VYPR

Windows

by Microsoft

CVEs (2,396)

  • CVE-2016-3262MedOct 14, 2016
    risk 0.38cvss 5.5epss 0.32

    Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for…

  • CVE-2016-3215MedJun 16, 2016
    risk 0.38cvss 5.5epss 0.34

    Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability…

  • CVE-2017-11853MedNov 15, 2017
    risk 0.37cvss 5.5epss 0.11

    Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted…

  • CVE-2017-11816MedOct 13, 2017
    risk 0.37cvss 5.5epss 0.20

    The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure…

  • CVE-2017-8710MedSep 13, 2017
    risk 0.37cvss 5.5epss 0.10

    The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an attacker to read arbitrary files via an XML external entity (XXE) declaration, due to the way that the Microsoft Common Console Document (.msc) parses XML input…

  • CVE-2017-0007MedMar 17, 2017
    risk 0.37cvss 5.5epss 0.11

    Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability."

  • CVE-2026-32181MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.

  • CVE-2026-2636MedFeb 25, 2026
    risk 0.36cvss 5.5epss 0.00

    This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger…

  • CVE-2018-8442MedSep 13, 2018
    risk 0.36cvss 5.5epss 0.03

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,…

  • CVE-2018-8271MedSep 13, 2018
    risk 0.36cvss 5.5epss 0.03

    An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory, aka "Windows Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server…

  • CVE-2018-8309MedJul 11, 2018
    risk 0.36cvss 5.5epss 0.02

    A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016,…

  • CVE-2018-8205MedJun 14, 2018
    risk 0.36cvss 5.5epss 0.02

    A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008…

  • CVE-2018-0814MedMar 14, 2018
    risk 0.36cvss 5.5epss 0.02

    The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability…

  • CVE-2018-7250MedFeb 26, 2018
    risk 0.36cvss 5.5epss 0.03

    An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak…

  • CVE-2018-0761MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.02

    The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". This…

  • CVE-2018-0760MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.02

    The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1, Windows Server 2008 R2, and Windows Server 2012 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure…

  • CVE-2018-0755MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.02

    The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". This…

  • CVE-2018-0754MedJan 4, 2018
    risk 0.36cvss 5.5epss 0.02

    The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information…

  • CVE-2017-11835MedNov 15, 2017
    risk 0.36cvss 5.5epss 0.02

    Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be disclosed due to the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts, aka…

  • CVE-2017-11815MedOct 13, 2017
    risk 0.36cvss 5.3epss 0.13

    The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability…

Page 23 of 120