Windows 7
by Microsoft
CVEs (1,811)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0723 | Med | 0.38 | 5.8 | 0.05 | Aug 14, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To… | ||
| CVE-2019-0716 | Med | 0.38 | 5.8 | 0.04 | Aug 14, 2019 | A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected… | ||
| CVE-2019-0715 | Med | 0.38 | 5.8 | 0.05 | Aug 14, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To… | ||
| CVE-2019-0714 | Med | 0.38 | 5.8 | 0.05 | Aug 14, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To… | ||
| CVE-2019-1040 | Med | 0.38 | 5.3 | 0.48 | Jun 12, 2019 | A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security… | ||
| CVE-2017-0191 | Med | 0.38 | 5.8 | 0.05 | Apr 12, 2017 | A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could… | ||
| CVE-2016-3263 | Med | 0.38 | 5.5 | 0.32 | Oct 14, 2016 | Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for… | ||
| CVE-2016-3262 | Med | 0.38 | 5.5 | 0.32 | Oct 14, 2016 | Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for… | ||
| CVE-2021-1708 | Med | 0.37 | 5.7 | 0.03 | Jan 12, 2021 | Windows GDI+ Information Disclosure Vulnerability | ||
| CVE-2020-1599 | Med | 0.37 | 5.5 | 0.19 | Nov 11, 2020 | Windows Spoofing Vulnerability | ||
| CVE-2018-8472 | Med | 0.37 | 5.5 | 0.19 | Oct 10, 2018 | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows… | ||
| CVE-2017-11853 | Med | 0.37 | 5.5 | 0.11 | Nov 15, 2017 | Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted… | ||
| CVE-2017-11816 | Med | 0.37 | 5.5 | 0.20 | Oct 13, 2017 | The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure… | ||
| CVE-2017-8710 | Med | 0.37 | 5.5 | 0.10 | Sep 13, 2017 | The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an attacker to read arbitrary files via an XML external entity (XXE) declaration, due to the way that the Microsoft Common Console Document (.msc) parses XML input… | ||
| CVE-2022-35758 | Med | 0.36 | 5.5 | 0.01 | May 31, 2023 | Windows Kernel Memory Information Disclosure Vulnerability | ||
| CVE-2023-21776 | Med | 0.36 | 5.5 | 0.01 | Jan 10, 2023 | Windows Kernel Information Disclosure Vulnerability | ||
| CVE-2022-41074 | Med | 0.36 | 5.5 | 0.01 | Dec 13, 2022 | Windows Graphics Component Information Disclosure Vulnerability | ||
| CVE-2022-41098 | Med | 0.36 | 5.5 | 0.01 | Nov 9, 2022 | Windows GDI+ Information Disclosure Vulnerability | ||
| CVE-2022-38043 | Med | 0.36 | 5.5 | 0.01 | Oct 11, 2022 | Windows Security Support Provider Interface Information Disclosure Vulnerability | ||
| CVE-2022-38026 | Med | 0.36 | 5.5 | 0.01 | Oct 11, 2022 | Windows DHCP Client Information Disclosure Vulnerability |
- risk 0.38cvss 5.8epss 0.05
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…
- risk 0.38cvss 5.8epss 0.04
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected…
- risk 0.38cvss 5.8epss 0.05
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…
- risk 0.38cvss 5.8epss 0.05
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…
- risk 0.38cvss 5.3epss 0.48
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security…
- risk 0.38cvss 5.8epss 0.05
A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could…
- risk 0.38cvss 5.5epss 0.32
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for…
- risk 0.38cvss 5.5epss 0.32
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for…
- risk 0.37cvss 5.7epss 0.03
Windows GDI+ Information Disclosure Vulnerability
- risk 0.37cvss 5.5epss 0.19
Windows Spoofing Vulnerability
- risk 0.37cvss 5.5epss 0.19
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows…
- risk 0.37cvss 5.5epss 0.11
Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted…
- risk 0.37cvss 5.5epss 0.20
The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure…
- risk 0.37cvss 5.5epss 0.10
The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an attacker to read arbitrary files via an XML external entity (XXE) declaration, due to the way that the Microsoft Common Console Document (.msc) parses XML input…
- risk 0.36cvss 5.5epss 0.01
Windows Kernel Memory Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Kernel Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Graphics Component Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows GDI+ Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Security Support Provider Interface Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows DHCP Client Information Disclosure Vulnerability
Page 56 of 91