Skip to main content

Windows 8 1

2096 CVEs product

Monthly

CVE-2017-0274 MEDIUM PATCH This Month

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.6%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.9
EPSS
15.6%
CVE-2017-0273 MEDIUM PATCH This Month

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +3
NVD
CVSS 3.0
5.9
EPSS
9.6%
CVE-2017-0272 HIGH PATCH This Week

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
8.1
EPSS
5.5%
CVE-2017-0271 MEDIUM PATCH This Month

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 26.2%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.9
EPSS
26.2%
CVE-2017-0270 MEDIUM PATCH This Month

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.6%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.9
EPSS
15.6%
CVE-2017-0269 MEDIUM PATCH This Month

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +3
NVD
CVSS 3.0
5.9
EPSS
9.6%
CVE-2017-0268 MEDIUM PATCH This Month

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.6%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.9
EPSS
15.6%
CVE-2017-0267 MEDIUM PATCH This Month

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 26.2%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +3
NVD
CVSS 3.0
5.9
EPSS
26.2%
CVE-2017-0259 MEDIUM POC PATCH This Month

The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive. Rated medium severity (CVSS 4.7). Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD Exploit-DB
CVSS 3.0
4.7
EPSS
3.2%
CVE-2017-0258 MEDIUM POC PATCH This Month

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated medium severity (CVSS 4.7). Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
4.7
EPSS
4.2%
CVE-2017-0246 HIGH PATCH Act Now

The Graphics Component in the kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607,. Rated high severity (CVSS 7.0). Epss exploitation probability 16.6%.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
16.6%
CVE-2017-0214 HIGH POC PATCH This Week

Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server. Rated high severity (CVSS 7.0). Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
7.0
EPSS
1.4%
CVE-2017-0190 MEDIUM PATCH This Month

The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
4.4
EPSS
2.1%
CVE-2017-0077 HIGH PATCH This Week

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Microsoft Information Disclosure Windows 10 Windows 7 +5
NVD
CVSS 3.0
7.8
EPSS
4.6%
CVE-2017-0211 MEDIUM POC PATCH THREAT This Month

An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 22.3%.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
22.3%
CVE-2017-0192 MEDIUM PATCH This Month

The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.9%.

Microsoft Adobe Information Disclosure Windows 10 Windows 7 +6
NVD
CVSS 3.0
4.3
EPSS
22.9%
CVE-2017-0191 MEDIUM PATCH This Month

A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.8
EPSS
1.7%
CVE-2017-0188 LOW PATCH Monitor

A Win32k information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the win32k component. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
3.3
EPSS
5.1%
CVE-2017-0186 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 Windows 8 1 Windows Server 2012 +1
NVD
CVSS 3.0
5.8
EPSS
0.4%
CVE-2017-0185 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 Windows 8 1 Windows Server 2012 +1
NVD
CVSS 3.0
5.8
EPSS
0.6%
CVE-2017-0184 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 Windows 8 1 Windows Server 2008 +2
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-0183 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 Windows 8 1 Windows Server 2008 +2
NVD
CVSS 3.0
5.8
EPSS
0.4%
CVE-2017-0182 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 Windows 8 1 Windows Server 2008 +2
NVD
CVSS 3.0
5.8
EPSS
0.4%
CVE-2017-0181 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10 or Windows Server 2016 host server fails to properly validate input from an authenticated user. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2008 +2
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2017-0180 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2008 +2
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2017-0179 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 Windows 8 1 Windows Server 2012 +1
NVD
CVSS 3.0
5.8
EPSS
0.4%
CVE-2017-0178 MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V running on Windows 10, Windows 10 1511, Windows 10 1607, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016 host server fails. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 Windows 8 1 Windows Server 2012 +1
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-0169 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Windows Hyper-V running on a Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.4).

Microsoft Information Disclosure Windows 8 1 Windows Server 2012
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2017-0168 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows Hyper-V Network Switch running on a Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 8 1 Windows Server 2008 Windows Server 2012
NVD
CVSS 3.0
5.8
EPSS
0.9%
CVE-2017-0167 MEDIUM POC PATCH This Month

An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
9.8%
CVE-2017-0166 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2017-0165 HIGH POC PATCH THREAT Act Now

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 12.7%.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +1
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
12.7%
CVE-2017-0163 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2008 +2
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2017-0162 HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 8 1 Windows Server 2012 +1
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2017-0158 HIGH PATCH Act Now

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.8%.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.5
EPSS
19.8%
CVE-2017-0156 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 when. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.0
EPSS
1.1%
CVE-2017-0058 MEDIUM POC PATCH THREAT This Month

A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. Rated medium severity (CVSS 4.7). Public exploit code available and EPSS exploitation probability 16.5%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD Exploit-DB
CVSS 3.0
4.7
EPSS
16.5%
CVE-2017-0121 MEDIUM POC PATCH THREAT This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 13.0%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
13.0%
CVE-2017-0118 MEDIUM POC PATCH THREAT This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.4%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
12.4%
CVE-2017-0109 HIGH PATCH This Week

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.6
EPSS
0.6%
CVE-2017-0102 HIGH This Week

Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 let. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
0.7%
CVE-2017-0100 HIGH POC PATCH THREAT Act Now

A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 50.3%.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
50.3%
Threat
4.6
CVE-2017-0099 MEDIUM PATCH This Month

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2017-0097 MEDIUM PATCH This Month

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2017-0096 LOW PATCH Monitor

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows. Rated low severity (CVSS 2.6). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
2.6
EPSS
1.1%
CVE-2017-0084 HIGH POC PATCH THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 23.2%.

Buffer Overflow RCE Microsoft Windows 10 Windows 7 +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
23.2%
Threat
4.0
CVE-2017-0081 HIGH PATCH This Week

The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
7.8
EPSS
1.7%
CVE-2017-0079 HIGH PATCH This Week

The kernel-mode drivers in Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +1
NVD
CVSS 3.0
7.8
EPSS
1.7%
CVE-2017-0078 HIGH PATCH This Week

The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
7.8
EPSS
1.7%
CVE-2017-0076 MEDIUM PATCH This Month

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2017-0075 HIGH PATCH This Week

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.6
EPSS
4.5%
CVE-2017-0074 MEDIUM PATCH This Month

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2017-0073 MEDIUM PATCH This Month

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Live Meeting Lync Office +11
NVD
CVSS 3.1
4.3
EPSS
9.2%
CVE-2017-0063 MEDIUM POC PATCH THREAT This Month

The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2; Windows Server 2008 SP2 and R2; and Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.3%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD Exploit-DB
CVSS 3.0
6.5
EPSS
16.3%
CVE-2017-0062 MEDIUM POC PATCH This Month

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10. Rated medium severity (CVSS 4.7). Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
4.7
EPSS
2.8%
CVE-2017-0060 MEDIUM POC PATCH This Month

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Live Meeting Lync Office +11
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
3.3%
CVE-2017-0057 MEDIUM PATCH This Month

DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 31.1%.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
4.3
EPSS
31.1%
CVE-2017-0056 HIGH PATCH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
6.7%
CVE-2017-0055 MEDIUM PATCH This Month

Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.1
EPSS
1.4%
CVE-2017-0047 HIGH PATCH This Week

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
1.7%
CVE-2017-0042 LOW PATCH Monitor

Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; Windows 7 SP1; Windows 2008 SP2 and R2 SP1, Windows Server 2016; Windows Vista SP2; and Windows 10 Gold, 1511,. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 14.4%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
3.1
EPSS
14.4%
CVE-2017-0025 HIGH PATCH This Week

The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607;. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2017-0023 HIGH PATCH Act Now

The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 22.4%.

Buffer Overflow RCE Microsoft Edge Windows 10 +3
NVD
CVSS 3.0
7.5
EPSS
22.4%
CVE-2017-0016 MEDIUM PATCH This Month

Microsoft Windows 10 Gold, 1511, and 1607; Windows 8.1; Windows RT 8.1; Windows Server 2012 R2, and Windows Server 2016 do not properly handle certain requests in SMBv2 and SMBv3 packets, which. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 49.2%.

Null Pointer Dereference Denial Of Service Microsoft RCE Windows 10 +4
NVD
CVSS 3.0
5.9
EPSS
49.2%
CVE-2017-0014 HIGH PATCH Act Now

The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607;. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 23.8%.

RCE Microsoft Office Windows 10 Windows 7 +5
NVD
CVSS 3.0
7.5
EPSS
23.8%
CVE-2017-0038 MEDIUM POC PATCH THREAT This Month

gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 80.5%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD GitHub Exploit-DB
CVSS 3.0
5.5
EPSS
80.5%
Threat
5.0
CVE-2016-7295 MEDIUM This Month

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2016-7292 HIGH This Week

The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2016-7274 HIGH POC THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 38.4%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
38.4%
Threat
4.4
CVE-2016-7272 HIGH Act Now

The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 33.1% and no vendor patch available.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
8.8
EPSS
33.1%
CVE-2016-7260 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2016-7259 HIGH This Week

The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
2.5%
CVE-2016-7219 MEDIUM This Month

The Crypto driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
1.1%
CVE-2016-7248 HIGH Act Now

Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 31.6% and no vendor patch available.

Microsoft RCE Authentication Bypass Windows 10 Windows 7 +3
NVD
CVSS 3.0
7.8
EPSS
31.6%
CVE-2016-7247 HIGH Act Now

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow physically proximate attackers to bypass the Secure Boot. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 24.9% and no vendor patch available.

Microsoft Authentication Bypass Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
7.5
EPSS
24.9%
CVE-2016-7246 HIGH This Week

The kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2016-7238 HIGH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2016-7237 MEDIUM POC THREAT This Month

Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 63.9%.

Microsoft Denial Of Service Authentication Bypass Windows 10 Windows 7 +6
NVD Exploit-DB
CVSS 3.0
6.5
EPSS
63.9%
Threat
4.7
CVE-2016-7224 MEDIUM POC This Month

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
1.1%
CVE-2016-7223 MEDIUM This Month

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2016-7221 HIGH This Week

Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-7218 MEDIUM This Month

Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
4.7
EPSS
0.7%
CVE-2016-7217 HIGH Act Now

Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.8% and no vendor patch available.

RCE Buffer Overflow Microsoft Windows 10 Windows 8 1 +3
NVD
CVSS 3.0
8.8
EPSS
18.8%
CVE-2016-7215 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2016-7214 LOW Monitor

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
3.3
EPSS
2.0%
CVE-2016-7212 HIGH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 40.7% and no vendor patch available.

Microsoft RCE Authentication Bypass Windows 10 Windows 7 +6
NVD
CVSS 3.0
7.8
EPSS
40.7%
CVE-2016-7210 MEDIUM This Month

atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 35.5% and no vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
6.5
EPSS
35.5%
CVE-2016-7205 HIGH Act Now

Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.8% and no vendor patch available.

RCE Buffer Overflow Microsoft Windows 10 Windows 7 +5
NVD
CVSS 3.0
8.8
EPSS
18.8%
CVE-2016-7184 HIGH This Week

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
5.4%
CVE-2016-3343 HIGH This Week

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
7.8
EPSS
5.5%
EPSS 16% CVSS 5.9
MEDIUM PATCH This Month

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.6%.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 10% CVSS 5.9
MEDIUM PATCH This Month

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Microsoft Windows 10 +5
NVD
EPSS 6% CVSS 8.1
HIGH PATCH This Week

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 +6
NVD
EPSS 26% CVSS 5.9
MEDIUM PATCH This Month

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 26.2%.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 16% CVSS 5.9
MEDIUM PATCH This Month

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.6%.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 10% CVSS 5.9
MEDIUM PATCH This Month

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Microsoft Windows 10 +5
NVD
EPSS 16% CVSS 5.9
MEDIUM PATCH This Month

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.6%.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 26% CVSS 5.9
MEDIUM PATCH This Month

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 26.2%.

Microsoft Information Disclosure Windows 10 +5
NVD
EPSS 3% CVSS 4.7
MEDIUM POC PATCH This Month

The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive. Rated medium severity (CVSS 4.7). Public exploit code available.

Microsoft Information Disclosure Windows 10 +4
NVD Exploit-DB
EPSS 4% CVSS 4.7
MEDIUM POC PATCH This Month

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server. Rated medium severity (CVSS 4.7). Public exploit code available.

Microsoft Information Disclosure Windows 10 +6
NVD Exploit-DB
EPSS 17% CVSS 7.0
HIGH PATCH Act Now

The Graphics Component in the kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607,. Rated high severity (CVSS 7.0). Epss exploitation probability 16.6%.

Denial Of Service Microsoft Windows 10 +6
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server. Rated high severity (CVSS 7.0). Public exploit code available.

Microsoft Information Disclosure Windows 10 +6
NVD Exploit-DB
EPSS 2% CVSS 4.4
MEDIUM PATCH This Month

The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Microsoft Information Disclosure +7
NVD
EPSS 22% CVSS 5.5
MEDIUM POC PATCH THREAT This Month

An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 22.3%.

Microsoft Information Disclosure Windows 10 +4
NVD Exploit-DB
EPSS 23% CVSS 4.3
MEDIUM PATCH This Month

The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.9%.

Microsoft Adobe Information Disclosure +8
NVD
EPSS 2% CVSS 5.8
MEDIUM PATCH This Month

A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 +6
NVD
EPSS 5% CVSS 3.3
LOW PATCH Monitor

A Win32k information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the win32k component. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +4
NVD
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 +3
NVD
EPSS 1% CVSS 5.8
MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 +3
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 +4
NVD
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 +4
NVD
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 +4
NVD
EPSS 0% CVSS 7.6
HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10 or Windows Server 2016 host server fails to properly validate input from an authenticated user. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 +4
NVD
EPSS 0% CVSS 7.6
HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 +4
NVD
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Denial Of Service Microsoft Windows 10 +3
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

A denial of service vulnerability exists when Microsoft Hyper-V running on Windows 10, Windows 10 1511, Windows 10 1607, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016 host server fails. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 +3
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

An information disclosure vulnerability exists when Windows Hyper-V running on a Windows 8.1, Windows Server 2012. Rated medium severity (CVSS 5.4).

Microsoft Information Disclosure Windows 8 1 +1
NVD
EPSS 1% CVSS 5.8
MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows Hyper-V Network Switch running on a Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 8 1 +2
NVD
EPSS 10% CVSS 5.5
MEDIUM POC PATCH This Month

An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 +4
NVD Exploit-DB
EPSS 2% CVSS 8.1
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 13% CVSS 7.8
HIGH POC PATCH THREAT Act Now

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 12.7%.

Microsoft Information Disclosure Windows 10 +3
NVD Exploit-DB
EPSS 0% CVSS 7.6
HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 +4
NVD
EPSS 0% CVSS 7.6
HIGH PATCH This Week

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 +3
NVD
EPSS 20% CVSS 7.5
HIGH PATCH Act Now

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 19.8%.

Buffer Overflow Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 when. Rated high severity (CVSS 7.0).

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 16% CVSS 4.7
MEDIUM POC PATCH THREAT This Month

A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. Rated medium severity (CVSS 4.7). Public exploit code available and EPSS exploitation probability 16.5%.

Microsoft Information Disclosure Windows 10 +7
NVD Exploit-DB
EPSS 13% CVSS 4.3
MEDIUM POC PATCH THREAT This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 13.0%.

Microsoft Information Disclosure Windows 10 +7
NVD Exploit-DB
EPSS 12% CVSS 4.3
MEDIUM POC PATCH THREAT This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.4%.

Microsoft Information Disclosure Windows 10 +7
NVD Exploit-DB
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 +6
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 let. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 10 +7
NVD
EPSS 50% 4.6 CVSS 7.8
HIGH POC PATCH THREAT Act Now

A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 50.3%.

Microsoft Authentication Bypass Windows 10 +6
NVD Exploit-DB
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 +6
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 +6
NVD
EPSS 1% CVSS 2.6
LOW PATCH Monitor

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows. Rated low severity (CVSS 2.6). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 23% 4.0 CVSS 8.8
HIGH POC PATCH THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 23.2%.

Buffer Overflow RCE Microsoft +8
NVD Exploit-DB
EPSS 2% CVSS 7.8
HIGH PATCH This Week

The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

The kernel-mode drivers in Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +3
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

The kernel-mode drivers in Microsoft Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +4
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 +6
NVD
EPSS 4% CVSS 7.6
HIGH PATCH This Week

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows. Rated high severity (CVSS 7.6).

RCE Microsoft Windows 10 +6
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest. Rated medium severity (CVSS 5.4).

Denial Of Service Microsoft Windows 10 +6
NVD
EPSS 9% CVSS 4.3
MEDIUM PATCH This Month

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Live Meeting +13
NVD
EPSS 16% CVSS 6.5
MEDIUM POC PATCH THREAT This Month

The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2; Windows Server 2008 SP2 and R2; and Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.3%.

Microsoft Information Disclosure Windows 10 +7
NVD Exploit-DB
EPSS 3% CVSS 4.7
MEDIUM POC PATCH This Month

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10. Rated medium severity (CVSS 4.7). Public exploit code available.

Microsoft Information Disclosure Windows 10 +6
NVD Exploit-DB
EPSS 3% CVSS 5.5
MEDIUM POC PATCH This Month

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Live Meeting +13
NVD Exploit-DB
EPSS 31% CVSS 4.3
MEDIUM PATCH This Month

DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 31.1%.

Microsoft Information Disclosure Windows 10 +4
NVD
EPSS 7% CVSS 7.8
HIGH PATCH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Windows 10 +7
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +6
NVD
EPSS 14% CVSS 3.1
LOW PATCH Monitor

Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; Windows 7 SP1; Windows 2008 SP2 and R2 SP1, Windows Server 2016; Windows Vista SP2; and Windows 10 Gold, 1511,. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 14.4%.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607;. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 +7
NVD
EPSS 22% CVSS 7.5
HIGH PATCH Act Now

The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 22.4%.

Buffer Overflow RCE Microsoft +5
NVD
EPSS 49% CVSS 5.9
MEDIUM PATCH This Month

Microsoft Windows 10 Gold, 1511, and 1607; Windows 8.1; Windows RT 8.1; Windows Server 2012 R2, and Windows Server 2016 do not properly handle certain requests in SMBv2 and SMBv3 packets, which. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 49.2%.

Null Pointer Dereference Denial Of Service Microsoft +6
NVD
EPSS 24% CVSS 7.5
HIGH PATCH Act Now

The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607;. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 23.8%.

RCE Microsoft Office +7
NVD
EPSS 80% 5.0 CVSS 5.5
MEDIUM POC PATCH THREAT This Month

gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 80.5%.

Microsoft Information Disclosure Windows 10 +7
NVD GitHub Exploit-DB
EPSS 1% CVSS 5.5
MEDIUM This Month

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 7.8
HIGH This Week

The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 +7
NVD
EPSS 38% 4.4 CVSS 8.8
HIGH POC THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 38.4%.

RCE Microsoft Windows 10 +7
NVD Exploit-DB
EPSS 33% CVSS 8.8
HIGH Act Now

The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 33.1% and no vendor patch available.

RCE Microsoft Windows 10 +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 +7
NVD
EPSS 2% CVSS 7.8
HIGH This Week

The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

The Crypto driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 +7
NVD
EPSS 32% CVSS 7.8
HIGH Act Now

Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 31.6% and no vendor patch available.

Microsoft RCE Authentication Bypass +5
NVD
EPSS 25% CVSS 7.5
HIGH Act Now

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow physically proximate attackers to bypass the Secure Boot. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 24.9% and no vendor patch available.

Microsoft Authentication Bypass Windows 10 +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

The kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 +6
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 +7
NVD
EPSS 64% 4.7 CVSS 6.5
MEDIUM POC THREAT This Month

Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 63.9%.

Microsoft Denial Of Service Authentication Bypass +8
NVD Exploit-DB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Windows 10 +4
NVD Exploit-DB
EPSS 1% CVSS 6.1
MEDIUM This Month

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Windows 10 +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 +7
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Microsoft Windows 10 +7
NVD
EPSS 19% CVSS 8.8
HIGH Act Now

Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.8% and no vendor patch available.

RCE Buffer Overflow Microsoft +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 +7
NVD
EPSS 2% CVSS 3.3
LOW Monitor

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10 +7
NVD
EPSS 41% CVSS 7.8
HIGH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 40.7% and no vendor patch available.

Microsoft RCE Authentication Bypass +8
NVD
EPSS 35% CVSS 6.5
MEDIUM This Month

atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 35.5% and no vendor patch available.

Information Disclosure Microsoft Windows 10 +7
NVD
EPSS 19% CVSS 8.8
HIGH Act Now

Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.8% and no vendor patch available.

RCE Buffer Overflow Microsoft +7
NVD
EPSS 5% CVSS 7.8
HIGH This Week

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 10 +7
NVD
EPSS 6% CVSS 7.8
HIGH This Week

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 10 +7
NVD
Prev Page 20 of 24 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy