Hyper-V

CVEs (16)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2018-8219	Microsoft Hyper-V	Hig	0.57	8.8	0.01	Jun 14, 2018	An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2026-45641	Microsoft Hyper-V	Hig	0.55	8.4	0.00	Jun 9, 2026	Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
CVE-2026-45607	Microsoft Hyper-V	Hig	0.55	8.4	0.00	Jun 9, 2026	Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
CVE-2018-8489	Microsoft Hyper-V	Hig	0.55	8.4	0.04	Oct 10, 2018	A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2,…
CVE-2018-8439	Microsoft Hyper-V	Hig	0.55	8.4	0.04	Sep 13, 2018	A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT…
CVE-2018-0961	Microsoft Hyper-V	Hig	0.50	7.6	0.03	May 9, 2018	A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2018-0959	Microsoft Hyper-V	Hig	0.50	7.6	0.09	May 9, 2018	A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows…
CVE-2018-8438	Microsoft Hyper-V	Med	0.45	6.8	0.07	Sep 13, 2018	A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2,…
CVE-2018-0964	Microsoft Hyper-V	Med	0.40	6.1	0.02	Apr 12, 2018	An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows 10, Windows 10…
CVE-2018-8434	Microsoft Hyper-V	Med	0.35	5.4	0.03	Sep 13, 2018	An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Information Disclosure Vulnerability." This affects Windows 7, Windows…
CVE-2018-0957	Microsoft Hyper-V	Med	0.35	5.3	0.02	Apr 12, 2018	An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows Server 2012 R2,…
CVE-2018-8435	Microsoft Hyper-V	Med	0.27	4.2	0.01	Sep 13, 2018	A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2015-2362	Microsoft Windows Server 2008		0.00	—	0.02	Jul 14, 2015	Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS by leveraging guest OS…
CVE-2015-2361	Microsoft Windows Server 2012		0.00	—	0.02	Jul 14, 2015	Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (buffer overflow) by leveraging guest OS privileges, aka…
CVE-2015-1647	Microsoft Windows Server 2012		0.00	—	0.02	Apr 14, 2015	Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 allows guest OS users to cause a denial of service (VMM functionality loss) via a crafted application, aka "Windows Hyper-V DoS Vulnerability."
CVE-2010-3960	Microsoft Windows Server 2008		0.00	—	0.02	Dec 16, 2010	Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows guest OS users to cause a denial of service (host OS hang) by sending a crafted encapsulated packet over the VMBus, aka "Hyper-V VMBus Vulnerability."

CVE-2018-8219HigJun 14, 2018
Microsoft
Hyper-V
risk 0.57cvss 8.8epss 0.01
An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2026-45641HigJun 9, 2026
Microsoft
Hyper-V
risk 0.55cvss 8.4epss 0.00
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
CVE-2026-45607HigJun 9, 2026
Microsoft
Hyper-V
risk 0.55cvss 8.4epss 0.00
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
CVE-2018-8489HigOct 10, 2018
Microsoft
Hyper-V
risk 0.55cvss 8.4epss 0.04
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2,…
CVE-2018-8439HigSep 13, 2018
Microsoft
Hyper-V
risk 0.55cvss 8.4epss 0.04
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT…
CVE-2018-0961HigMay 9, 2018
Microsoft
Hyper-V
risk 0.50cvss 7.6epss 0.03
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2018-0959HigMay 9, 2018
Microsoft
Hyper-V
risk 0.50cvss 7.6epss 0.09
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows…
CVE-2018-8438MedSep 13, 2018
Microsoft
Hyper-V
risk 0.45cvss 6.8epss 0.07
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2,…
CVE-2018-0964MedApr 12, 2018
Microsoft
Hyper-V
risk 0.40cvss 6.1epss 0.02
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows 10, Windows 10…
CVE-2018-8434MedSep 13, 2018
Microsoft
Hyper-V
risk 0.35cvss 5.4epss 0.03
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Information Disclosure Vulnerability." This affects Windows 7, Windows…
CVE-2018-0957MedApr 12, 2018
Microsoft
Hyper-V
risk 0.35cvss 5.3epss 0.02
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows Server 2012 R2,…
CVE-2018-8435MedSep 13, 2018
Microsoft
Hyper-V
risk 0.27cvss 4.2epss 0.01
A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2015-2362Jul 14, 2015
Microsoft
Windows Server 2008
risk 0.00cvss —epss 0.02
Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS by leveraging guest OS…
CVE-2015-2361Jul 14, 2015
Microsoft
Windows Server 2012
risk 0.00cvss —epss 0.02
Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (buffer overflow) by leveraging guest OS privileges, aka…
CVE-2015-1647Apr 14, 2015
Microsoft
Windows Server 2012
risk 0.00cvss —epss 0.02
Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 allows guest OS users to cause a denial of service (VMM functionality loss) via a crafted application, aka "Windows Hyper-V DoS Vulnerability."
CVE-2010-3960Dec 16, 2010
Microsoft
Windows Server 2008
risk 0.00cvss —epss 0.02
Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows guest OS users to cause a denial of service (host OS hang) by sending a crafted encapsulated packet over the VMBus, aka "Hyper-V VMBus Vulnerability."