Skip to main content

Windows 8 1

2096 CVEs product

Monthly

CVE-2014-4064 MEDIUM PATCH This Month

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
4.9
EPSS
2.4%
CVE-2014-1819 HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
1.5%
CVE-2014-1814 HIGH PATCH This Week

The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
2.5%
CVE-2014-0318 HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
2.6%
CVE-2014-0316 HIGH PATCH Act Now

Memory leak in the Local RPC (LRPC) server implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.9%.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD
CVSS 2.0
7.5
EPSS
11.9%
CVE-2014-2781 HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly restrict the. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
7.6
EPSS
7.5%
CVE-2014-2780 MEDIUM PATCH This Month

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges by. Rated medium severity (CVSS 6.9).

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +3
NVD
CVSS 2.0
6.9
EPSS
3.1%
CVE-2014-1824 CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
9.7%
CVE-2014-1767 HIGH POC THREAT Act Now

Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 49.1%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
49.1%
Threat
4.4
CVE-2014-1818 CRITICAL PATCH Act Now

GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.4%.

RCE Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
9.3
EPSS
42.4%
CVE-2014-1817 CRITICAL PATCH Act Now

usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.4%.

Denial Of Service RCE Buffer Overflow Microsoft Windows 7 +8
NVD
CVSS 2.0
9.3
EPSS
44.4%
CVE-2014-1811 MEDIUM PATCH This Month

The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 33.4%.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
5.0
EPSS
33.4%
CVE-2014-0296 MEDIUM PATCH This Month

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. Epss exploitation probability 29.9%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +1
NVD
CVSS 2.0
5.1
EPSS
29.9%
CVE-2014-1807 HIGH PATCH This Week

The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
3.1%
CVE-2014-0315 MEDIUM PATCH This Month

Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 6.9). Epss exploitation probability 22.6%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD VulDB
CVSS 2.0
6.9
EPSS
22.6%
CVE-2014-0323 MEDIUM PATCH This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Information Disclosure Microsoft Windows 7 Windows 8 +8
NVD VulDB
CVSS 2.0
6.6
EPSS
0.9%
CVE-2014-0301 CRITICAL PATCH Act Now

Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 21.3%.

RCE Buffer Overflow Microsoft Windows 7 Windows 8 +6
NVD VulDB
CVSS 2.0
9.3
EPSS
21.3%
CVE-2014-0300 HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD VulDB
CVSS 2.0
7.2
EPSS
0.6%
CVE-2013-7332 MEDIUM POC THREAT This Month

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.9%.

Denial Of Service Microsoft Windows 8 Windows 8 1
NVD
CVSS 2.0
5.0
EPSS
13.9%
CVE-2014-0266 HIGH PATCH Act Now

The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 31.9%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD
CVSS 2.0
7.1
EPSS
31.9%
CVE-2014-0263 CRITICAL PATCH Act Now

The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 46.5%.

Buffer Overflow Microsoft RCE Windows 7 Windows 8 +5
NVD
CVSS 2.0
9.3
EPSS
46.5%
CVE-2013-5058 MEDIUM POC PATCH This Month

Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 6.9). Public exploit code available.

Buffer Overflow Microsoft Integer Overflow Windows 7 Windows 8 +8
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
2.3%
CVE-2013-5056 CRITICAL PATCH Act Now

Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.6%.

Use After Free Denial Of Service Buffer Overflow Memory Corruption Microsoft +11
NVD
CVSS 2.0
9.3
EPSS
33.6%
CVE-2013-3876 HIGH This Week

DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD
CVSS 2.0
7.1
EPSS
2.0%
CVE-2013-3940 CRITICAL PATCH Act Now

Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 71.8%.

Denial Of Service Buffer Overflow Microsoft Integer Overflow RCE +10
NVD
CVSS 2.0
9.3
EPSS
71.8%
Threat
4.0
CVE-2013-3869 MEDIUM PATCH This Month

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD
CVSS 2.0
5.0
EPSS
9.5%
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 7 +8
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 12% CVSS 7.5
HIGH PATCH Act Now

Memory leak in the Local RPC (LRPC) server implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.9%.

Denial Of Service Microsoft Windows 7 +6
NVD
EPSS 8% CVSS 7.6
HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly restrict the. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 3% CVSS 6.9
MEDIUM PATCH This Month

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges by. Rated medium severity (CVSS 6.9).

Privilege Escalation Microsoft Windows 7 +5
NVD
EPSS 10% CVSS 9.3
CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft +8
NVD
EPSS 49% 4.4 CVSS 7.2
HIGH POC THREAT Act Now

Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 49.1%.

Information Disclosure Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 42% CVSS 9.3
CRITICAL PATCH Act Now

GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.4%.

RCE Microsoft Windows 7 +8
NVD
EPSS 44% CVSS 9.3
CRITICAL PATCH Act Now

usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.4%.

Denial Of Service RCE Buffer Overflow +10
NVD
EPSS 33% CVSS 5.0
MEDIUM PATCH This Month

The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 33.4%.

Denial Of Service Microsoft Windows 7 +7
NVD
EPSS 30% CVSS 5.1
MEDIUM PATCH This Month

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. Epss exploitation probability 29.9%.

Information Disclosure Microsoft Windows 7 +3
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 23% CVSS 6.9
MEDIUM PATCH This Month

Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 6.9). Epss exploitation probability 22.6%.

Information Disclosure Microsoft Windows 7 +9
NVD VulDB
EPSS 1% CVSS 6.6
MEDIUM PATCH This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Information Disclosure Microsoft +10
NVD VulDB
EPSS 21% CVSS 9.3
CRITICAL PATCH Act Now

Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 21.3%.

RCE Buffer Overflow Microsoft +8
NVD VulDB
EPSS 1% CVSS 7.2
HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +9
NVD VulDB
EPSS 14% CVSS 5.0
MEDIUM POC THREAT This Month

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.9%.

Denial Of Service Microsoft Windows 8 +1
NVD
EPSS 32% CVSS 7.1
HIGH PATCH Act Now

The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 31.9%.

Information Disclosure Microsoft Windows 7 +9
NVD
EPSS 46% CVSS 9.3
CRITICAL PATCH Act Now

The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 46.5%.

Buffer Overflow Microsoft RCE +7
NVD
EPSS 2% CVSS 6.9
MEDIUM POC PATCH This Month

Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 6.9). Public exploit code available.

Buffer Overflow Microsoft Integer Overflow +10
NVD Exploit-DB
EPSS 34% CVSS 9.3
CRITICAL PATCH Act Now

Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.6%.

Use After Free Denial Of Service Buffer Overflow +13
NVD
EPSS 2% CVSS 7.1
HIGH This Week

DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Windows 7 +9
NVD
EPSS 72% 4.0 CVSS 9.3
CRITICAL PATCH Act Now

Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 71.8%.

Denial Of Service Buffer Overflow Microsoft +12
NVD
EPSS 10% CVSS 5.0
MEDIUM PATCH This Month

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 7 +9
NVD
Prev Page 24 of 24

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy