VYPR

Windows Search Indexer

by Microsoft

CVEs (33)

  • CVE-2017-8543CriKEVJun 15, 2017
    risk 0.82cvss 9.8epss 0.74

    Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an…

  • CVE-2017-11771CriOct 13, 2017
    risk 0.69cvss 9.8epss 0.64

    The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when…

  • CVE-2017-8620HigAug 8, 2017
    risk 0.57cvss 8.1epss 0.55

    Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in…

  • CVE-2026-27909HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.02

    Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

  • CVE-2017-11788HigNov 15, 2017
    risk 0.49cvss 7.5epss 0.08

    Windows Search in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows server, version 1709 allows an unauthenticated attacker to remotely send specially…

  • CVE-2017-11772HigOct 13, 2017
    risk 0.49cvss 7.5epss 0.08

    The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure when it fails to…

  • CVE-2023-36884KEVJul 11, 2023
    risk 0.25cvss epss 0.99

    Windows Search Remote Code Execution Vulnerability

  • CVE-2009-0239Jun 10, 2009
    risk 0.03cvss epss 0.33

    Cross-site scripting (XSS) vulnerability in Windows Search 4.0 for Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted file that appears in a preview in a search result, aka "Script…

  • CVE-2018-8450Nov 14, 2018
    risk 0.02cvss epss 0.16

    A remote code execution vulnerability exists when Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows…

  • CVE-2008-4269Dec 10, 2008
    risk 0.02cvss epss 0.21

    The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Windows Search…

  • CVE-2008-4268Dec 10, 2008
    risk 0.02cvss epss 0.21

    The Windows Search component in Microsoft Windows Vista Gold and SP1 and Server 2008 does not properly free memory during a save operation for a Windows Search file, which allows remote attackers to execute arbitrary code via a crafted saved-search file, aka "Windows Saved…

  • CVE-2025-59198Oct 14, 2025
    risk 0.00cvss epss 0.00

    Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

  • CVE-2025-49685Jul 8, 2025
    risk 0.00cvss epss 0.00

    Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

  • CVE-2025-21292Jan 14, 2025
    risk 0.00cvss epss 0.01

    Windows Search Service Elevation of Privilege Vulnerability

  • CVE-2023-36394Nov 14, 2023
    risk 0.00cvss epss 0.07

    Windows Search Service Elevation of Privilege Vulnerability

  • CVE-2023-36564Oct 10, 2023
    risk 0.00cvss epss 0.01

    Windows Search Security Feature Bypass Vulnerability

  • CVE-2020-0857Mar 12, 2020
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'.

  • CVE-2020-0752Feb 11, 2020
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0666, CVE-2020-0667, CVE-2020-0735.

  • CVE-2020-0735Feb 11, 2020
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0666, CVE-2020-0667, CVE-2020-0752.

  • CVE-2020-0666Feb 11, 2020
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0667, CVE-2020-0735, CVE-2020-0752.

Page 1 of 2