Skip to main content

Windows 8

238 CVEs product

Monthly

CVE-2018-6947 HIGH POC This Week

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Nomachine Windows 10 Windows 7 +1
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
3.1%
CVE-2018-7250 MEDIUM This Month

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 7 Windows 8 Windows 8 1 +2
NVD GitHub
CVSS 3.0
5.5
EPSS
3.0%
CVE-2018-7249 HIGH POC This Week

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Microsoft RCE Windows 7 Windows 8 +3
NVD GitHub
CVSS 3.0
7.0
EPSS
1.5%
CVE-2017-0050 HIGH PATCH This Week

The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7; Windows 8; Windows 10 Gold, 1511, and 1607; Windows RT 8.1; Windows Server 2012 Gold and R2; and Windows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 +5
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2016-0018 HIGH PATCH This Week

Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 Windows 7 Windows 8 +2
NVD
CVSS 3.0
7.3
EPSS
6.8%
CVE-2016-0016 HIGH POC PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

RCE Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
5.6%
CVE-2016-0015 HIGH POC PATCH THREAT Act Now

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 65.1%.

RCE Buffer Overflow Microsoft Windows 10 Windows 7 +5
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
65.1%
Threat
5.0
CVE-2016-0014 HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 3.0
7.8
EPSS
2.5%
CVE-2016-0008 MEDIUM PATCH This Month

The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 3.0
4.3
EPSS
9.7%
CVE-2016-0007 HIGH POC PATCH This Week

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.8%
CVE-2016-0006 HIGH POC PATCH This Week

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 3.0
7.3
EPSS
5.2%
CVE-2015-6174 HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-6173 HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-6171 HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-6133 HIGH POC PATCH THREAT Act Now

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 59.1%.

RCE Privilege Escalation Microsoft Windows 10 Windows 8 +4
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
59.1%
Threat
4.7
CVE-2015-6132 HIGH POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 73.0%.

RCE Privilege Escalation Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
73.0%
Threat
5.1
CVE-2015-6131 CRITICAL POC PATCH THREAT Act Now

Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted .mcl file, aka "Media Center Library. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 59.0%.

RCE Microsoft Windows 7 Windows 8 Windows 8 1 +1
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
59.0%
Threat
5.1
CVE-2015-6127 MEDIUM POC PATCH THREAT This Month

Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 72.0%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +1
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
72.0%
Threat
4.5
CVE-2015-6126 HIGH PATCH This Week

Race condition in the Pragmatic General Multicast (PGM) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Race Condition Denial Of Service Microsoft Windows 10 Windows 7 +7
NVD
CVSS 2.0
7.2
EPSS
0.6%
CVE-2015-6108 CRITICAL PATCH Act Now

The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.4%.

RCE Buffer Overflow Microsoft Live Meeting Lync +13
NVD
CVSS 2.0
9.3
EPSS
44.4%
CVE-2015-6107 CRITICAL PATCH Act Now

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 49.4%.

RCE Buffer Overflow Microsoft Live Meeting Lync +12
NVD
CVSS 2.0
9.3
EPSS
49.4%
CVE-2015-6113 LOW PATCH Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
2.1
EPSS
0.3%
CVE-2015-6112 MEDIUM PATCH This Month

SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 lacks the required. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
5.8
EPSS
6.7%
CVE-2015-6111 MEDIUM PATCH This Month

IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 8 Windows 8 1 +3
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2015-6104 CRITICAL POC PATCH THREAT Act Now

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.5%.

Adobe RCE Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
54.5%
Threat
5.0
CVE-2015-6103 CRITICAL POC PATCH THREAT Act Now

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.5%.

Adobe RCE Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
54.5%
Threat
5.0
CVE-2015-6102 LOW POC PATCH Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
3.8%
CVE-2015-6101 MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 23.1%.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
23.1%
CVE-2015-6100 MEDIUM POC PATCH This Month

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
5.8%
CVE-2015-6095 MEDIUM PATCH This Month

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 +4
NVD
CVSS 2.0
4.9
EPSS
4.5%
CVE-2015-2478 HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allow. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
2.2%
CVE-2015-2554 HIGH POC PATCH This Week

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
3.5%
CVE-2015-2553 HIGH POC PATCH THREAT Act Now

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.3%.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
13.3%
CVE-2015-2552 HIGH POC PATCH This Week

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows physically proximate attackers to bypass the Trusted Boot protection. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
1.5%
CVE-2015-2550 HIGH PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
2.2%
CVE-2015-2549 HIGH PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
1.5%
CVE-2015-2515 CRITICAL PATCH Act Now

Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.3%.

Memory Corruption Denial Of Service Use After Free Microsoft RCE +9
NVD
CVSS 2.0
9.3
EPSS
42.3%
CVE-2015-2530 CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
23.1%
CVE-2015-2528 HIGH POC PATCH This Week

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.3%
CVE-2015-2527 HIGH POC PATCH THREAT Act Now

The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 14.9%.

Privilege Escalation Microsoft Windows 10 Windows 8 Windows 8 1 +3
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
14.9%
CVE-2015-2525 HIGH POC PATCH THREAT Act Now

Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 25.3%.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
25.3%
CVE-2015-2524 HIGH POC PATCH THREAT Act Now

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 16.6%.

Privilege Escalation Microsoft Windows 10 Windows 8 Windows 8 1 +3
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
16.6%
CVE-2015-2519 CRITICAL PATCH Act Now

Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.0%.

Integer Overflow RCE Microsoft Windows 10 Windows 7 +7
NVD
CVSS 2.0
9.3
EPSS
28.0%
CVE-2015-2518 MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Buffer Overflow Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
4.7%
CVE-2015-2517 MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Buffer Overflow Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
4.7%
CVE-2015-2516 MEDIUM PATCH This Month

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 12.8%.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
4.3
EPSS
12.8%
CVE-2015-2514 CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
23.1%
CVE-2015-2513 CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
23.1%
CVE-2015-2512 HIGH POC PATCH This Week

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Adobe Privilege Escalation Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
4.0%
CVE-2015-2511 MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
3.5%
CVE-2015-2509 CRITICAL POC PATCH THREAT Act Now

Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Media Center link (mcl). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 87.9%.

Microsoft RCE Authentication Bypass Windows 7 Windows 8 +2
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
87.9%
Threat
6.0
CVE-2015-2507 HIGH POC PATCH This Week

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Adobe Privilege Escalation Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
8.3%
CVE-2015-2506 CRITICAL PATCH Act Now

atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.4%.

Adobe Denial Of Service Microsoft Windows 10 Windows 7 +7
NVD
CVSS 2.0
9.3
EPSS
23.4%
CVE-2015-2476 LOW PATCH Monitor

The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 supports SSL. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Epss exploitation probability 27.9%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
2.6
EPSS
27.9%
CVE-2015-2472 MEDIUM PATCH This Month

Remote Desktop Session Host (RDSH) in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
4.3
EPSS
3.3%
CVE-2015-2465 LOW PATCH Monitor

The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
2.1
EPSS
0.6%
CVE-2015-2464 CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 48.1%.

RCE Microsoft Net Framework Live Meeting Lync +11
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
48.1%
Threat
4.8
CVE-2015-2463 CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 38.6%.

RCE Microsoft Net Framework Live Meeting Lync +11
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
38.6%
Threat
4.5
CVE-2015-2462 CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.5%.

Adobe RCE Microsoft Net Framework Windows 10 +8
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
41.5%
Threat
4.6
CVE-2015-2461 CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.1%.

Adobe RCE Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
41.1%
Threat
4.6
CVE-2015-2459 CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.7%.

Adobe RCE Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
54.7%
Threat
5.0
CVE-2015-2458 CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.7%.

Adobe RCE Microsoft Windows 10 Windows 7 +7
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
54.7%
Threat
5.0
CVE-2015-2456 CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.5%.

RCE Microsoft Net Framework Live Meeting Lync +12
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
41.5%
Threat
4.6
CVE-2015-2455 CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 53.2%.

RCE Microsoft Net Framework Live Meeting Lync +12
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
53.2%
Threat
5.0
CVE-2015-2454 LOW PATCH Monitor

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
2.1
EPSS
1.0%
CVE-2015-2453 MEDIUM PATCH This Month

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
4.7
EPSS
3.8%
CVE-2015-2435 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 30.2%.

RCE Microsoft Net Framework Live Meeting Lync +12
NVD
CVSS 2.0
9.3
EPSS
30.2%
CVE-2015-2433 LOW POC PATCH THREAT Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 17.6%.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
17.6%
CVE-2015-2432 CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 50.6%.

Adobe RCE Microsoft Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
50.6%
Threat
4.9
CVE-2015-2430 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
9.3
EPSS
5.3%
CVE-2015-2429 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
9.3
EPSS
5.3%
CVE-2015-2428 LOW PATCH Monitor

Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
2.1
EPSS
1.1%
CVE-2015-2423 MEDIUM PATCH This Month

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9%.

Information Disclosure Microsoft Excel Office Powerpoint +12
NVD
CVSS 2.0
4.3
EPSS
14.9%
CVE-2015-2417 MEDIUM This Month

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Information Disclosure Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
5.0
EPSS
15.5%
CVE-2015-2416 MEDIUM This Month

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Information Disclosure Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
5.0
EPSS
15.5%
CVE-2015-2382 LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 8 Windows 8 1 Windows Rt +2
NVD
CVSS 2.0
2.1
EPSS
1.5%
CVE-2015-2381 LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +3
NVD
CVSS 2.0
2.1
EPSS
1.5%
CVE-2015-2371 MEDIUM This Month

The Windows Installer service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
6.9
EPSS
0.7%
CVE-2015-2370 HIGH POC This Week

The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
9.7%
CVE-2015-2367 LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
2.1
EPSS
3.2%
CVE-2015-2366 HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.9%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
27.9%
CVE-2015-2365 HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.9%.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
27.9%
CVE-2015-2364 HIGH This Week

The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-2363 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +5
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-2373 CRITICAL Emergency

The Remote Desktop Protocol (RDP) server service in Microsoft Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a series of crafted packets, aka. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 69.2% and no vendor patch available.

RCE Microsoft Windows 7 Windows 8 Windows Server 2012
NVD
CVSS 2.0
10.0
EPSS
69.2%
Threat
4.1
CVE-2015-2362 HIGH This Week

Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Windows 8 Windows 8 1 Windows Server 2008 +1
NVD
CVSS 2.0
7.2
EPSS
0.7%
CVE-2015-1758 MEDIUM This Month

Untrusted search path vulnerability in the LoadLibrary function in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows Rt +3
NVD
CVSS 2.0
6.9
EPSS
5.4%
CVE-2015-1756 CRITICAL PATCH Act Now

Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.3%.

Memory Corruption Denial Of Service Use After Free Microsoft RCE +8
NVD
CVSS 2.0
9.3
EPSS
44.3%
CVE-2015-1727 HIGH POC PATCH THREAT Act Now

Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 19.7%.

Buffer Overflow Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
19.7%
CVE-2015-1726 HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Memory Corruption Denial Of Service Use After Free Microsoft Windows 7 +8
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
10.9%
EPSS 3% CVSS 7.8
HIGH POC This Week

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Nomachine +3
NVD Exploit-DB
EPSS 3% CVSS 5.5
MEDIUM This Month

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 7 +4
NVD GitHub
EPSS 1% CVSS 7.0
HIGH POC This Week

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Microsoft RCE +5
NVD GitHub
EPSS 4% CVSS 7.8
HIGH PATCH This Week

The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7; Windows 8; Windows 10 Gold, 1511, and 1607; Windows RT 8.1; Windows Server 2012 Gold and R2; and Windows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 10 +7
NVD
EPSS 7% CVSS 7.3
HIGH PATCH This Week

Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

RCE Microsoft Windows 10 +4
NVD
EPSS 6% CVSS 7.8
HIGH POC PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

RCE Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 65% 5.0 CVSS 7.8
HIGH POC PATCH THREAT Act Now

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 65.1%.

RCE Buffer Overflow Microsoft +7
NVD Exploit-DB
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 +8
NVD
EPSS 10% CVSS 4.3
MEDIUM PATCH This Month

The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 +7
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 5% CVSS 7.3
HIGH POC PATCH This Week

The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 59% 4.7 CVSS 7.2
HIGH POC PATCH THREAT Act Now

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 59.1%.

RCE Privilege Escalation Microsoft +6
NVD Exploit-DB
EPSS 73% 5.1 CVSS 7.2
HIGH POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 73.0%.

RCE Privilege Escalation Microsoft +9
NVD Exploit-DB
EPSS 59% 5.1 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted .mcl file, aka "Media Center Library. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 59.0%.

RCE Microsoft Windows 7 +3
NVD Exploit-DB
EPSS 72% 4.5 CVSS 4.3
MEDIUM POC PATCH THREAT This Month

Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 72.0%.

Information Disclosure Microsoft Windows 7 +3
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Race condition in the Pragmatic General Multicast (PGM) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Race Condition Denial Of Service Microsoft +9
NVD
EPSS 44% CVSS 9.3
CRITICAL PATCH Act Now

The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.4%.

RCE Buffer Overflow Microsoft +15
NVD
EPSS 49% CVSS 9.3
CRITICAL PATCH Act Now

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 49.4%.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 +8
NVD
EPSS 7% CVSS 5.8
MEDIUM PATCH This Month

SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 lacks the required. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 7 +7
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 +5
NVD
EPSS 55% 5.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.5%.

Adobe RCE Microsoft +9
NVD Exploit-DB
EPSS 55% 5.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.5%.

Adobe RCE Microsoft +9
NVD Exploit-DB
EPSS 4% CVSS 2.1
LOW POC PATCH Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 23% CVSS 6.9
MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 23.1%.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 6% CVSS 6.9
MEDIUM POC PATCH This Month

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 5% CVSS 4.9
MEDIUM PATCH This Month

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 +6
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allow. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 +8
NVD
EPSS 4% CVSS 7.2
HIGH POC PATCH This Week

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 13% CVSS 7.2
HIGH POC PATCH THREAT Act Now

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.3%.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows physically proximate attackers to bypass the Trusted Boot protection. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 +8
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 +8
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 10 +8
NVD
EPSS 42% CVSS 9.3
CRITICAL PATCH Act Now

Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.3%.

Memory Corruption Denial Of Service Use After Free +11
NVD
EPSS 23% CVSS 9.3
CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 +8
NVD
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 15% CVSS 7.2
HIGH POC PATCH THREAT Act Now

The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 14.9%.

Privilege Escalation Microsoft Windows 10 +5
NVD Exploit-DB
EPSS 25% CVSS 7.2
HIGH POC PATCH THREAT Act Now

Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 25.3%.

Privilege Escalation Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 17% CVSS 7.2
HIGH POC PATCH THREAT Act Now

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 16.6%.

Privilege Escalation Microsoft Windows 10 +5
NVD Exploit-DB
EPSS 28% CVSS 9.3
CRITICAL PATCH Act Now

Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.0%.

Integer Overflow RCE Microsoft +9
NVD
EPSS 5% CVSS 6.9
MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Buffer Overflow Microsoft +9
NVD Exploit-DB
EPSS 5% CVSS 6.9
MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Buffer Overflow Microsoft +9
NVD Exploit-DB
EPSS 13% CVSS 4.3
MEDIUM PATCH This Month

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 12.8%.

Denial Of Service Microsoft Windows 10 +8
NVD
EPSS 23% CVSS 9.3
CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 +8
NVD
EPSS 23% CVSS 9.3
CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.1%.

RCE Microsoft Windows 10 +8
NVD
EPSS 4% CVSS 7.2
HIGH POC PATCH This Week

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Adobe Privilege Escalation Microsoft +9
NVD Exploit-DB
EPSS 4% CVSS 6.9
MEDIUM POC PATCH This Month

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows. Rated medium severity (CVSS 6.9). Public exploit code available.

Buffer Overflow Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 88% 6.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Media Center link (mcl). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 87.9%.

Microsoft RCE Authentication Bypass +4
NVD Exploit-DB
EPSS 8% CVSS 7.2
HIGH POC PATCH This Week

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Adobe Privilege Escalation Microsoft +9
NVD Exploit-DB
EPSS 23% CVSS 9.3
CRITICAL PATCH Act Now

atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.4%.

Adobe Denial Of Service Microsoft +9
NVD
EPSS 28% CVSS 2.6
LOW PATCH Monitor

The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 supports SSL. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Epss exploitation probability 27.9%.

Information Disclosure Microsoft Windows 7 +7
NVD
EPSS 3% CVSS 4.3
MEDIUM PATCH This Month

Remote Desktop Session Host (RDSH) in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 10 +8
NVD
EPSS 1% CVSS 2.1
LOW PATCH Monitor

The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 +8
NVD
EPSS 48% 4.8 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 48.1%.

RCE Microsoft Net Framework +13
NVD Exploit-DB
EPSS 39% 4.5 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 38.6%.

RCE Microsoft Net Framework +13
NVD Exploit-DB
EPSS 42% 4.6 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.5%.

Adobe RCE Microsoft +10
NVD Exploit-DB
EPSS 41% 4.6 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.1%.

Adobe RCE Microsoft +9
NVD Exploit-DB
EPSS 55% 5.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.7%.

Adobe RCE Microsoft +9
NVD Exploit-DB
EPSS 55% 5.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 54.7%.

Adobe RCE Microsoft +9
NVD Exploit-DB
EPSS 42% 4.6 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 41.5%.

RCE Microsoft Net Framework +14
NVD Exploit-DB
EPSS 53% 5.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 53.2%.

RCE Microsoft Net Framework +14
NVD Exploit-DB
EPSS 1% CVSS 2.1
LOW PATCH Monitor

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 4% CVSS 4.7
MEDIUM PATCH This Month

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 +8
NVD
EPSS 30% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 30.2%.

RCE Microsoft Net Framework +14
NVD
EPSS 18% CVSS 2.1
LOW POC PATCH THREAT Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 17.6%.

Information Disclosure Microsoft Windows 10 +8
NVD Exploit-DB
EPSS 51% 4.9 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 50.6%.

Adobe RCE Microsoft +8
NVD Exploit-DB
EPSS 5% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 5% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 1% CVSS 2.1
LOW PATCH Monitor

Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 15% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9%.

Information Disclosure Microsoft Excel +14
NVD
EPSS 16% CVSS 5.0
MEDIUM This Month

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Information Disclosure Microsoft Windows 2003 Server +8
NVD
EPSS 16% CVSS 5.0
MEDIUM This Month

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Information Disclosure Microsoft Windows 2003 Server +8
NVD
EPSS 1% CVSS 2.1
LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 8 +4
NVD
EPSS 1% CVSS 2.1
LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 +5
NVD
EPSS 1% CVSS 6.9
MEDIUM This Month

The Windows Installer service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server +8
NVD
EPSS 10% CVSS 7.2
HIGH POC This Week

The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server +8
NVD Exploit-DB
EPSS 3% CVSS 2.1
LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 2003 Server +8
NVD
EPSS 28% CVSS 7.2
HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.9%.

Privilege Escalation Microsoft Windows 7 +6
NVD Exploit-DB
EPSS 28% CVSS 7.2
HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.9%.

Privilege Escalation Microsoft Windows 2003 Server +8
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH This Week

The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server +8
NVD
EPSS 1% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server +7
NVD
EPSS 69% 4.1 CVSS 10.0
CRITICAL Emergency

The Remote Desktop Protocol (RDP) server service in Microsoft Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a series of crafted packets, aka. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 69.2% and no vendor patch available.

RCE Microsoft Windows 7 +2
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Windows 8 +3
NVD
EPSS 5% CVSS 6.9
MEDIUM This Month

Untrusted search path vulnerability in the LoadLibrary function in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Microsoft Windows 7 +5
NVD
EPSS 44% CVSS 9.3
CRITICAL PATCH Act Now

Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.3%.

Memory Corruption Denial Of Service Use After Free +10
NVD
EPSS 20% CVSS 7.2
HIGH POC PATCH THREAT Act Now

Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 19.7%.

Buffer Overflow Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 11% CVSS 7.2
HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Memory Corruption Denial Of Service Use After Free +10
NVD Exploit-DB
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy