Skip to main content

Windows 10

2872 CVEs product

Monthly

CVE-2016-0133 MEDIUM This Month

The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation Microsoft Windows 10 Windows 7 +4
NVD
CVSS 3.0
6.8
EPSS
0.5%
CVE-2016-0121 HIGH POC THREAT Act Now

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 47.2%.

Adobe RCE Microsoft Windows 10 Windows 7 +5
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
47.2%
Threat
4.7
CVE-2016-0120 MEDIUM POC THREAT This Month

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 52.6%.

Adobe Denial Of Service Microsoft Windows 10 Windows 7 +5
NVD Exploit-DB
CVSS 3.0
6.5
EPSS
52.6%
Threat
4.4
CVE-2016-0118 HIGH Act Now

The PDF library in Microsoft Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 47.2% and no vendor patch available.

RCE Microsoft Windows 10
NVD
CVSS 3.0
7.8
EPSS
47.2%
CVE-2016-0117 HIGH Act Now

The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 34.9% and no vendor patch available.

RCE Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +1
NVD
CVSS 3.0
7.8
EPSS
34.9%
CVE-2016-0101 HIGH Act Now

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 48.3% and no vendor patch available.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +3
NVD
CVSS 3.0
8.8
EPSS
48.3%
CVE-2016-0098 HIGH Act Now

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 48.3% and no vendor patch available.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +3
NVD
CVSS 3.0
8.8
EPSS
48.3%
CVE-2016-0096 HIGH This Week

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-0095 HIGH Act Now

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Epss exploitation probability 15.3% and no vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
15.3%
CVE-2016-0094 HIGH POC This Week

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
2.9%
CVE-2016-0093 HIGH POC This Week

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
3.2%
CVE-2016-0092 HIGH Act Now

OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 47.2% and no vendor patch available.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
47.2%
CVE-2016-0091 HIGH Act Now

OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 30.7% and no vendor patch available.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
30.7%
CVE-2016-0058 HIGH PATCH Act Now

Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted PDF document that triggers. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 26.3%.

RCE Buffer Overflow Microsoft Windows 10 Windows 8 1 +1
NVD
CVSS 3.0
7.8
EPSS
26.3%
CVE-2016-0049 MEDIUM POC This Month

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 1 +3
NVD Exploit-DB
CVSS 3.0
6.2
EPSS
3.6%
CVE-2016-0048 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-0046 HIGH PATCH Act Now

Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Reader file, aka "Microsoft Windows Reader. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 27.4%.

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2012
NVD
CVSS 3.0
7.8
EPSS
27.4%
CVE-2016-0042 HIGH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2016-0041 HIGH POC THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 58.3%.

RCE Microsoft Internet Explorer Windows 10 Windows 7 +5
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
58.3%
Threat
4.8
CVE-2016-0038 HIGH PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 20.3%.

RCE Buffer Overflow Microsoft Windows 10 Windows 7 +4
NVD
CVSS 3.0
7.8
EPSS
20.3%
CVE-2016-0036 HIGH PATCH Act Now

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote authenticated users to execute arbitrary code. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 17.4%.

RCE Privilege Escalation Microsoft Windows 10 Windows 7 +2
NVD
CVSS 3.0
8.1
EPSS
17.4%
CVE-2016-0019 HIGH This Week

The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Microsoft Windows 10
NVD
CVSS 3.0
8.1
EPSS
9.9%
CVE-2016-0018 HIGH PATCH This Week

Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 +2
NVD
CVSS 3.0
7.3
EPSS
6.8%
CVE-2016-0016 HIGH POC PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

RCE Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
5.6%
CVE-2016-0015 HIGH POC PATCH THREAT Act Now

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 65.1%.

RCE Buffer Overflow Microsoft Windows 10 Windows 7 +5
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
65.1%
Threat
5.0
CVE-2016-0014 HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 3.0
7.8
EPSS
2.5%
CVE-2016-0009 HIGH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka "Win32k. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 24.6% and no vendor patch available.

RCE Privilege Escalation Microsoft Windows 10 Windows 7 +2
NVD
CVSS 3.0
8.8
EPSS
24.6%
CVE-2016-0007 HIGH POC PATCH This Week

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.8%
CVE-2016-0006 HIGH POC PATCH This Week

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 3.0
7.3
EPSS
5.2%
CVE-2015-6174 HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-6173 HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-6171 HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-6133 HIGH POC PATCH THREAT Act Now

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 59.1%.

RCE Privilege Escalation Microsoft Windows 10 Windows 8 +4
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
59.1%
Threat
4.7
CVE-2015-6132 HIGH POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 73.0%.

RCE Privilege Escalation Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
73.0%
Threat
5.1
CVE-2015-6126 HIGH PATCH This Week

Race condition in the Pragmatic General Multicast (PGM) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Race Condition Denial Of Service Microsoft Windows 10 Windows 7 +7
NVD
CVSS 2.0
7.2
EPSS
0.6%
CVE-2015-6107 CRITICAL PATCH Act Now

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 49.4%.

RCE Buffer Overflow Microsoft Live Meeting Lync +12
NVD
CVSS 2.0
9.3
EPSS
49.4%
CVE-2015-6113 LOW PATCH Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
2.1
EPSS
0.3%
CVE-2015-6111 MEDIUM PATCH This Month

IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 8 Windows 8 1 +3
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2015-6109 LOW PATCH Monitor

The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +1
NVD
CVSS 2.0
2.1
EPSS
2.1%
CVE-2015-6104 CRITICAL POC PATCH THREAT Act Now

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.5%.

Adobe RCE Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
54.5%
Threat
5.0
CVE-2015-6103 CRITICAL POC PATCH THREAT Act Now

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.5%.

Adobe RCE Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
54.5%
Threat
5.0
CVE-2015-6102 LOW POC PATCH Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
3.8%
CVE-2015-6101 MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 23.1%.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
23.1%
CVE-2015-6100 MEDIUM POC PATCH This Month

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
5.8%
CVE-2015-6095 MEDIUM PATCH This Month

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 +4
NVD
CVSS 2.0
4.9
EPSS
4.5%
CVE-2015-2478 HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allow. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
2.2%
CVE-2015-2554 HIGH POC PATCH This Week

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
3.5%
CVE-2015-2553 HIGH POC PATCH THREAT Act Now

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.3%.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
13.3%
CVE-2015-2552 HIGH POC PATCH This Week

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows physically proximate attackers to bypass the Trusted Boot protection. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
1.5%
CVE-2015-2550 HIGH PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
2.2%
CVE-2015-2549 HIGH PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
1.5%
CVE-2015-2515 CRITICAL PATCH Act Now

Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.3%.

Memory Corruption Denial Of Service Use After Free Microsoft RCE +9
NVD
CVSS 2.0
9.3
EPSS
42.3%
CVE-2015-2534 LOW PATCH Monitor

Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted. Rated low severity (CVSS 1.9).

Microsoft Authentication Bypass Windows 10 Windows 8 1 Windows Server 2012
NVD
CVSS 2.0
1.9
EPSS
0.6%
CVE-2015-2530 CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
23.1%
CVE-2015-2529 LOW PATCH Monitor

The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +1
NVD
CVSS 2.0
2.1
EPSS
3.3%
CVE-2015-2528 HIGH POC PATCH This Week

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.3%
CVE-2015-2527 HIGH POC PATCH THREAT Act Now

The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 14.9%.

Privilege Escalation Microsoft Windows 10 Windows 8 Windows 8 1 +3
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
14.9%
CVE-2015-2525 HIGH POC PATCH THREAT Act Now

Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 25.3%.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
25.3%
CVE-2015-2524 HIGH POC PATCH THREAT Act Now

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 16.6%.

Privilege Escalation Microsoft Windows 10 Windows 8 Windows 8 1 +3
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
16.6%
CVE-2015-2519 CRITICAL PATCH Act Now

Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.0%.

Integer Overflow RCE Microsoft Windows 10 Windows 7 +7
NVD
CVSS 2.0
9.3
EPSS
28.0%
CVE-2015-2518 MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Buffer Overflow Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
4.7%
CVE-2015-2517 MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Buffer Overflow Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
4.7%
CVE-2015-2516 MEDIUM PATCH This Month

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 12.8%.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
4.3
EPSS
12.8%
CVE-2015-2514 CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
23.1%
CVE-2015-2513 CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
23.1%
CVE-2015-2512 HIGH POC PATCH This Week

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Adobe Privilege Escalation Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
4.0%
CVE-2015-2511 MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
3.5%
CVE-2015-2508 HIGH POC This Week

The Adobe Type Manager Library in Microsoft Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability.". Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Adobe Privilege Escalation Microsoft Windows 10
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
4.8%
CVE-2015-2507 HIGH POC PATCH This Week

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Adobe Privilege Escalation Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
8.3%
CVE-2015-2506 CRITICAL PATCH Act Now

atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.4%.

Adobe Denial Of Service Microsoft Windows 10 Windows 7 +7
NVD
CVSS 2.0
9.3
EPSS
23.4%
CVE-2015-2472 MEDIUM PATCH This Month

Remote Desktop Session Host (RDSH) in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
4.3
EPSS
3.3%
CVE-2015-2465 LOW PATCH Monitor

The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
2.1
EPSS
0.6%
CVE-2015-2462 CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.5%.

Adobe RCE Microsoft Net Framework Windows 10 +8
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
41.5%
Threat
4.6
CVE-2015-2461 CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.1%.

Adobe RCE Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
41.1%
Threat
4.6
CVE-2015-2459 CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.7%.

Adobe RCE Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
54.7%
Threat
5.0
CVE-2015-2458 CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.7%.

Adobe RCE Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
54.7%
Threat
5.0
CVE-2015-2456 CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.5%.

RCE Microsoft Net Framework Live Meeting Lync +12
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
41.5%
Threat
4.6
CVE-2015-2455 CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 53.2%.

RCE Microsoft Net Framework Live Meeting Lync +12
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
53.2%
Threat
5.0
CVE-2015-2453 MEDIUM PATCH This Month

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
4.7
EPSS
3.8%
CVE-2015-2435 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 30.2%.

RCE Microsoft Net Framework Live Meeting Lync +12
NVD
CVSS 2.0
9.3
EPSS
30.2%
CVE-2015-2433 LOW POC PATCH THREAT Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 17.6%.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
17.6%
CVE-2015-2423 MEDIUM PATCH This Month

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9%.

Information Disclosure Microsoft Excel Office Powerpoint +12
NVD
CVSS 2.0
4.3
EPSS
14.9%
EPSS 0% CVSS 6.8
MEDIUM This Month

The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation Microsoft +6
NVD
EPSS 47% 4.7 CVSS 8.8
HIGH POC THREAT Act Now

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 47.2%.

Adobe RCE Microsoft +7
NVD Exploit-DB
EPSS 53% 4.4 CVSS 6.5
MEDIUM POC THREAT This Month

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 52.6%.

Adobe Denial Of Service Microsoft +7
NVD Exploit-DB
EPSS 47% CVSS 7.8
HIGH Act Now

The PDF library in Microsoft Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 47.2% and no vendor patch available.

RCE Microsoft Windows 10
NVD
EPSS 35% CVSS 7.8
HIGH Act Now

The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 34.9% and no vendor patch available.

RCE Microsoft Windows 10 +3
NVD
EPSS 48% CVSS 8.8
HIGH Act Now

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 48.3% and no vendor patch available.

RCE Microsoft Windows 10 +5
NVD
EPSS 48% CVSS 8.8
HIGH Act Now

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 48.3% and no vendor patch available.

RCE Microsoft Windows 10 +5
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 +6
NVD
EPSS 15% CVSS 7.8
HIGH Act Now

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Epss exploitation probability 15.3% and no vendor patch available.

Privilege Escalation Microsoft Windows 10 +6
NVD
EPSS 3% CVSS 7.8
HIGH POC This Week

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 10 +6
NVD Exploit-DB
EPSS 3% CVSS 7.8
HIGH POC This Week

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 10 +6
NVD Exploit-DB
EPSS 47% CVSS 7.8
HIGH Act Now

OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 47.2% and no vendor patch available.

RCE Microsoft Windows 10 +6
NVD
EPSS 31% CVSS 7.8
HIGH Act Now

OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 30.7% and no vendor patch available.

RCE Microsoft Windows 10 +6
NVD
EPSS 26% CVSS 7.8
HIGH PATCH Act Now

Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted PDF document that triggers. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 26.3%.

RCE Buffer Overflow Microsoft +3
NVD
EPSS 4% CVSS 6.2
MEDIUM POC This Month

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Windows 10 +5
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 +6
NVD
EPSS 27% CVSS 7.8
HIGH PATCH Act Now

Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Reader file, aka "Microsoft Windows Reader. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 27.4%.

RCE Microsoft Windows 10 +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Windows 10 +6
NVD
EPSS 58% 4.8 CVSS 7.8
HIGH POC THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 58.3%.

RCE Microsoft Internet Explorer +7
NVD Exploit-DB
EPSS 20% CVSS 7.8
HIGH PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 20.3%.

RCE Buffer Overflow Microsoft +6
NVD
EPSS 17% CVSS 8.1
HIGH PATCH Act Now

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote authenticated users to execute arbitrary code. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 17.4%.

RCE Privilege Escalation Microsoft +4
NVD
EPSS 10% CVSS 8.1
HIGH This Week

The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Microsoft Windows 10
NVD
EPSS 7% CVSS 7.3
HIGH PATCH This Week

Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 +4
NVD
EPSS 6% CVSS 7.8
HIGH POC PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

RCE Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 65% 5.0 CVSS 7.8
HIGH POC PATCH THREAT Act Now

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 65.1%.

RCE Buffer Overflow Microsoft +7
NVD Exploit-DB
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 +8
NVD
EPSS 25% CVSS 8.8
HIGH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka "Win32k. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 24.6% and no vendor patch available.

RCE Privilege Escalation Microsoft +4
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 5% CVSS 7.3
HIGH POC PATCH This Week

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 59% 4.7 CVSS 7.2
HIGH POC PATCH THREAT Act Now

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 59.1%.

RCE Privilege Escalation Microsoft +6
NVD Exploit-DB
EPSS 73% 5.1 CVSS 7.2
HIGH POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 73.0%.

RCE Privilege Escalation Microsoft +9
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Race condition in the Pragmatic General Multicast (PGM) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Race Condition Denial Of Service Microsoft +9
NVD
EPSS 49% CVSS 9.3
CRITICAL PATCH Act Now

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 49.4%.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 +8
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 +5
NVD
EPSS 2% CVSS 2.1
LOW PATCH Monitor

The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 +3
NVD
EPSS 55% 5.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.5%.

Adobe RCE Microsoft +9
NVD Exploit-DB
EPSS 55% 5.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.5%.

Adobe RCE Microsoft +9
NVD Exploit-DB
EPSS 4% CVSS 2.1
LOW POC PATCH Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 23% CVSS 6.9
MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 23.1%.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 6% CVSS 6.9
MEDIUM POC PATCH This Month

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 5% CVSS 4.9
MEDIUM PATCH This Month

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 +6
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allow. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 +8
NVD
EPSS 4% CVSS 7.2
HIGH POC PATCH This Week

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 13% CVSS 7.2
HIGH POC PATCH THREAT Act Now

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.3%.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows physically proximate attackers to bypass the Trusted Boot protection. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 +8
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 +8
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 10 +8
NVD
EPSS 42% CVSS 9.3
CRITICAL PATCH Act Now

Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.3%.

Memory Corruption Denial Of Service Use After Free +11
NVD
EPSS 1% CVSS 1.9
LOW PATCH Monitor

Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted. Rated low severity (CVSS 1.9).

Microsoft Authentication Bypass Windows 10 +2
NVD
EPSS 23% CVSS 9.3
CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 +8
NVD
EPSS 3% CVSS 2.1
LOW PATCH Monitor

The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 +3
NVD
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 15% CVSS 7.2
HIGH POC PATCH THREAT Act Now

The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 14.9%.

Privilege Escalation Microsoft Windows 10 +5
NVD Exploit-DB
EPSS 25% CVSS 7.2
HIGH POC PATCH THREAT Act Now

Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 25.3%.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 17% CVSS 7.2
HIGH POC PATCH THREAT Act Now

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 16.6%.

Privilege Escalation Microsoft Windows 10 +5
NVD Exploit-DB
EPSS 28% CVSS 9.3
CRITICAL PATCH Act Now

Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.0%.

Integer Overflow RCE Microsoft +9
NVD
EPSS 5% CVSS 6.9
MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Buffer Overflow Microsoft +9
NVD Exploit-DB
EPSS 5% CVSS 6.9
MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Buffer Overflow Microsoft +9
NVD Exploit-DB
EPSS 13% CVSS 4.3
MEDIUM PATCH This Month

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 12.8%.

Denial Of Service Microsoft Windows 10 +8
NVD
EPSS 23% CVSS 9.3
CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 +8
NVD
EPSS 23% CVSS 9.3
CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 +8
NVD
EPSS 4% CVSS 7.2
HIGH POC PATCH This Week

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Adobe Privilege Escalation Microsoft +9
NVD Exploit-DB
EPSS 4% CVSS 6.9
MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Buffer Overflow Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 5% CVSS 7.2
HIGH POC This Week

The Adobe Type Manager Library in Microsoft Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability.". Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Adobe Privilege Escalation Microsoft +1
NVD Exploit-DB
EPSS 8% CVSS 7.2
HIGH POC PATCH This Week

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Adobe Privilege Escalation Microsoft +9
NVD Exploit-DB
EPSS 23% CVSS 9.3
CRITICAL PATCH Act Now

atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.4%.

Adobe Denial Of Service Microsoft +9
NVD
EPSS 3% CVSS 4.3
MEDIUM PATCH This Month

Remote Desktop Session Host (RDSH) in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 10 +8
NVD
EPSS 1% CVSS 2.1
LOW PATCH Monitor

The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 +8
NVD
EPSS 42% 4.6 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.5%.

Adobe RCE Microsoft +10
NVD Exploit-DB
EPSS 41% 4.6 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.1%.

Adobe RCE Microsoft +9
NVD Exploit-DB
EPSS 55% 5.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.7%.

Adobe RCE Microsoft +9
NVD Exploit-DB
EPSS 55% 5.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.7%.

Adobe RCE Microsoft +9
NVD Exploit-DB
EPSS 42% 4.6 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.5%.

RCE Microsoft Net Framework +14
NVD Exploit-DB
EPSS 53% 5.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 53.2%.

RCE Microsoft Net Framework +14
NVD Exploit-DB
EPSS 4% CVSS 4.7
MEDIUM PATCH This Month

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 +8
NVD
EPSS 30% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 30.2%.

RCE Microsoft Net Framework +14
NVD
EPSS 18% CVSS 2.1
LOW POC PATCH THREAT Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 17.6%.

Information Disclosure Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 15% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9%.

Information Disclosure Microsoft Excel +14
NVD
Prev Page 32 of 32

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy