VYPR

Windows

by Microsoft

CVEs (2,530)

  • CVE-2017-0155HigApr 12, 2017
    risk 0.46cvss 7.0epss 0.02

    The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Graphics Elevation of Privilege Vulnerability."

  • CVE-2016-0128MedApr 12, 2016
    risk 0.46cvss 6.8epss 0.21

    The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows…

  • CVE-2013-1294HigApr 9, 2013
    risk 0.46cvss 7.0epss 0.01

    Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted…

  • CVE-2013-1275HigFeb 13, 2013
    risk 0.46cvss 7.0epss 0.01

    Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents…

  • CVE-2013-1265HigFeb 13, 2013
    risk 0.46cvss 7.0epss 0.01

    Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents…

  • CVE-2013-1253HigFeb 13, 2013
    risk 0.46cvss 7.0epss 0.01

    Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents…

  • CVE-2011-0096MedJan 31, 2011
    risk 0.46cvss 6.1epss 0.47

    The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document,…

  • CVE-2009-2516HigOct 14, 2009
    risk 0.46cvss 7.1epss 0.01

    The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gain privileges via a crafted PE .exe file that triggers a NULL pointer…

  • CVE-2019-1310MedNov 12, 2019
    risk 0.45cvss 6.8epss 0.05

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712,…

  • CVE-2019-1309MedNov 12, 2019
    risk 0.45cvss 6.8epss 0.05

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712,…

  • CVE-2019-0712MedNov 12, 2019
    risk 0.45cvss 6.8epss 0.05

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1309,…

  • CVE-2019-1230MedOct 10, 2019
    risk 0.45cvss 6.8epss 0.05

    An information disclosure vulnerability exists when the Windows Hyper-V Network Switch on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Information Disclosure Vulnerability'.

  • CVE-2017-0038MedFeb 20, 2017
    risk 0.45cvss 5.5epss 0.82

    gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive…

  • CVE-2010-0488MedMar 31, 2010
    risk 0.45cvss 6.5epss 0.29

    Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding Information Disclosure…

  • CVE-2026-45585MedMay 20, 2026
    risk 0.44cvss 6.8epss 0.01

    Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide…

  • CVE-2024-6769MedSep 26, 2024
    risk 0.44cvss 6.7epss 0.01

    A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process…

  • CVE-2024-6768MedAug 12, 2024
    risk 0.44cvss epss 0.03

    A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function.

  • CVE-2024-21302MedAug 8, 2024
    risk 0.44cvss 6.7epss 0.02

    Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your…

  • CVE-2023-32043MedJul 11, 2023
    risk 0.44cvss 6.8epss 0.00

    Windows Remote Desktop Security Feature Bypass Vulnerability

  • CVE-2021-24075MedFeb 25, 2021
    risk 0.44cvss 6.8epss 0.02

    Microsoft Windows VMSwitch Denial of Service Vulnerability

Page 62 of 127