5.5
MEDIUM PATCH This Month

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, allows an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 4% CVSS 7.0
HIGH PATCH This Week

Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +4
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +1
NVD
EPSS 22% CVSS 7.5
HIGH PATCH Act Now

The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 21.8%.

Denial Of Service Microsoft Windows 10 +6
NVD
EPSS 10% CVSS 7.0
HIGH PATCH Act Now

The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 10.0%.

RCE Microsoft Windows 10 +6
NVD
EPSS 38% CVSS 8.1
HIGH PATCH Act Now

The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 38.3%.

RCE Microsoft Windows 10 +4
NVD
EPSS 23% CVSS 7.5
HIGH PATCH Act Now

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.7%.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 66% CVSS 9.8
CRITICAL PATCH Act Now

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 65.6%.

RCE Microsoft Windows 10 +6
NVD
EPSS 34% CVSS 7.8
HIGH PATCH Act Now

The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles loading dll files,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 33.9%.

RCE Microsoft Windows 10 +1
NVD
EPSS 8% CVSS 5.5
MEDIUM PATCH This Month

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 41% CVSS 8.8
HIGH PATCH Act Now

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 40.7%.

RCE Microsoft Windows 10 +6
NVD
EPSS 41% CVSS 8.8
HIGH PATCH Act Now

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 40.7%.

RCE Microsoft Windows 10 +6
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Windows Device Guard in Windows 10 1607, 1703, and Windows Server 2016 allows A security feature bypass vulnerability due to how PowerShell exposes functions and processes user supplied code, aka. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

The Microsoft Windows graphics component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 4% CVSS 4.7
MEDIUM PATCH This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Windows Control Flow Guard in Microsoft Windows 10 Version 1703 allows an attacker to run a specially crafted application to bypass Control Flow Guard, due to the way that Control Flow Guard handles. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to. Rated high severity (CVSS 7.8).

RCE Microsoft Windows 10 +3
NVD
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure. Rated medium severity (CVSS 5.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +3
NVD
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated. Rated medium severity (CVSS 5.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +1
NVD
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user. Rated medium severity (CVSS 5.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +1
NVD
EPSS 4% CVSS 4.7
MEDIUM PATCH This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 19% CVSS 4.7
MEDIUM POC PATCH THREAT This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 4.7). Public exploit code available and EPSS exploitation probability 19.3%.

Microsoft Information Disclosure Windows 10 +6
NVD Exploit-DB
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an. Rated medium severity (CVSS 5.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +3
NVD
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from. Rated medium severity (CVSS 5.3). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +1
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from an authenticated user on a. Rated medium severity (CVSS 5.3).

Denial Of Service Microsoft Windows 10 +1
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Windows Error Reporting (WER) in Microsoft Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows an attacker to gain greater access to sensitive information and system functionality, due to. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +1
NVD
EPSS 31% CVSS 7.0
HIGH PATCH Act Now

Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Epss exploitation probability 30.6%.

RCE Microsoft Windows 10 +6
NVD
EPSS 26% CVSS 5.3
MEDIUM PATCH This Month

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016;. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 25.7%.

Microsoft Information Disclosure Live Meeting +13
NVD
EPSS 26% CVSS 7.5
HIGH PATCH Act Now

The Windows Uniscribe component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote code execution. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 25.6%.

Buffer Overflow RCE Microsoft +4
NVD
EPSS 6% CVSS 5.5
MEDIUM PATCH This Month

Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 23% CVSS 5.5
MEDIUM POC PATCH THREAT This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 22.7%.

Microsoft Information Disclosure Windows 10 +6
NVD Exploit-DB
EPSS 18% CVSS 5.5
MEDIUM POC PATCH THREAT This Month

Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 18.2%.

RCE Microsoft Information Disclosure +6
NVD Exploit-DB
EPSS 66% 5.2 CVSS 8.8
HIGH POC PATCH THREAT Act Now

Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, Windows Server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 66.0%.

RCE Microsoft Office 2007 +9
NVD Exploit-DB
EPSS 20% CVSS 5.5
MEDIUM POC PATCH THREAT This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 20.3%.

Microsoft Information Disclosure Windows 10 +6
NVD Exploit-DB
EPSS 6% CVSS 5.5
MEDIUM PATCH This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 20% CVSS 5.5
MEDIUM POC PATCH THREAT This Month

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 20.3%.

Microsoft Information Disclosure Windows 10 +6
NVD Exploit-DB
EPSS 8% CVSS 5.5
MEDIUM PATCH This Month

The Windows GDI+ component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 8% CVSS 3.3
LOW PATCH Monitor

The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607,. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Live Meeting +13
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

The Windows Kernel-Mode Drivers component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607,. Rated high severity (CVSS 7.0). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 10 +6
NVD
EPSS 13% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.8%.

Microsoft Information Disclosure Windows 10
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required.

Microsoft Information Disclosure Windows 10 +4
NVD
EPSS 13% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.8%.

Microsoft Information Disclosure Windows 10
NVD
EPSS 17% CVSS 8.1
HIGH PATCH Act Now

The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.8%.

RCE Race Condition Microsoft +7
NVD
EPSS 23% CVSS 5.9
MEDIUM PATCH This Month

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 10 1703 allows an attacker to connect to a target system using RDP and send specially crafted requests, aka "Windows Remote. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 22.6%.

Denial Of Service Microsoft Windows 10
NVD
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 +3
NVD
EPSS 14% CVSS 7.5
HIGH PATCH Act Now

Windows Error Reporting (WER) in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 14.0%.

Microsoft Authentication Bypass Windows 10 +6
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

Windows Subsystem for Linux in Windows 10 1703, allows a denial of service vulnerability due to the way it handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability". Rated medium severity (CVSS 4.7). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Microsoft +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system,. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Subsystem for Linux in Windows 10 1703 allows an elevation of privilege vulnerability when it fails to properly handle handles NT pipes, aka "Windows Subsystem for Linux Elevation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10
NVD
EPSS 55% CVSS 8.1
HIGH PATCH Act Now

Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 54.6%.

Buffer Overflow RCE Microsoft +7
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 +4
NVD
EPSS 23% CVSS 7.5
HIGH PATCH Act Now

Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 22.5%.

Buffer Overflow RCE Microsoft +6
NVD
EPSS 24% CVSS 7.8
HIGH PATCH Act Now

Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 23.5%.

Buffer Overflow RCE Microsoft +7
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 +6
NVD
EPSS 29% CVSS 6.5
MEDIUM PATCH This Month

Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 29.4%.

Microsoft Information Disclosure Windows 10 +8
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 28% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 28.4%.

RCE Microsoft Windows 10 +6
NVD
EPSS 29% CVSS 7.0
HIGH PATCH Act Now

Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Epss exploitation probability 28.9%.

RCE Microsoft Windows 10 +6
NVD
EPSS 16% CVSS 6.5
MEDIUM PATCH This Month

Windows Explorer in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511 allows a denial of service vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 16.5%.

Denial Of Service Microsoft Windows 10 +5
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Windows 10 1607 and Windows Server 2016 allow an attacker to execute code remotely via a specially crafted WiFi packet aka "HoloLens Remote Code Execution Vulnerability.". Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

RCE Microsoft Windows 10 +1
NVD
EPSS 13% CVSS 5.9
MEDIUM PATCH This Month

HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 12.6%.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 12% CVSS 7.8
HIGH PATCH Act Now

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 12.1%.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +1
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Microsoft Windows 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows Input Method Editor (IME) improperly handling parameters in a method of a DCOM. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +1
NVD
EPSS 31% CVSS 8.1
HIGH PATCH Act Now

Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 31.4%.

RCE Microsoft Windows 10 +6
NVD
EPSS 23% CVSS 5.5
MEDIUM POC PATCH THREAT This Month

Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 22.9%.

Microsoft Information Disclosure Windows 10 +6
NVD Exploit-DB
EPSS 18% CVSS 8.1
HIGH PATCH Act Now

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 17.9%.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +4
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

Windows System Information Console in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

Microsoft XXE Information Disclosure +7
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 16% CVSS 7.5
HIGH PATCH Act Now

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 16.4%.

Microsoft Authentication Bypass Windows 10 +6
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 36% CVSS 7.8
HIGH PATCH Act Now

Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 35.6%.

RCE Microsoft Windows 10 +6
NVD
EPSS 18% CVSS 6.5
MEDIUM PATCH This Month

Windows Performance Monitor in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.0%.

Microsoft XXE Information Disclosure +6
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted. Rated high severity (CVSS 7.0).

RCE Microsoft Windows 10 +1
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted. Rated high severity (CVSS 7.0).

RCE Microsoft Windows 10 +1
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

The kernel in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application, aka "Microsoft Graphics. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +1
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

The kernel in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 24% CVSS 6.5
MEDIUM PATCH This Month

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 24.5%.

Microsoft Information Disclosure Office +7
NVD
EPSS 22% CVSS 6.5
MEDIUM PATCH This Month

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 21.6%.

Microsoft Information Disclosure Office +7
NVD
Prev Page 28 of 32 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy