Skip to main content

Windows 8 1

2096 CVEs product

Monthly

CVE-2015-2432 CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 50.6%.

Adobe RCE Microsoft Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
50.6%
Threat
4.9
CVE-2015-2430 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
9.3
EPSS
5.3%
CVE-2015-2429 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
9.3
EPSS
5.3%
CVE-2015-2428 LOW PATCH Monitor

Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
2.1
EPSS
1.1%
CVE-2015-2423 MEDIUM PATCH This Month

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9%.

Information Disclosure Microsoft Excel Office Powerpoint +12
NVD
CVSS 2.0
4.3
EPSS
14.9%
CVE-2015-2417 MEDIUM This Month

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Information Disclosure Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
5.0
EPSS
15.5%
CVE-2015-2416 MEDIUM This Month

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Information Disclosure Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
5.0
EPSS
15.5%
CVE-2015-2382 LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 8 Windows 8 1 Windows Rt +2
NVD
CVSS 2.0
2.1
EPSS
1.5%
CVE-2015-2381 LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +3
NVD
CVSS 2.0
2.1
EPSS
1.5%
CVE-2015-2371 MEDIUM This Month

The Windows Installer service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
6.9
EPSS
0.7%
CVE-2015-2370 HIGH POC This Week

The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
9.7%
CVE-2015-2367 LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
2.1
EPSS
3.2%
CVE-2015-2366 HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.9%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
27.9%
CVE-2015-2365 HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.9%.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
27.9%
CVE-2015-2364 HIGH This Week

The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-2363 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +5
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-2368 MEDIUM This Month

Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan. Rated medium severity (CVSS 6.9). No vendor patch available.

RCE Microsoft Windows 7 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 2.0
6.9
EPSS
7.1%
CVE-2015-2362 HIGH This Week

Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Windows 8 Windows 8 1 Windows Server 2008 +1
NVD
CVSS 2.0
7.2
EPSS
0.7%
CVE-2015-2361 HIGH This Week

Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Windows 8 1 +1
NVD
CVSS 2.0
7.2
EPSS
0.5%
CVE-2015-1756 CRITICAL PATCH Act Now

Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.3%.

Memory Corruption Denial Of Service Use After Free Microsoft RCE +8
NVD
CVSS 2.0
9.3
EPSS
44.3%
CVE-2015-1727 HIGH POC PATCH THREAT Act Now

Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 19.7%.

Buffer Overflow Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
19.7%
CVE-2015-1726 HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Memory Corruption Denial Of Service Use After Free Microsoft Windows 7 +8
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
10.9%
CVE-2015-1725 HIGH POC PATCH This Week

Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
6.5%
CVE-2015-1724 HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.8%.

Memory Corruption Denial Of Service Use After Free Microsoft Windows 7 +8
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
13.8%
CVE-2015-1723 HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Memory Corruption Denial Of Service Use After Free Microsoft Windows 7 +8
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
10.9%
CVE-2015-1722 HIGH POC PATCH This Week

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free Microsoft Windows 7 +8
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
4.7%
CVE-2015-1721 HIGH POC PATCH THREAT Act Now

The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Denial Of Service Null Pointer Dereference Microsoft Windows 7 Windows 8 +7
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
10.9%
CVE-2015-1720 HIGH PATCH This Week

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Denial Of Service Use After Free Microsoft Windows 7 +8
NVD
CVSS 2.0
7.2
EPSS
1.1%
CVE-2015-1719 LOW PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
2.1
EPSS
2.4%
CVE-2015-1716 MEDIUM PATCH This Month

Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.4%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
5.0
EPSS
18.4%
CVE-2015-1702 MEDIUM PATCH This Month

The Service Control Manager (SCM) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated medium severity (CVSS 6.9).

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
6.9
EPSS
5.5%
CVE-2015-1699 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.4%.

RCE Code Injection Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
31.4%
CVE-2015-1698 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.1%.

RCE Code Injection Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
33.1%
CVE-2015-1697 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.1%.

RCE Code Injection Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
33.1%
CVE-2015-1696 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.1%.

RCE Code Injection Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
33.1%
CVE-2015-1695 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.4%.

RCE Code Injection Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
31.4%
CVE-2015-1681 LOW PATCH Monitor

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to cause a. Rated low severity (CVSS 1.9). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
1.9
EPSS
1.2%
CVE-2015-1680 LOW POC PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
2.5%
CVE-2015-1679 LOW POC PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
2.4%
CVE-2015-1678 LOW POC PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
2.5%
CVE-2015-1677 LOW POC PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
2.5%
CVE-2015-1676 LOW POC PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
2.5%
CVE-2015-1675 CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.4%.

RCE Code Injection Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
31.4%
CVE-2015-1674 MEDIUM POC PATCH This Month

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate an unspecified address, which allows local users to bypass the. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 8 Windows 8 1 Windows Rt +2
NVD Exploit-DB
CVSS 2.0
4.6
EPSS
0.9%
CVE-2015-1647 LOW PATCH Monitor

Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 allows guest OS users to cause a denial of service (VMM functionality loss) via a crafted application, aka. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 8 1 Windows Server 2012
NVD
CVSS 2.0
2.1
EPSS
0.4%
CVE-2015-1644 HIGH PATCH This Week

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
2.8%
CVE-2015-1643 HIGH PATCH This Week

Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
2.3%
CVE-2015-0096 CRITICAL POC PATCH THREAT Act Now

Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 87.1%.

RCE Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
87.1%
Threat
6.0
CVE-2015-0095 MEDIUM PATCH This Month

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 7 Windows 8 +7
NVD
CVSS 2.0
5.6
EPSS
0.6%
CVE-2015-0094 LOW PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
2.1
EPSS
2.5%
CVE-2015-0093 CRITICAL PATCH Act Now

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.7%.

Adobe RCE Code Injection Microsoft Windows 7 +8
NVD
CVSS 2.0
9.3
EPSS
23.7%
CVE-2015-0092 CRITICAL PATCH Act Now

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.7%.

Adobe RCE Code Injection Microsoft Windows 7 +8
NVD
CVSS 2.0
9.3
EPSS
23.7%
CVE-2015-0091 CRITICAL PATCH Act Now

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.7%.

Adobe RCE Code Injection Microsoft Windows 7 +8
NVD
CVSS 2.0
9.3
EPSS
23.7%
CVE-2015-0090 CRITICAL PATCH Act Now

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.7%.

Adobe RCE Code Injection Microsoft Windows 7 +8
NVD
CVSS 2.0
9.3
EPSS
23.7%
CVE-2015-0089 MEDIUM PATCH This Month

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.3%.

Adobe Information Disclosure Microsoft Windows 7 Windows 8 +7
NVD
CVSS 2.0
5.0
EPSS
27.3%
CVE-2015-0088 CRITICAL PATCH Act Now

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.7%.

Adobe RCE Code Injection Microsoft Windows 7 +8
NVD
CVSS 2.0
9.3
EPSS
23.7%
CVE-2015-0087 MEDIUM PATCH This Month

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.0%.

Adobe Information Disclosure Microsoft Windows 7 Windows 8 +7
NVD
CVSS 2.0
5.0
EPSS
27.0%
CVE-2015-0084 LOW PATCH Monitor

The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD
CVSS 2.0
2.1
EPSS
1.0%
CVE-2015-0081 CRITICAL POC PATCH THREAT Act Now

Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 72.6%.

RCE Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
72.6%
Threat
5.5
CVE-2015-0080 MEDIUM PATCH This Month

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
4.3
EPSS
8.1%
CVE-2015-0079 HIGH PATCH Act Now

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to cause a denial of service (memory. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.0%.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +1
NVD
CVSS 2.0
7.8
EPSS
23.0%
CVE-2015-0078 HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate the token of a calling thread, which. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 8 Windows 8 1 Windows Rt +2
NVD
CVSS 2.0
7.2
EPSS
4.7%
CVE-2015-0077 LOW PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
2.1
EPSS
4.8%
CVE-2015-0076 MEDIUM PATCH This Month

The photo-decoder implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
4.3
EPSS
7.6%
CVE-2015-0074 MEDIUM PATCH This Month

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.6%.

Denial Of Service Adobe Buffer Overflow Microsoft Windows 7 +8
NVD
CVSS 2.0
4.3
EPSS
14.6%
CVE-2015-0073 HIGH PATCH This Week

The Windows Registry Virtualization feature in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
1.9%
CVE-2015-1637 MEDIUM PATCH This Month

Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 43.7%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
4.3
EPSS
43.7%
CVE-2015-0062 HIGH PATCH This Week

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges via a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD
CVSS 2.0
7.2
EPSS
1.4%
CVE-2015-0061 MEDIUM PATCH This Month

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.1%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
4.3
EPSS
22.1%
CVE-2015-0060 MEDIUM POC PATCH This Month

The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
4.7
EPSS
2.5%
CVE-2015-0059 MEDIUM POC PATCH THREAT This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 36.4%.

RCE Privilege Escalation Microsoft Windows 7 Windows 8 +5
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
36.4%
Threat
4.0
CVE-2015-0058 HIGH POC PATCH This Week

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 8 1 Windows Rt 8 1 Windows Server 2012
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
7.7%
CVE-2015-0057 HIGH POC PATCH THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 68.4%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
68.4%
Threat
5.0
CVE-2015-0010 LOW POC PATCH Monitor

The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2. Rated low severity (CVSS 1.9). Public exploit code available.

Authentication Bypass Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
1.9
EPSS
1.7%
CVE-2015-0009 LOW POC PATCH Monitor

The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
3.3
EPSS
4.1%
CVE-2015-0008 HIGH POC PATCH This Week

The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. Public exploit code available.

Microsoft RCE Authentication Bypass Windows 7 Windows 8 +7
NVD Exploit-DB
CVSS 2.0
8.3
EPSS
9.0%
CVE-2015-0003 MEDIUM POC PATCH THREAT This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 13.6%.

Denial Of Service Null Pointer Dereference Microsoft Windows 7 Windows 8 +7
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
13.6%
CVE-2015-0014 CRITICAL Emergency

Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 80.8% and no vendor patch available.

RCE Buffer Overflow Microsoft Windows 7 Windows 8 +5
NVD
CVSS 2.0
10.0
EPSS
80.8%
Threat
4.4
CVE-2015-0011 MEDIUM This Month

mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 4.7). No vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
4.7
EPSS
0.5%
CVE-2015-0006 MEDIUM This Month

The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Epss exploitation probability 11.1% and no vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
6.1
EPSS
11.1%
CVE-2015-0004 HIGH POC THREAT Act Now

The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 24.1%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
24.1%
CVE-2015-0002 HIGH POC THREAT Act Now

The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 38.2%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
38.2%
Threat
4.1
CVE-2015-0001 LOW Monitor

The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light. Rated low severity (CVSS 1.9). No vendor patch available.

Privilege Escalation Microsoft Windows 8 Windows 8 1 Windows Rt +2
NVD
CVSS 2.0
1.9
EPSS
0.6%
CVE-2014-6355 MEDIUM This Month

The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 16.2% and no vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
5.0
EPSS
16.2%
CVE-2014-6322 MEDIUM PATCH This Month

The Windows Audio service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
4.3
EPSS
6.8%
CVE-2014-6321 CRITICAL POC PATCH THREAT Act Now

Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 93.0%.

RCE Code Injection Microsoft Windows 7 Windows 8 +7
NVD
CVSS 2.0
10.0
EPSS
93.0%
Threat
6.3
CVE-2014-6318 MEDIUM PATCH This Month

The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.6%.

Microsoft Authentication Bypass Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
4.3
EPSS
31.6%
CVE-2014-6317 HIGH PATCH Act Now

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 25.9%.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.1
EPSS
25.9%
CVE-2014-4118 CRITICAL PATCH Act Now

XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.4%.

RCE Denial Of Service Code Injection Microsoft Windows 7 +8
NVD
CVSS 2.0
9.3
EPSS
28.4%
CVE-2014-4074 HIGH PATCH This Week

The Task Scheduler in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via an application that schedules a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 8 Windows 8 1 Windows Rt +2
NVD
CVSS 2.0
7.2
EPSS
1.7%
EPSS 51% 4.9 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 50.6%.

Adobe RCE Microsoft +8
NVD Exploit-DB
EPSS 5% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 5% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 1% CVSS 2.1
LOW PATCH Monitor

Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 15% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9%.

Information Disclosure Microsoft Excel +14
NVD
EPSS 16% CVSS 5.0
MEDIUM This Month

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Information Disclosure Microsoft Windows 2003 Server +8
NVD
EPSS 16% CVSS 5.0
MEDIUM This Month

OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Information Disclosure Microsoft Windows 2003 Server +8
NVD
EPSS 1% CVSS 2.1
LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 8 +4
NVD
EPSS 1% CVSS 2.1
LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 +5
NVD
EPSS 1% CVSS 6.9
MEDIUM This Month

The Windows Installer service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server +8
NVD
EPSS 10% CVSS 7.2
HIGH POC This Week

The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server +8
NVD Exploit-DB
EPSS 3% CVSS 2.1
LOW Monitor

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 2003 Server +8
NVD
EPSS 28% CVSS 7.2
HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.9%.

Privilege Escalation Microsoft Windows 7 +6
NVD Exploit-DB
EPSS 28% CVSS 7.2
HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.9%.

Privilege Escalation Microsoft Windows 2003 Server +8
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH This Week

The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server +8
NVD
EPSS 1% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server +7
NVD
EPSS 7% CVSS 6.9
MEDIUM This Month

Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan. Rated medium severity (CVSS 6.9). No vendor patch available.

RCE Microsoft Windows 7 +4
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Windows 8 +3
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +3
NVD
EPSS 44% CVSS 9.3
CRITICAL PATCH Act Now

Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.3%.

Memory Corruption Denial Of Service Use After Free +10
NVD
EPSS 20% CVSS 7.2
HIGH POC PATCH THREAT Act Now

Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 19.7%.

Buffer Overflow Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 11% CVSS 7.2
HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Memory Corruption Denial Of Service Use After Free +10
NVD Exploit-DB
EPSS 6% CVSS 7.2
HIGH POC PATCH This Week

Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 14% CVSS 7.2
HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.8%.

Memory Corruption Denial Of Service Use After Free +10
NVD Exploit-DB
EPSS 11% CVSS 7.2
HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Memory Corruption Denial Of Service Use After Free +10
NVD Exploit-DB
EPSS 5% CVSS 7.2
HIGH POC PATCH This Week

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free +10
NVD Exploit-DB
EPSS 11% CVSS 7.2
HIGH POC PATCH THREAT Act Now

The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Denial Of Service Null Pointer Dereference Microsoft +9
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Denial Of Service Use After Free +10
NVD
EPSS 2% CVSS 2.1
LOW PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 +8
NVD
EPSS 18% CVSS 5.0
MEDIUM PATCH This Month

Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.4%.

Information Disclosure Microsoft Windows 7 +8
NVD
EPSS 5% CVSS 6.9
MEDIUM PATCH This Month

The Service Control Manager (SCM) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated medium severity (CVSS 6.9).

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 31% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.4%.

RCE Code Injection Microsoft +8
NVD
EPSS 33% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.1%.

RCE Code Injection Microsoft +8
NVD
EPSS 33% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.1%.

RCE Code Injection Microsoft +8
NVD
EPSS 33% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.1%.

RCE Code Injection Microsoft +8
NVD
EPSS 31% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.4%.

RCE Code Injection Microsoft +8
NVD
EPSS 1% CVSS 1.9
LOW PATCH Monitor

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to cause a. Rated low severity (CVSS 1.9). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Microsoft +8
NVD
EPSS 3% CVSS 2.1
LOW POC PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 2% CVSS 2.1
LOW POC PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 3% CVSS 2.1
LOW POC PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 3% CVSS 2.1
LOW POC PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 3% CVSS 2.1
LOW POC PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 31% CVSS 9.3
CRITICAL PATCH Act Now

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.4%.

RCE Code Injection Microsoft +8
NVD
EPSS 1% CVSS 4.6
MEDIUM POC PATCH This Month

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate an unspecified address, which allows local users to bypass the. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 8 +4
NVD Exploit-DB
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 allows guest OS users to cause a denial of service (VMM functionality loss) via a crafted application, aka. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Denial Of Service Microsoft Windows 8 1 +1
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 87% 6.0 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 87.1%.

RCE Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 1% CVSS 5.6
MEDIUM PATCH This Month

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft +9
NVD
EPSS 2% CVSS 2.1
LOW PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 +8
NVD
EPSS 24% CVSS 9.3
CRITICAL PATCH Act Now

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.7%.

Adobe RCE Code Injection +10
NVD
EPSS 24% CVSS 9.3
CRITICAL PATCH Act Now

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.7%.

Adobe RCE Code Injection +10
NVD
EPSS 24% CVSS 9.3
CRITICAL PATCH Act Now

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.7%.

Adobe RCE Code Injection +10
NVD
EPSS 24% CVSS 9.3
CRITICAL PATCH Act Now

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.7%.

Adobe RCE Code Injection +10
NVD
EPSS 27% CVSS 5.0
MEDIUM PATCH This Month

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.3%.

Adobe Information Disclosure Microsoft +9
NVD
EPSS 24% CVSS 9.3
CRITICAL PATCH Act Now

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.7%.

Adobe RCE Code Injection +10
NVD
EPSS 27% CVSS 5.0
MEDIUM PATCH This Month

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.0%.

Adobe Information Disclosure Microsoft +9
NVD
EPSS 1% CVSS 2.1
LOW PATCH Monitor

The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 7 +6
NVD
EPSS 73% 5.5 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 72.6%.

RCE Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 8% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 +8
NVD
EPSS 23% CVSS 7.8
HIGH PATCH Act Now

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to cause a denial of service (memory. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.0%.

Denial Of Service Microsoft Windows 7 +3
NVD
EPSS 5% CVSS 7.2
HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate the token of a calling thread, which. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 8 +4
NVD
EPSS 5% CVSS 2.1
LOW PATCH Monitor

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 +8
NVD
EPSS 8% CVSS 4.3
MEDIUM PATCH This Month

The photo-decoder implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 +7
NVD
EPSS 15% CVSS 4.3
MEDIUM PATCH This Month

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.6%.

Denial Of Service Adobe Buffer Overflow +10
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

The Windows Registry Virtualization feature in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 44% CVSS 4.3
MEDIUM PATCH This Month

Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 43.7%.

Information Disclosure Microsoft Windows 7 +8
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges via a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +6
NVD
EPSS 22% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.1%.

Information Disclosure Microsoft Windows 7 +8
NVD
EPSS 3% CVSS 4.7
MEDIUM POC PATCH This Month

The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 36% 4.0 CVSS 6.9
MEDIUM POC PATCH THREAT This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 36.4%.

RCE Privilege Escalation Microsoft +7
NVD Exploit-DB
EPSS 8% CVSS 7.2
HIGH POC PATCH This Week

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 8 1 +2
NVD Exploit-DB
EPSS 68% 5.0 CVSS 7.2
HIGH POC PATCH THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 68.4%.

Privilege Escalation Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 2% CVSS 1.9
LOW POC PATCH Monitor

The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2. Rated low severity (CVSS 1.9). Public exploit code available.

Authentication Bypass Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 4% CVSS 3.3
LOW POC PATCH Monitor

The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 9% CVSS 8.3
HIGH POC PATCH This Week

The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. Public exploit code available.

Microsoft RCE Authentication Bypass +9
NVD Exploit-DB
EPSS 14% CVSS 6.9
MEDIUM POC PATCH THREAT This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 13.6%.

Denial Of Service Null Pointer Dereference Microsoft +9
NVD Exploit-DB
EPSS 81% 4.4 CVSS 10.0
CRITICAL Emergency

Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 80.8% and no vendor patch available.

RCE Buffer Overflow Microsoft +7
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 4.7). No vendor patch available.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 11% CVSS 6.1
MEDIUM This Month

The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Epss exploitation probability 11.1% and no vendor patch available.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 24% CVSS 7.2
HIGH POC THREAT Act Now

The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 24.1%.

Privilege Escalation Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 38% 4.1 CVSS 7.2
HIGH POC THREAT Act Now

The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 38.2%.

Privilege Escalation Microsoft Windows 7 +6
NVD Exploit-DB
EPSS 1% CVSS 1.9
LOW Monitor

The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light. Rated low severity (CVSS 1.9). No vendor patch available.

Privilege Escalation Microsoft Windows 8 +4
NVD
EPSS 16% CVSS 5.0
MEDIUM This Month

The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 16.2% and no vendor patch available.

Information Disclosure Microsoft Windows 7 +8
NVD
EPSS 7% CVSS 4.3
MEDIUM PATCH This Month

The Windows Audio service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 7 +7
NVD
EPSS 93% 6.3 CVSS 10.0
CRITICAL POC PATCH THREAT Act Now

Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 93.0%.

RCE Code Injection Microsoft +9
NVD
EPSS 32% CVSS 4.3
MEDIUM PATCH This Month

The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.6%.

Microsoft Authentication Bypass Windows 7 +7
NVD
EPSS 26% CVSS 7.1
HIGH PATCH Act Now

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 25.9%.

Denial Of Service Microsoft Windows 7 +8
NVD
EPSS 28% CVSS 9.3
CRITICAL PATCH Act Now

XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.4%.

RCE Denial Of Service Code Injection +10
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

The Task Scheduler in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via an application that schedules a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 8 +4
NVD
Prev Page 23 of 24 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy