VYPR

Windows

by Microsoft

CVEs (2,496)

  • CVE-2020-0909HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.04

    A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the…

  • CVE-2020-0645HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.04

    A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.

  • CVE-2020-0660HigFeb 11, 2020
    risk 0.49cvss 7.5epss 0.05

    A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

  • CVE-2020-0611HigJan 14, 2020
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

  • CVE-2019-1453HigDec 10, 2019
    risk 0.49cvss 7.5epss 0.09

    A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

  • CVE-2019-1326HigOct 10, 2019
    risk 0.49cvss 7.5epss 0.06

    A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

  • CVE-2019-1188HigAug 14, 2019
    risk 0.49cvss 7.5epss 0.04

    A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured…

  • CVE-2019-1006HigJul 15, 2019
    risk 0.49cvss 7.5epss 0.06

    An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

  • CVE-2019-0865HigJul 15, 2019
    risk 0.49cvss 7.5epss 0.04

    A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature.An attacker could exploit the vulnerability by creating a specially crafted connection or message.The security update addresses the vulnerability by correcting the way…

  • CVE-2019-0688HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.08

    An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'.

  • CVE-2019-0784HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'.

  • CVE-2019-0637HigMar 5, 2019
    risk 0.49cvss 7.5epss 0.04

    A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections, aka 'Windows Defender Firewall Security Feature Bypass Vulnerability'.

  • CVE-2018-8214HigJun 14, 2018
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique…

  • CVE-2018-8208HigJun 14, 2018
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique…

  • CVE-2018-0751HigJan 4, 2018
    risk 0.49cvss 7.1epss 0.03

    The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Kernel API enforces permissions, aka…

  • CVE-2017-11930HigDec 12, 2017
    risk 0.49cvss 7.5epss 0.09

    ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the…

  • CVE-2017-11913HigDec 12, 2017
    risk 0.49cvss 7.5epss 0.09

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current…

  • CVE-2017-11901HigDec 12, 2017
    risk 0.49cvss 7.5epss 0.08

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how…

  • CVE-2017-11888HigDec 12, 2017
    risk 0.49cvss 7.5epss 0.08

    Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".

  • CVE-2017-11886HigDec 12, 2017
    risk 0.49cvss 7.5epss 0.09

    Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how…

Page 53 of 125