Skip to main content

Windows Rt 8 1

1934 CVEs product

Monthly

CVE-2015-0061 MEDIUM PATCH This Month

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.1%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
4.3
EPSS
22.1%
CVE-2015-0060 MEDIUM POC PATCH This Month

The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
4.7
EPSS
2.5%
CVE-2015-0059 MEDIUM POC PATCH THREAT This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 36.4%.

RCE Privilege Escalation Microsoft Windows 7 Windows 8 +5
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
36.4%
Threat
4.0
CVE-2015-0058 HIGH POC PATCH This Week

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 8 1 Windows Rt 8 1 Windows Server 2012
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
7.7%
CVE-2015-0057 HIGH POC PATCH THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 68.4%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
68.4%
Threat
5.0
CVE-2015-0010 LOW POC PATCH Monitor

The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2. Rated low severity (CVSS 1.9). Public exploit code available.

Authentication Bypass Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
1.9
EPSS
1.7%
CVE-2015-0009 LOW POC PATCH Monitor

The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
3.3
EPSS
4.1%
CVE-2015-0008 HIGH POC PATCH This Week

The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. Public exploit code available.

Microsoft RCE Authentication Bypass Windows 7 Windows 8 +7
NVD Exploit-DB
CVSS 2.0
8.3
EPSS
9.0%
CVE-2015-0003 MEDIUM POC PATCH THREAT This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 13.6%.

Denial Of Service Null Pointer Dereference Microsoft Windows 7 Windows 8 +7
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
13.6%
CVE-2015-0011 MEDIUM This Month

mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 4.7). No vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
4.7
EPSS
0.5%
CVE-2015-0006 MEDIUM This Month

The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Epss exploitation probability 11.1% and no vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
6.1
EPSS
11.1%
CVE-2015-0004 HIGH POC THREAT Act Now

The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 24.1%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
24.1%
CVE-2015-0002 HIGH POC THREAT Act Now

The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 38.2%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
38.2%
Threat
4.1
CVE-2015-0001 LOW Monitor

The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light. Rated low severity (CVSS 1.9). No vendor patch available.

Privilege Escalation Microsoft Windows 8 Windows 8 1 Windows Rt +2
NVD
CVSS 2.0
1.9
EPSS
0.6%
CVE-2014-6355 MEDIUM This Month

The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 16.2% and no vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
5.0
EPSS
16.2%
CVE-2014-6322 MEDIUM PATCH This Month

The Windows Audio service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
4.3
EPSS
6.8%
CVE-2014-6321 CRITICAL POC PATCH THREAT Act Now

Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 93.0%.

RCE Code Injection Microsoft Windows 7 Windows 8 +7
NVD
CVSS 2.0
10.0
EPSS
93.0%
Threat
6.3
CVE-2014-6318 MEDIUM PATCH This Month

The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.6%.

Microsoft Authentication Bypass Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
4.3
EPSS
31.6%
CVE-2014-6317 HIGH PATCH Act Now

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 25.9%.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.1
EPSS
25.9%
CVE-2014-4118 CRITICAL PATCH Act Now

XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.4%.

RCE Denial Of Service Code Injection Microsoft Windows 7 +8
NVD
CVSS 2.0
9.3
EPSS
28.4%
CVE-2014-4074 HIGH PATCH This Week

The Task Scheduler in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via an application that schedules a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 8 Windows 8 1 Windows Rt +2
NVD
CVSS 2.0
7.2
EPSS
1.7%
CVE-2014-4064 MEDIUM PATCH This Month

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
4.9
EPSS
2.4%
CVE-2014-1819 HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
1.5%
CVE-2014-1814 HIGH PATCH This Week

The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
2.5%
CVE-2014-0318 HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
2.6%
CVE-2014-0316 HIGH PATCH Act Now

Memory leak in the Local RPC (LRPC) server implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.9%.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD
CVSS 2.0
7.5
EPSS
11.9%
CVE-2014-2781 HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly restrict the. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
7.6
EPSS
7.5%
CVE-2014-1824 CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
9.3
EPSS
9.7%
CVE-2014-1767 HIGH POC THREAT Act Now

Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 49.1%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
49.1%
Threat
4.4
CVE-2014-1818 CRITICAL PATCH Act Now

GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.4%.

RCE Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
9.3
EPSS
42.4%
CVE-2014-1817 CRITICAL PATCH Act Now

usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.4%.

Denial Of Service RCE Buffer Overflow Microsoft Windows 7 +8
NVD
CVSS 2.0
9.3
EPSS
44.4%
CVE-2014-1811 MEDIUM PATCH This Month

The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 33.4%.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
5.0
EPSS
33.4%
CVE-2014-1807 HIGH PATCH This Week

The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
3.1%
CVE-2014-0315 MEDIUM PATCH This Month

Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 6.9). Epss exploitation probability 22.6%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD VulDB
CVSS 2.0
6.9
EPSS
22.6%
CVE-2014-0323 MEDIUM PATCH This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Information Disclosure Microsoft Windows 7 Windows 8 +8
NVD VulDB
CVSS 2.0
6.6
EPSS
0.9%
CVE-2014-0300 HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD VulDB
CVSS 2.0
7.2
EPSS
0.6%
CVE-2014-0266 HIGH PATCH Act Now

The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 31.9%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD
CVSS 2.0
7.1
EPSS
31.9%
CVE-2014-0263 CRITICAL PATCH Act Now

The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 46.5%.

Buffer Overflow Microsoft RCE Windows 7 Windows 8 +5
NVD
CVSS 2.0
9.3
EPSS
46.5%
CVE-2013-5058 MEDIUM POC PATCH This Month

Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 6.9). Public exploit code available.

Buffer Overflow Microsoft Integer Overflow Windows 7 Windows 8 +8
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
2.3%
CVE-2013-5056 CRITICAL PATCH Act Now

Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.6%.

Use After Free Denial Of Service Buffer Overflow Memory Corruption Microsoft +11
NVD
CVSS 2.0
9.3
EPSS
33.6%
CVE-2013-3903 MEDIUM This Month

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to cause a denial of service. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Microsoft Windows 8 Windows Rt Windows Rt 8 1 +1
NVD
CVSS 2.0
4.7
EPSS
1.0%
CVE-2013-3876 HIGH This Week

DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD
CVSS 2.0
7.1
EPSS
2.0%
CVE-2013-3940 CRITICAL PATCH Act Now

Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 71.8%.

Denial Of Service Buffer Overflow Microsoft Integer Overflow RCE +10
NVD
CVSS 2.0
9.3
EPSS
71.8%
Threat
4.0
CVE-2013-3869 MEDIUM PATCH This Month

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD
CVSS 2.0
5.0
EPSS
9.5%
EPSS 22% CVSS 4.3
MEDIUM PATCH This Month

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.1%.

Information Disclosure Microsoft Windows 7 +8
NVD
EPSS 3% CVSS 4.7
MEDIUM POC PATCH This Month

The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 36% 4.0 CVSS 6.9
MEDIUM POC PATCH THREAT This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 36.4%.

RCE Privilege Escalation Microsoft +7
NVD Exploit-DB
EPSS 8% CVSS 7.2
HIGH POC PATCH This Week

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 8 1 +2
NVD Exploit-DB
EPSS 68% 5.0 CVSS 7.2
HIGH POC PATCH THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 68.4%.

Privilege Escalation Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 2% CVSS 1.9
LOW POC PATCH Monitor

The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2. Rated low severity (CVSS 1.9). Public exploit code available.

Authentication Bypass Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 4% CVSS 3.3
LOW POC PATCH Monitor

The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 9% CVSS 8.3
HIGH POC PATCH This Week

The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. Public exploit code available.

Microsoft RCE Authentication Bypass +9
NVD Exploit-DB
EPSS 14% CVSS 6.9
MEDIUM POC PATCH THREAT This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 13.6%.

Denial Of Service Null Pointer Dereference Microsoft +9
NVD Exploit-DB
EPSS 1% CVSS 4.7
MEDIUM This Month

mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 4.7). No vendor patch available.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 11% CVSS 6.1
MEDIUM This Month

The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Epss exploitation probability 11.1% and no vendor patch available.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 24% CVSS 7.2
HIGH POC THREAT Act Now

The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 24.1%.

Privilege Escalation Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 38% 4.1 CVSS 7.2
HIGH POC THREAT Act Now

The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 38.2%.

Privilege Escalation Microsoft Windows 7 +6
NVD Exploit-DB
EPSS 1% CVSS 1.9
LOW Monitor

The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light. Rated low severity (CVSS 1.9). No vendor patch available.

Privilege Escalation Microsoft Windows 8 +4
NVD
EPSS 16% CVSS 5.0
MEDIUM This Month

The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 16.2% and no vendor patch available.

Information Disclosure Microsoft Windows 7 +8
NVD
EPSS 7% CVSS 4.3
MEDIUM PATCH This Month

The Windows Audio service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 7 +7
NVD
EPSS 93% 6.3 CVSS 10.0
CRITICAL POC PATCH THREAT Act Now

Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 93.0%.

RCE Code Injection Microsoft +9
NVD
EPSS 32% CVSS 4.3
MEDIUM PATCH This Month

The audit logon feature in Remote Desktop Protocol (RDP) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.6%.

Microsoft Authentication Bypass Windows 7 +7
NVD
EPSS 26% CVSS 7.1
HIGH PATCH Act Now

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 25.9%.

Denial Of Service Microsoft Windows 7 +8
NVD
EPSS 28% CVSS 9.3
CRITICAL PATCH Act Now

XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.4%.

RCE Denial Of Service Code Injection +10
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

The Task Scheduler in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via an application that schedules a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 8 +4
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 7 +8
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 12% CVSS 7.5
HIGH PATCH Act Now

Memory leak in the Local RPC (LRPC) server implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.9%.

Denial Of Service Microsoft Windows 7 +6
NVD
EPSS 8% CVSS 7.6
HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly restrict the. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 10% CVSS 9.3
CRITICAL PATCH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Microsoft +8
NVD
EPSS 49% 4.4 CVSS 7.2
HIGH POC THREAT Act Now

Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 49.1%.

Information Disclosure Microsoft Windows 7 +8
NVD Exploit-DB
EPSS 42% CVSS 9.3
CRITICAL PATCH Act Now

GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.4%.

RCE Microsoft Windows 7 +8
NVD
EPSS 44% CVSS 9.3
CRITICAL PATCH Act Now

usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.4%.

Denial Of Service RCE Buffer Overflow +10
NVD
EPSS 33% CVSS 5.0
MEDIUM PATCH This Month

The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 33.4%.

Denial Of Service Microsoft Windows 7 +7
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +8
NVD
EPSS 23% CVSS 6.9
MEDIUM PATCH This Month

Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 6.9). Epss exploitation probability 22.6%.

Information Disclosure Microsoft Windows 7 +9
NVD VulDB
EPSS 1% CVSS 6.6
MEDIUM PATCH This Month

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Information Disclosure Microsoft +10
NVD VulDB
EPSS 1% CVSS 7.2
HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 +9
NVD VulDB
EPSS 32% CVSS 7.1
HIGH PATCH Act Now

The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 31.9%.

Information Disclosure Microsoft Windows 7 +9
NVD
EPSS 46% CVSS 9.3
CRITICAL PATCH Act Now

The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 46.5%.

Buffer Overflow Microsoft RCE +7
NVD
EPSS 2% CVSS 6.9
MEDIUM POC PATCH This Month

Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated medium severity (CVSS 6.9). Public exploit code available.

Buffer Overflow Microsoft Integer Overflow +10
NVD Exploit-DB
EPSS 34% CVSS 9.3
CRITICAL PATCH Act Now

Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.6%.

Use After Free Denial Of Service Buffer Overflow +13
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to cause a denial of service. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Microsoft Windows 8 +3
NVD
EPSS 2% CVSS 7.1
HIGH This Week

DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Windows 7 +9
NVD
EPSS 72% 4.0 CVSS 9.3
CRITICAL PATCH Act Now

Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 71.8%.

Denial Of Service Buffer Overflow Microsoft +12
NVD
EPSS 10% CVSS 5.0
MEDIUM PATCH This Month

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 7 +9
NVD
Prev Page 22 of 22

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy