Windows 7
by Microsoft
CVEs (1,811)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0038 | Med | 0.45 | 5.5 | 0.82 | Feb 20, 2017 | gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive… | ||
| CVE-2023-21563 | Med | 0.44 | 6.8 | 0.02 | Jan 10, 2023 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2021-41342 | Med | 0.44 | 6.8 | 0.02 | Oct 13, 2021 | Windows MSHTML Platform Remote Code Execution Vulnerability | ||
| CVE-2021-34447 | Med | 0.44 | 6.8 | 0.02 | Jul 16, 2021 | Windows MSHTML Platform Remote Code Execution Vulnerability | ||
| CVE-2021-34497 | Med | 0.44 | 6.8 | 0.02 | Jul 14, 2021 | Windows MSHTML Platform Remote Code Execution Vulnerability | ||
| CVE-2021-31971 | Med | 0.44 | 6.8 | 0.02 | Jun 8, 2021 | Windows HTML Platforms Security Feature Bypass Vulnerability | ||
| CVE-2018-3639 | Med | 0.44 | 5.5 | 0.61 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,… | ||
| CVE-2017-8628 | Med | 0.44 | 6.8 | 0.02 | Sep 13, 2017 | Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability". | ||
| CVE-2017-0244 | Med | 0.44 | 6.7 | 0.02 | May 12, 2017 | The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows locally authenticated attackers to gain privileges via a crafted application, or in Windows 7 for x64-based systems, cause denial of service, aka "Windows Kernel Elevation of Privilege Vulnerability." | ||
| CVE-2016-7257 | Med | 0.44 | 6.5 | 0.23 | Dec 20, 2016 | The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure… | ||
| CVE-2016-7210 | Med | 0.44 | 6.5 | 0.21 | Nov 10, 2016 | atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from… | ||
| CVE-2016-0133 | Med | 0.44 | 6.8 | 0.01 | Mar 9, 2016 | The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows physically proximate attackers to execute arbitrary code by… | ||
| CVE-2016-0049 | Med | 0.44 | 6.2 | 0.13 | Feb 10, 2016 | Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypass authentication by deploying… | ||
| CVE-2023-21560 | Med | 0.43 | 6.6 | 0.01 | Jan 10, 2023 | Windows Boot Manager Security Feature Bypass Vulnerability | ||
| CVE-2022-38032 | Med | 0.43 | 6.6 | 0.01 | Oct 11, 2022 | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | ||
| CVE-2022-30205 | Med | 0.43 | 6.6 | 0.01 | Jul 12, 2022 | Windows Group Policy Elevation of Privilege Vulnerability | ||
| CVE-2022-22023 | Med | 0.43 | 6.6 | 0.01 | Jul 12, 2022 | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | ||
| CVE-2021-43216 | Med | 0.43 | 6.5 | 0.03 | Dec 15, 2021 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | ||
| CVE-2021-28323 | Med | 0.43 | 6.5 | 0.04 | Apr 13, 2021 | Windows DNS Information Disclosure Vulnerability | ||
| CVE-2021-1679 | Med | 0.43 | 6.5 | 0.03 | Jan 12, 2021 | Windows CryptoAPI Denial of Service Vulnerability |
- risk 0.45cvss 5.5epss 0.82
gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive…
- risk 0.44cvss 6.8epss 0.02
BitLocker Security Feature Bypass Vulnerability
- risk 0.44cvss 6.8epss 0.02
Windows MSHTML Platform Remote Code Execution Vulnerability
- risk 0.44cvss 6.8epss 0.02
Windows MSHTML Platform Remote Code Execution Vulnerability
- risk 0.44cvss 6.8epss 0.02
Windows MSHTML Platform Remote Code Execution Vulnerability
- risk 0.44cvss 6.8epss 0.02
Windows HTML Platforms Security Feature Bypass Vulnerability
- risk 0.44cvss 5.5epss 0.61
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,…
- risk 0.44cvss 6.8epss 0.02
Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability".
- risk 0.44cvss 6.7epss 0.02
The kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows locally authenticated attackers to gain privileges via a crafted application, or in Windows 7 for x64-based systems, cause denial of service, aka "Windows Kernel Elevation of Privilege Vulnerability."
- risk 0.44cvss 6.5epss 0.23
The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure…
- risk 0.44cvss 6.5epss 0.21
atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from…
- risk 0.44cvss 6.8epss 0.01
The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows physically proximate attackers to execute arbitrary code by…
- risk 0.44cvss 6.2epss 0.13
Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypass authentication by deploying…
- risk 0.43cvss 6.6epss 0.01
Windows Boot Manager Security Feature Bypass Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Group Policy Elevation of Privilege Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
- risk 0.43cvss 6.5epss 0.03
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.04
Windows DNS Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.03
Windows CryptoAPI Denial of Service Vulnerability
Page 50 of 91