Windows 8.1
by Microsoft
CVEs (1,654)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-34507 | Med | 0.42 | 6.5 | 0.03 | Jul 14, 2021 | Windows Remote Assistance Information Disclosure Vulnerability | ||
| CVE-2021-33783 | Med | 0.42 | 6.5 | 0.03 | Jul 14, 2021 | Windows SMB Information Disclosure Vulnerability | ||
| CVE-2021-31959 | Med | 0.42 | 6.4 | 0.09 | Jun 8, 2021 | Scripting Engine Memory Corruption Vulnerability | ||
| CVE-2021-28328 | Med | 0.42 | 6.5 | 0.02 | Apr 13, 2021 | Windows DNS Information Disclosure Vulnerability | ||
| CVE-2021-24080 | Med | 0.42 | 6.5 | 0.03 | Feb 25, 2021 | Windows Trust Verification API Denial of Service Vulnerability | ||
| CVE-2020-17040 | Med | 0.42 | 6.5 | 0.03 | Nov 11, 2020 | Windows Hyper-V Security Feature Bypass Vulnerability | ||
| CVE-2019-1043 | Med | 0.42 | 6.4 | 0.03 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the… | ||
| CVE-2017-0174 | Med | 0.42 | 6.5 | 0.03 | Aug 8, 2017 | Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it improperly handles NetBIOS packets, aka… | ||
| CVE-2016-3371 | Med | 0.42 | 5.5 | 0.40 | Sep 14, 2016 | The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain sensitive… | ||
| CVE-2022-21928 | Med | 0.41 | 6.3 | 0.01 | Jan 11, 2022 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | ||
| CVE-2021-34500 | Med | 0.41 | 6.3 | 0.02 | Jul 14, 2021 | Windows Kernel Memory Information Disclosure Vulnerability | ||
| CVE-2019-1053 | Med | 0.41 | 6.3 | 0.01 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require… | ||
| CVE-2019-0986 | Med | 0.41 | 6.3 | 0.02 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker… | ||
| CVE-2017-0055 | Med | 0.41 | 6.1 | 0.16 | Mar 17, 2017 | Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to perform cross-site… | ||
| CVE-2016-3302 | Med | 0.41 | 6.3 | 0.02 | Sep 14, 2016 | Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607, when the lock screen is enabled, do not properly restrict the loading of web content, which allows physically proximate attackers to execute arbitrary code via a (1) crafted Wi-Fi… | ||
| CVE-2022-22048 | Med | 0.40 | 6.1 | 0.01 | Jul 12, 2022 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2021-33765 | Med | 0.40 | 6.2 | 0.01 | Jul 14, 2021 | Windows Installer Spoofing Vulnerability | ||
| CVE-2021-26413 | Med | 0.40 | 6.2 | 0.01 | Apr 13, 2021 | Windows Installer Spoofing Vulnerability | ||
| CVE-2021-26886 | Med | 0.40 | 6.1 | 0.01 | Mar 11, 2021 | User Profile Service Denial of Service Vulnerability | ||
| CVE-2020-1598 | Med | 0.40 | 6.1 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could… |
- risk 0.42cvss 6.5epss 0.03
Windows Remote Assistance Information Disclosure Vulnerability
- risk 0.42cvss 6.5epss 0.03
Windows SMB Information Disclosure Vulnerability
- risk 0.42cvss 6.4epss 0.09
Scripting Engine Memory Corruption Vulnerability
- risk 0.42cvss 6.5epss 0.02
Windows DNS Information Disclosure Vulnerability
- risk 0.42cvss 6.5epss 0.03
Windows Trust Verification API Denial of Service Vulnerability
- risk 0.42cvss 6.5epss 0.03
Windows Hyper-V Security Feature Bypass Vulnerability
- risk 0.42cvss 6.4epss 0.03
A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the…
- risk 0.42cvss 6.5epss 0.03
Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it improperly handles NetBIOS packets, aka…
- risk 0.42cvss 5.5epss 0.40
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain sensitive…
- risk 0.41cvss 6.3epss 0.01
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
- risk 0.41cvss 6.3epss 0.02
Windows Kernel Memory Information Disclosure Vulnerability
- risk 0.41cvss 6.3epss 0.01
An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require…
- risk 0.41cvss 6.3epss 0.02
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker…
- risk 0.41cvss 6.1epss 0.16
Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to perform cross-site…
- risk 0.41cvss 6.3epss 0.02
Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607, when the lock screen is enabled, do not properly restrict the loading of web content, which allows physically proximate attackers to execute arbitrary code via a (1) crafted Wi-Fi…
- risk 0.40cvss 6.1epss 0.01
BitLocker Security Feature Bypass Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Installer Spoofing Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Installer Spoofing Vulnerability
- risk 0.40cvss 6.1epss 0.01
User Profile Service Denial of Service Vulnerability
- risk 0.40cvss 6.1epss 0.01
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could…
Page 57 of 83