VYPR

Vendor CVEs

Microsoft

All CVEs

14,318 total · sorted by risk
  • CVE-2019-1054MedJun 12, 2019
    risk 0.33cvss 5.0epss 0.02

    A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed. In a web-based attack scenario, an attacker could host a malicious…

  • CVE-2019-0816MedApr 9, 2019
    risk 0.33cvss 5.1epss 0.01

    A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'.

  • CVE-2017-8475MedJun 15, 2017
    risk 0.33cvss 5.0epss 0.04

    Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects…

  • CVE-2017-8474MedJun 15, 2017
    risk 0.33cvss 5.0epss 0.04

    The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application.…

  • CVE-2017-0297MedJun 15, 2017
    risk 0.33cvss 5.0epss 0.04

    The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application.…

  • CVE-2017-0128MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0127MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0126MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0125MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0124MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0123MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0122MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0120MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Uniscribe Information Disclosure Vulnerability."

  • CVE-2017-0119MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0118MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.23

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from…

  • CVE-2017-0117MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0116MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0115MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0114MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0113MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0112MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0111MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0092MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091,…

  • CVE-2017-0091MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0092,…

  • CVE-2017-0085MedMar 17, 2017
    risk 0.33cvss 4.3epss 0.22

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0091, CVE-2017-0092,…

  • CVE-2016-3292MedSep 14, 2016
    risk 0.33cvss 5.0epss 0.07

    Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

  • CVE-2016-3256MedJul 13, 2016
    risk 0.33cvss 5.0epss 0.05

    Microsoft Windows 10 Gold and 1511 allows local users to bypass the Secure Kernel Mode protection mechanism and obtain sensitive information via a crafted application, aka "Windows Secure Kernel Mode Information Disclosure Vulnerability."

  • CVE-2016-3232MedJun 16, 2016
    risk 0.33cvss 5.0epss 0.06

    The Virtual PCI (VPCI) virtual service provider in Microsoft Windows Server 2012 Gold and R2 allows local users to obtain sensitive information from uninitialized memory locations via a crafted application, aka "Windows Virtual PCI Information Disclosure Vulnerability."

  • CVE-2016-3230MedJun 16, 2016
    risk 0.33cvss 5.0epss 0.03

    The Search component in Microsoft Windows 7, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to cause a denial of service (performance degradation) via a crafted application, aka "Windows…

  • CVE-2016-3216MedJun 16, 2016
    risk 0.33cvss 4.3epss 0.25

    GDI32.dll in the Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to bypass the ASLR protection mechanism via…

  • CVE-2005-3170MedOct 6, 2005
    risk 0.33cvss 5.0epss 0.01

    The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates using LDAP Secure Sockets Layer (LDAPS) even when the Certificate Authority (CA) is not trusted, which could allow attackers to trick users into believing that they are accessing a…

  • CVE-2024-20662MedJan 9, 2024
    risk 0.32cvss 4.9epss 0.02

    Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability

  • CVE-2023-28277MedApr 11, 2023
    risk 0.32cvss 4.9epss 0.01

    Windows DNS Server Information Disclosure Vulnerability

  • CVE-2022-35812MedAug 9, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-35800MedAug 9, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-35787MedAug 9, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-35774MedAug 9, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33671MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33669MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33668MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33664MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33660MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33659MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33658MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33654MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33653MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33652MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33651MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33650MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

  • CVE-2022-33642MedJul 12, 2022
    risk 0.32cvss 4.9epss 0.02

    Azure Site Recovery Elevation of Privilege Vulnerability

Page 188 of 287