Skip to main content

Windows Server 2003

181 CVEs product

Monthly

CVE-2013-3174 CRITICAL POC THREAT Emergency

DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 34.9%.

Code Injection Microsoft RCE Windows 7 Windows 8 +5
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
34.9%
Threat
4.4
CVE-2013-3173 HIGH This Week

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 7 Windows 8 Windows Rt +5
NVD
CVSS 2.0
7.2
EPSS
2.6%
CVE-2013-3172 MEDIUM This Month

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.4%
CVE-2013-3167 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
7.2
EPSS
1.9%
CVE-2013-3129 HIGH Act Now

Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 51.7% and no vendor patch available.

Code Injection Microsoft RCE Net Framework Lync +12
NVD
CVSS 3.1
7.8
EPSS
51.7%
CVE-2013-1345 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows Rt +5
NVD
CVSS 2.0
7.2
EPSS
3.1%
CVE-2013-1340 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows Rt +5
NVD
CVSS 3.1
8.4
EPSS
1.0%
CVE-2013-1300 HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.2%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows Rt +5
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
27.2%
CVE-2013-3136 MEDIUM This Month

The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly handle unspecified. Rated medium severity (CVSS 4.4). No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows Server 2003 +3
NVD
CVSS 2.0
4.4
EPSS
1.0%
CVE-2013-3661 MEDIUM POC This Month

The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Path Traversal Microsoft Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
4.9
EPSS
1.8%
CVE-2013-1334 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 7 Windows 8 Windows Rt +5
NVD
CVSS 2.0
7.2
EPSS
3.4%
CVE-2013-1295 HIGH This Week

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly handle objects in memory, which allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows Server 2003 Windows Server 2008 Windows Vista +1
NVD
CVSS 2.0
7.2
EPSS
0.8%
CVE-2013-1294 HIGH This Week

Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows 8 +6
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2013-1291 HIGH Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 Gold and SP1, and Windows 8 allows local users to. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 17.2% and no vendor patch available.

Denial Of Service Microsoft Windows 7 Windows 8 Windows Server 2003 +3
NVD
CVSS 2.0
7.1
EPSS
17.2%
CVE-2013-1283 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
6.9
EPSS
0.6%
CVE-2013-1287 HIGH This Week

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE Windows Xp Windows Server 2003 +5
NVD
CVSS 2.0
7.2
EPSS
0.5%
CVE-2013-1286 HIGH This Week

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE Windows Xp Windows Server 2003 +5
NVD
CVSS 2.0
7.2
EPSS
0.5%
CVE-2013-1285 HIGH This Week

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE Windows Xp Windows Server 2003 +5
NVD
CVSS 2.0
7.2
EPSS
0.5%
CVE-2013-1280 HIGH This Week

The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2013-1279 HIGH This Week

Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
7.2
EPSS
0.5%
CVE-2013-1278 HIGH This Week

Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2013-1277 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1276 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1275 HIGH This Week

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2013-1274 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1273 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1272 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1271 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1270 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1269 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1268 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.6%
CVE-2013-1267 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1266 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1265 HIGH This Week

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2013-1264 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1263 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1262 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1261 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1260 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1259 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1258 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1257 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.8%
CVE-2013-1256 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1255 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1254 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1253 HIGH This Week

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2013-1252 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1251 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1250 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1249 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-1248 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
4.9
EPSS
0.5%
CVE-2013-0077 CRITICAL Emergency

Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via crafted media content in (1) a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
9.3
EPSS
53.0%
CVE-2013-0007 CRITICAL Act Now

Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.2% and no vendor patch available.

Code Injection Microsoft RCE Xml Core Services Windows 7 +13
NVD
CVSS 2.0
9.3
EPSS
24.2%
CVE-2013-0006 HIGH Act Now

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 68.3% and no vendor patch available.

Microsoft RCE Xml Core Services Windows 7 Windows 8 +12
NVD
CVSS 3.1
8.8
EPSS
68.3%
CVE-2012-4786 CRITICAL Emergency

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 55.3% and no vendor patch available.

Code Injection Microsoft RCE Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
10.0
EPSS
55.3%
CVE-2012-4774 CRITICAL Emergency

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 56.8% and no vendor patch available.

Code Injection Microsoft RCE Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
9.3
EPSS
56.8%
CVE-2012-2556 CRITICAL Emergency

The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 46.2% and no vendor patch available.

Code Injection Microsoft RCE Windows 2003 Server Windows 7 +7
NVD
CVSS 2.0
9.3
EPSS
46.2%
CVE-2012-2553 HIGH This Week

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
7.2
EPSS
1.3%
CVE-2012-2530 HIGH This Week

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
7.2
EPSS
2.5%
CVE-2012-1528 CRITICAL Emergency

Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 47.4% and no vendor patch available.

Buffer Overflow Microsoft Windows 7 Windows 8 Windows Server 2003 +4
NVD
CVSS 2.0
9.3
EPSS
47.4%
CVE-2012-1527 CRITICAL Emergency

Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 47.4% and no vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows Server 2003 +4
NVD
CVSS 2.0
9.3
EPSS
47.4%
CVE-2012-2529 HIGH This Week

Integer overflow in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
7.2
EPSS
1.2%
CVE-2012-2897 HIGH Act Now

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 40.9% and no vendor patch available.

Buffer Overflow Google Microsoft RCE Chrome +8
NVD
CVSS 3.1
7.8
EPSS
40.9%
CVE-2012-2527 HIGH This Week

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
7.2
EPSS
0.9%
CVE-2012-1851 CRITICAL Emergency

Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 72.5% and no vendor patch available.

Microsoft RCE Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
10.0
EPSS
72.5%
Threat
4.2
CVE-2012-1850 MEDIUM This Month

The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 66.1% and no vendor patch available.

Denial Of Service Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
5.0
EPSS
66.1%
CVE-2012-1893 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
7.2
EPSS
0.7%
CVE-2012-1890 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
7.2
EPSS
0.7%
CVE-2012-1870 MEDIUM This Month

The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and other. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 13.8% and no vendor patch available.

Information Disclosure Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
4.3
EPSS
13.8%
CVE-2012-0175 HIGH Act Now

The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 46.8% and no vendor patch available.

Code Injection Command Injection Microsoft RCE Windows 2003 Server +5
NVD
CVSS 3.1
8.8
EPSS
46.8%
CVE-2012-1867 HIGH This Week

Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 2003 Server Windows 7 Windows Server 2003 +3
NVD
CVSS 3.1
8.4
EPSS
1.0%
CVE-2012-1866 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 2003 Server Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
7.2
EPSS
0.7%
CVE-2012-1865 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 2003 Server Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
7.2
EPSS
0.9%
CVE-2012-1864 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 2003 Server Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
7.2
EPSS
1.2%
CVE-2012-0217 HIGH POC THREAT Act Now

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 88.0%.

Citrix Intel Buffer Overflow Oracle Canonical +12
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
88.0%
Threat
5.6
CVE-2012-0173 CRITICAL Emergency

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 52.3% and no vendor patch available.

Code Injection Microsoft RCE Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
9.3
EPSS
52.3%
CVE-2012-1848 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
7.2
EPSS
1.4%
CVE-2012-0181 HIGH POC This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
3.6%
CVE-2012-0180 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2012-0157 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 3.1
8.4
EPSS
1.4%
CVE-2012-0006 MEDIUM This Month

The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 62.6% and no vendor patch available.

Denial Of Service Microsoft Windows Server 2003 Windows Server 2008
NVD
CVSS 2.0
5.0
EPSS
62.6%
CVE-2012-0002 CRITICAL POC THREAT Emergency

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 87.4%.

Code Injection Microsoft RCE Windows 7 Windows Server 2003 +3
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
87.4%
Threat
6.0
CVE-2012-0154 HIGH This Week

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
7.2
EPSS
1.3%
CVE-2012-0149 HIGH This Week

afd.sys in the Ancillary Function Driver in Microsoft Windows Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows Server 2003
NVD
CVSS 2.0
7.2
EPSS
1.2%
CVE-2012-0148 HIGH This Week

afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
7.2
EPSS
1.5%
CVE-2012-0013 CRITICAL POC THREAT Emergency

Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 86.5%.

Microsoft RCE Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
86.5%
Threat
6.0
CVE-2012-0009 CRITICAL Emergency

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.5% and no vendor patch available.

Information Disclosure Microsoft Windows Server 2003 Windows Xp
NVD
CVSS 2.0
9.3
EPSS
53.5%
CVE-2012-0005 MEDIUM This Month

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, when a Chinese, Japanese, or Korean. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Microsoft Windows Server 2003 Windows Server 2008 Windows Vista +1
NVD
CVSS 2.0
6.9
EPSS
3.7%
CVE-2012-0004 CRITICAL Emergency

Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.4% and no vendor patch available.

Microsoft RCE Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD
CVSS 2.0
9.3
EPSS
64.4%
CVE-2012-0003 HIGH POC THREAT Act Now

Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 88.0%.

Microsoft RCE Windows 7 Windows Server 2003 Windows Server 2008 +2
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
88.0%
Threat
5.8
EPSS 35% 4.4 CVSS 9.3
CRITICAL POC THREAT Emergency

DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 34.9%.

Code Injection Microsoft RCE +7
NVD Exploit-DB
EPSS 3% CVSS 7.2
HIGH This Week

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 7 +7
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft +5
NVD
EPSS 2% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Microsoft +5
NVD
EPSS 52% CVSS 7.8
HIGH Act Now

Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 51.7% and no vendor patch available.

Code Injection Microsoft RCE +14
NVD
EPSS 3% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 1% CVSS 8.4
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 7 +7
NVD
EPSS 27% CVSS 7.2
HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.2%.

Privilege Escalation Microsoft Windows 7 +7
NVD Exploit-DB
EPSS 1% CVSS 4.4
MEDIUM This Month

The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly handle unspecified. Rated medium severity (CVSS 4.4). No vendor patch available.

Information Disclosure Microsoft Windows 7 +5
NVD
EPSS 2% CVSS 4.9
MEDIUM POC This Month

The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Path Traversal Microsoft +8
NVD Exploit-DB
EPSS 3% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 7 +7
NVD
EPSS 1% CVSS 7.2
HIGH This Week

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly handle objects in memory, which allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows Server 2003 +3
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Microsoft +8
NVD
EPSS 17% CVSS 7.1
HIGH Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 Gold and SP1, and Windows 8 allows local users to. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 17.2% and no vendor patch available.

Denial Of Service Microsoft Windows 7 +5
NVD
EPSS 1% CVSS 6.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Race Condition Microsoft +8
NVD
EPSS 1% CVSS 7.2
HIGH This Week

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE +7
NVD
EPSS 1% CVSS 7.2
HIGH This Week

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE +7
NVD
EPSS 1% CVSS 7.2
HIGH This Week

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE +7
NVD
EPSS 1% CVSS 7.2
HIGH This Week

The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 7 +4
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 0% CVSS 7.4
HIGH This Week

Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft +5
NVD
EPSS 53% CVSS 9.3
CRITICAL Emergency

Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via crafted media content in (1) a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.0% and no vendor patch available.

Code Injection Microsoft RCE +4
NVD
EPSS 24% CVSS 9.3
CRITICAL Act Now

Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.2% and no vendor patch available.

Code Injection Microsoft RCE +15
NVD
EPSS 68% CVSS 8.8
HIGH Act Now

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 68.3% and no vendor patch available.

Microsoft RCE Xml Core Services +14
NVD
EPSS 55% CVSS 10.0
CRITICAL Emergency

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 55.3% and no vendor patch available.

Code Injection Microsoft RCE +5
NVD
EPSS 57% CVSS 9.3
CRITICAL Emergency

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 56.8% and no vendor patch available.

Code Injection Microsoft RCE +5
NVD
EPSS 46% CVSS 9.3
CRITICAL Emergency

The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 46.2% and no vendor patch available.

Code Injection Microsoft RCE +9
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 7 +4
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 7 +4
NVD
EPSS 47% CVSS 9.3
CRITICAL Emergency

Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 47.4% and no vendor patch available.

Buffer Overflow Microsoft Windows 7 +6
NVD
EPSS 47% CVSS 9.3
CRITICAL Emergency

Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 47.4% and no vendor patch available.

Information Disclosure Microsoft Windows 7 +6
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Integer overflow in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 7 +4
NVD
EPSS 41% CVSS 7.8
HIGH Act Now

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 40.9% and no vendor patch available.

Buffer Overflow Google Microsoft +10
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 7 +4
NVD
EPSS 72% 4.2 CVSS 10.0
CRITICAL Emergency

Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 72.5% and no vendor patch available.

Microsoft RCE Windows 7 +4
NVD
EPSS 66% CVSS 5.0
MEDIUM This Month

The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 66.1% and no vendor patch available.

Denial Of Service Microsoft Windows 7 +4
NVD
EPSS 1% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 +4
NVD
EPSS 1% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 +4
NVD
EPSS 14% CVSS 4.3
MEDIUM This Month

The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and other. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 13.8% and no vendor patch available.

Information Disclosure Microsoft Windows 7 +4
NVD
EPSS 47% CVSS 8.8
HIGH Act Now

The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 46.8% and no vendor patch available.

Code Injection Command Injection Microsoft +7
NVD
EPSS 1% CVSS 8.4
HIGH This Week

Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 2003 Server +5
NVD
EPSS 1% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 2003 Server +5
NVD
EPSS 1% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 2003 Server +5
NVD
EPSS 1% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 2003 Server +5
NVD
EPSS 88% 5.6 CVSS 7.2
HIGH POC THREAT Act Now

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 88.0%.

Citrix Intel Buffer Overflow +14
NVD Exploit-DB
EPSS 52% CVSS 9.3
CRITICAL Emergency

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 52.3% and no vendor patch available.

Code Injection Microsoft RCE +5
NVD
EPSS 1% CVSS 7.2
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 +4
NVD
EPSS 4% CVSS 7.2
HIGH POC This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 7 +4
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 +4
NVD
EPSS 1% CVSS 8.4
HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 +4
NVD
EPSS 63% CVSS 5.0
MEDIUM This Month

The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 62.6% and no vendor patch available.

Denial Of Service Microsoft Windows Server 2003 +1
NVD
EPSS 87% 6.0 CVSS 9.3
CRITICAL POC THREAT Emergency

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 87.4%.

Code Injection Microsoft RCE +5
NVD Exploit-DB
EPSS 1% CVSS 7.2
HIGH This Week

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 7 +4
NVD
EPSS 1% CVSS 7.2
HIGH This Week

afd.sys in the Ancillary Function Driver in Microsoft Windows Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows Server 2003
NVD
EPSS 1% CVSS 7.2
HIGH This Week

afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 +4
NVD
EPSS 86% 6.0 CVSS 9.3
CRITICAL POC THREAT Emergency

Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 86.5%.

Microsoft RCE Windows 7 +4
NVD Exploit-DB
EPSS 54% CVSS 9.3
CRITICAL Emergency

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.5% and no vendor patch available.

Information Disclosure Microsoft Windows Server 2003 +1
NVD
EPSS 4% CVSS 6.9
MEDIUM This Month

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, when a Chinese, Japanese, or Korean. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Microsoft Windows Server 2003 +3
NVD
EPSS 64% CVSS 9.3
CRITICAL Emergency

Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.4% and no vendor patch available.

Microsoft RCE Windows 7 +4
NVD
EPSS 88% 5.8 CVSS 8.1
HIGH POC THREAT Act Now

Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 88.0%.

Microsoft RCE Windows 7 +4
NVD Exploit-DB
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy