Vendor CVEs
Microsoft
All CVEs
14,319 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-0197 | Hig | 0.51 | 7.8 | 0.01 | May 11, 2016 | dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to… | ||
| CVE-2016-0196 | Hig | 0.51 | 7.8 | 0.02 | May 11, 2016 | The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k… | ||
| CVE-2016-0180 | Hig | 0.51 | 7.8 | 0.01 | May 11, 2016 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles symbolic links, which allows local users to gain privileges via a crafted… | ||
| CVE-2016-0176 | Hig | 0.51 | 7.8 | 0.02 | May 11, 2016 | dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted… | ||
| CVE-2016-0174 | Hig | 0.51 | 7.8 | 0.02 | May 11, 2016 | The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k… | ||
| CVE-2016-0152 | Hig | 0.51 | 7.8 | 0.04 | May 11, 2016 | Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote Code Execution Vulnerability." | ||
| CVE-2016-0150 | Hig | 0.51 | 7.5 | 0.29 | Apr 12, 2016 | HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service (system hang) via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." | ||
| CVE-2016-0096 | Hig | 0.51 | 7.8 | 0.02 | Mar 9, 2016 | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k… | ||
| CVE-2016-0095 | Hig | 0.51 | 7.8 | 0.04 | Mar 9, 2016 | The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k… | ||
| CVE-2016-0087 | Hig | 0.51 | 7.8 | 0.02 | Mar 9, 2016 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 do not properly validate handles, which allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability." | ||
| CVE-2016-0057 | Hig | 0.51 | 7.8 | 0.01 | Mar 9, 2016 | Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not properly sign an unspecified binary file, which allows local users to gain privileges via a Trojan horse file with a crafted signature, aka "Microsoft Office Security Feature Bypass Vulnerability." | ||
| CVE-2016-0048 | Hig | 0.51 | 7.8 | 0.02 | Feb 10, 2016 | The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k… | ||
| CVE-2016-0042 | Hig | 0.51 | 7.8 | 0.06 | Feb 10, 2016 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "Windows… | ||
| CVE-2016-0037 | Hig | 0.51 | 7.5 | 0.26 | Feb 10, 2016 | The forms-based authentication implementation in Active Directory Federation Services (ADFS) 3.0 in Microsoft Windows Server 2012 R2 allows remote attackers to cause a denial of service (daemon outage) via crafted data, aka "Microsoft Active Directory Federation Services Denial… | ||
| CVE-2016-0020 | Hig | 0.51 | 7.8 | 0.02 | Jan 13, 2016 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "MAPI DLL Loading Elevation of Privilege Vulnerability." | ||
| CVE-2016-0014 | Hig | 0.51 | 7.8 | 0.02 | Jan 13, 2016 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted… | ||
| CVE-2016-0006 | Hig | 0.51 | 7.3 | 0.04 | Jan 13, 2016 | The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to… | ||
| CVE-2016-0002 | Hig | 0.51 | 7.5 | 0.24 | Jan 13, 2016 | The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | ||
| CVE-2013-3900 | Med | 0.51 | 5.5 | 0.45 | KEV | Dec 11, 2013 | Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows… | |
| CVE-2013-1342 | Hig | 0.51 | 7.8 | 0.01 | Sep 11, 2013 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted… | ||
| CVE-2013-0029 | Hig | 0.51 | 7.5 | 0.30 | Feb 13, 2013 | Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability." | ||
| CVE-2012-0180 | Hig | 0.51 | 7.8 | 0.01 | May 9, 2012 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode… | ||
| CVE-2011-1887 | Hig | 0.51 | 7.8 | 0.01 | Jul 13, 2011 | win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different… | ||
| CVE-2011-1874 | Hig | 0.51 | 7.8 | 0.01 | Jul 13, 2011 | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a… | ||
| CVE-2011-1236 | Hig | 0.51 | 7.8 | 0.01 | Apr 13, 2011 | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a… | ||
| CVE-2011-0676 | Hig | 0.51 | 7.8 | 0.01 | Apr 13, 2011 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers… | ||
| CVE-2010-3190 | Hig | 0.51 | 7.8 | 0.09 | Aug 31, 2010 | Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local… | ||
| CVE-2010-0485 | Hig | 0.51 | 7.8 | 0.01 | Jun 8, 2010 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows… | ||
| CVE-2009-0082 | Hig | 0.51 | 7.8 | 0.01 | Mar 10, 2009 | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified "actions," aka "Windows… | ||
| CVE-2003-1567 | Hig | 0.51 | 7.5 | 0.25 | Jan 15, 2009 | The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the content of the original request in the body of the response, which makes it easier for remote attackers to steal cookies and authentication credentials, or bypass the HttpOnly… | ||
| CVE-2008-0322 | Hig | 0.51 | 7.8 | 0.02 | May 13, 2008 | The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsoft Windows XP sets Everyone/Write permissions for the "\\.\I2OExc" device interface, which allows local users to gain privileges. NOTE: this issue can be leveraged to overwrite arbitrary memory and execute… | ||
| CVE-2008-0087 | Hig | 0.51 | 7.5 | 0.32 | Apr 8, 2008 | The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses. | ||
| CVE-2002-1844 | Hig | 0.51 | 7.8 | 0.01 | Dec 31, 2002 | Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges. | ||
| CVE-2002-0051 | Hig | 0.51 | 7.8 | 0.01 | Apr 4, 2002 | Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access. | ||
| CVE-2001-1238 | Hig | 0.51 | 7.8 | 0.01 | Jul 16, 2001 | Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the… | ||
| CVE-2026-45497 | Hig | 0.50 | 7.7 | 0.00 | Jun 4, 2026 | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network. | ||
| CVE-2026-26147 | Hig | 0.50 | 7.7 | 0.01 | May 22, 2026 | Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network. | ||
| CVE-2026-42832 | Hig | 0.50 | 7.7 | 0.00 | May 12, 2026 | Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally. | ||
| CVE-2026-33821 | Hig | 0.50 | 7.7 | 0.01 | May 12, 2026 | Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network. | ||
| CVE-2026-27913 | Hig | 0.50 | 7.7 | 0.00 | Apr 14, 2026 | Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally. | ||
| CVE-2025-59500 | Hig | 0.50 | 7.7 | 0.01 | Oct 23, 2025 | Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network. | ||
| CVE-2025-59200 | Hig | 0.50 | 7.7 | 0.01 | Oct 14, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally. | ||
| CVE-2025-55698 | Hig | 0.50 | 7.7 | 0.01 | Oct 14, 2025 | Null pointer dereference in Windows DirectX allows an authorized attacker to deny service over a network. | ||
| CVE-2025-53139 | Hig | 0.50 | 7.7 | 0.00 | Oct 14, 2025 | Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally. | ||
| CVE-2025-53781 | Hig | 0.50 | 7.7 | 0.01 | Aug 12, 2025 | Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network. | ||
| CVE-2025-53722 | Hig | 0.50 | 7.5 | 0.17 | Aug 12, 2025 | Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-49719 | Hig | 0.50 | 7.5 | 0.10 | Jul 8, 2025 | Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-47984 | Hig | 0.50 | 7.5 | 0.14 | Jul 8, 2025 | Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-29833 | Hig | 0.50 | 7.7 | 0.00 | May 13, 2025 | Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally. | ||
| CVE-2024-43584 | Hig | 0.50 | 7.7 | 0.01 | Oct 8, 2024 | Windows Scripting Engine Security Feature Bypass Vulnerability |
- risk 0.51cvss 7.8epss 0.01
dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to…
- risk 0.51cvss 7.8epss 0.02
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k…
- risk 0.51cvss 7.8epss 0.01
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles symbolic links, which allows local users to gain privileges via a crafted…
- risk 0.51cvss 7.8epss 0.02
dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted…
- risk 0.51cvss 7.8epss 0.02
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k…
- risk 0.51cvss 7.8epss 0.04
Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote Code Execution Vulnerability."
- risk 0.51cvss 7.5epss 0.29
HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service (system hang) via crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability."
- risk 0.51cvss 7.8epss 0.02
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k…
- risk 0.51cvss 7.8epss 0.04
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k…
- risk 0.51cvss 7.8epss 0.02
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 do not properly validate handles, which allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."
- risk 0.51cvss 7.8epss 0.01
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not properly sign an unspecified binary file, which allows local users to gain privileges via a Trojan horse file with a crafted signature, aka "Microsoft Office Security Feature Bypass Vulnerability."
- risk 0.51cvss 7.8epss 0.02
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k…
- risk 0.51cvss 7.8epss 0.06
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "Windows…
- risk 0.51cvss 7.5epss 0.26
The forms-based authentication implementation in Active Directory Federation Services (ADFS) 3.0 in Microsoft Windows Server 2012 R2 allows remote attackers to cause a denial of service (daemon outage) via crafted data, aka "Microsoft Active Directory Federation Services Denial…
- risk 0.51cvss 7.8epss 0.02
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "MAPI DLL Loading Elevation of Privilege Vulnerability."
- risk 0.51cvss 7.8epss 0.02
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted…
- risk 0.51cvss 7.3epss 0.04
The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to…
- risk 0.51cvss 7.5epss 0.24
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
- risk 0.51cvss 5.5epss 0.45
Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows…
- risk 0.51cvss 7.8epss 0.01
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted…
- risk 0.51cvss 7.5epss 0.30
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability."
- risk 0.51cvss 7.8epss 0.01
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode…
- risk 0.51cvss 7.8epss 0.01
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different…
- risk 0.51cvss 7.8epss 0.01
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a…
- risk 0.51cvss 7.8epss 0.01
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a…
- risk 0.51cvss 7.8epss 0.01
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers…
- risk 0.51cvss 7.8epss 0.09
Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local…
- risk 0.51cvss 7.8epss 0.01
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows…
- risk 0.51cvss 7.8epss 0.01
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified "actions," aka "Windows…
- risk 0.51cvss 7.5epss 0.25
The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the content of the original request in the body of the response, which makes it easier for remote attackers to steal cookies and authentication credentials, or bypass the HttpOnly…
- risk 0.51cvss 7.8epss 0.02
The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsoft Windows XP sets Everyone/Write permissions for the "\\.\I2OExc" device interface, which allows local users to gain privileges. NOTE: this issue can be leveraged to overwrite arbitrary memory and execute…
- risk 0.51cvss 7.5epss 0.32
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.
- risk 0.51cvss 7.8epss 0.01
Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges.
- risk 0.51cvss 7.8epss 0.01
Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access.
- risk 0.51cvss 7.8epss 0.01
Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the…
- risk 0.50cvss 7.7epss 0.00
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network.
- risk 0.50cvss 7.7epss 0.01
Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
- risk 0.50cvss 7.7epss 0.00
Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally.
- risk 0.50cvss 7.7epss 0.01
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network.
- risk 0.50cvss 7.7epss 0.00
Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.
- risk 0.50cvss 7.7epss 0.01
Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
- risk 0.50cvss 7.7epss 0.01
Concurrent execution using shared resource with improper synchronization ('race condition') in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally.
- risk 0.50cvss 7.7epss 0.01
Null pointer dereference in Windows DirectX allows an authorized attacker to deny service over a network.
- risk 0.50cvss 7.7epss 0.00
Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally.
- risk 0.50cvss 7.7epss 0.01
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.
- risk 0.50cvss 7.5epss 0.17
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network.
- risk 0.50cvss 7.5epss 0.10
Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.
- risk 0.50cvss 7.5epss 0.14
Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.
- risk 0.50cvss 7.7epss 0.00
Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally.
- risk 0.50cvss 7.7epss 0.01
Windows Scripting Engine Security Feature Bypass Vulnerability
Page 103 of 287