Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0918 | 0.05 | — | 0.30 | Jul 3, 1999 | Denial of service in various Windows systems via malformed, fragmented IGMP packets. | |||
| CVE-1999-0386 | 0.05 | — | 0.19 | Mar 1, 1999 | Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL. | |||
| CVE-1999-1375 | 0.05 | — | 0.31 | Feb 11, 1999 | FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter. | |||
| CVE-1999-0450 | 0.05 | — | 0.19 | Jan 26, 1999 | In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). | |||
| CVE-1999-1538 | 0.05 | — | 0.25 | Jan 14, 1999 | When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password. | |||
| CVE-1999-0448 | 0.05 | — | 0.24 | Jan 1, 1999 | IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. | |||
| CVE-1999-0288 | 0.05 | — | 0.21 | Aug 1, 1998 | The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. | |||
| CVE-1999-0153 | 0.05 | — | 0.23 | Jul 1, 1997 | Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. | |||
| CVE-1999-0612 | 0.05 | — | 0.68 | Mar 1, 1997 | A version of finger is running that exposes valid user information to any entity on the network. | |||
| CVE-1999-0077 | 0.05 | — | 0.31 | Jan 1, 1995 | Predictable TCP sequence numbers allow spoofing. | |||
| CVE-2015-6176 | 0.04 | — | 0.11 | Dec 9, 2015 | Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass Vulnerability." | |||
| CVE-2015-6172 | 0.04 | — | 0.54 | Dec 9, 2015 | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2016, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted email message processed by Outlook, aka "Microsoft Office RCE Vulnerability." | |||
| CVE-2015-6099 | 0.04 | — | 0.48 | Nov 11, 2015 | Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability." | |||
| CVE-2015-2527 | 0.04 | — | 0.07 | Sep 9, 2015 | The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain… | |||
| CVE-2015-2433 | 0.04 | — | 0.18 | Aug 15, 2015 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application,… | |||
| CVE-2015-0059 | 0.04 | — | 0.11 | Feb 11, 2015 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted TrueType font, aka "TrueType Font Parsing Remote… | |||
| CVE-2015-0057 | 0.04 | — | 0.13 | Feb 11, 2015 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a… | |||
| CVE-2015-0009 | 0.04 | — | 0.08 | Feb 11, 2015 | The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows man-in-the-middle… | |||
| CVE-2015-0002 | 0.04 | — | 0.14 | Jan 13, 2015 | The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not verify that an impersonation token… | |||
| CVE-2014-1767 | 0.04 | — | 0.13 | Jul 8, 2014 | Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows… | |||
| CVE-2014-1823 | 0.04 | — | 0.51 | Jun 11, 2014 | Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2010 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL containing a valid meeting ID, aka "Lync Server Content Sanitization Vulnerability." | |||
| CVE-2014-1778 | 0.04 | — | 0.15 | Jun 11, 2014 | Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-2777. | |||
| CVE-2014-1771 | 0.04 | — | 0.08 | Jun 11, 2014 | SChannel in Microsoft Internet Explorer 6 through 11 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a… | |||
| CVE-2013-4858 | 0.04 | — | 0.13 | Dec 30, 2013 | Microsoft Windows Movie Maker 2.1.4026.0 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) via a crafted .wav file, as demonstrated by movieMaker.wav. | |||
| CVE-2013-5045 | 0.04 | — | 0.17 | Dec 11, 2013 | Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability." | |||
| CVE-2013-3881 | 0.04 | — | 0.15 | Oct 9, 2013 | win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a crafted application, aka "Win32k NULL Page Vulnerability." | |||
| CVE-2013-3128 | 0.04 | — | 0.50 | Oct 9, 2013 | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers… | |||
| CVE-2013-3179 | 0.04 | — | 0.14 | Sep 11, 2013 | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability." | |||
| CVE-2013-3166 | 0.04 | — | 0.16 | Jul 10, 2013 | Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scrolling events, aka "Shift JIS… | |||
| CVE-2013-1300 | 0.04 | — | 0.12 | Jul 10, 2013 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local… | |||
| CVE-2013-1305 | 0.04 | — | 0.55 | May 15, 2013 | HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability." | |||
| CVE-2013-0008 | 0.04 | — | 0.17 | Jan 9, 2013 | win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows local users to gain privileges… | |||
| CVE-2012-5672 | 0.04 | — | 0.13 | Oct 25, 2012 | Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a crafted spreadsheet file, as demonstrated by a .xls file with battery voltage data. | |||
| CVE-2011-3416 | 0.04 | — | 0.46 | Dec 30, 2011 | The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass… | |||
| CVE-2011-1984 | 0.04 | — | 0.08 | Sep 15, 2011 | WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges by sending crafted packets over the loopback interface, aka "WINS Local Elevation of Privilege Vulnerability." | |||
| CVE-2011-1974 | 0.04 | — | 0.07 | Aug 10, 2011 | NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "NDISTAPI Elevation of… | |||
| CVE-2011-1966 | 0.04 | — | 0.55 | Aug 10, 2011 | The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability." | |||
| CVE-2011-1249 | 0.04 | — | 0.08 | Jun 16, 2011 | The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users… | |||
| CVE-2011-0661 | 0.04 | — | 0.46 | Apr 13, 2011 | The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows remote attackers to execute… | |||
| CVE-2010-2743 | 0.04 | — | 0.15 | Jan 20, 2011 | The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by… | |||
| CVE-2010-3229 | 0.04 | — | 0.51 | Oct 13, 2010 | The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handshakes, which allows remote attackers to… | |||
| CVE-2010-3886 | 0.04 | — | 0.17 | Oct 8, 2010 | The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about… | |||
| CVE-2010-2738 | 0.04 | — | 0.19 | Sep 15, 2010 | The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated… | |||
| CVE-2010-3213 | 0.04 | — | 0.09 | Sep 7, 2010 | Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007 through SP2 allows remote attackers to hijack the authentication of e-mail users for requests that perform Outlook requests, as demonstrated by setting the auto-forward rule. | |||
| CVE-2010-3148 | 0.04 | — | 0.14 | Aug 27, 2010 | Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio… | |||
| CVE-2010-3147 | 0.04 | — | 0.19 | Aug 27, 2010 | Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan… | |||
| CVE-2010-3146 | 0.04 | — | 0.14 | Aug 27, 2010 | Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gain privileges via a Trojan horse (1) mso.dll or (2) GroovePerfmon.dll file in the current working directory, as demonstrated by a directory that contains a Groove vCard (.vcg) or… | |||
| CVE-2010-3145 | 0.04 | — | 0.11 | Aug 27, 2010 | Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by… | |||
| CVE-2010-3144 | 0.04 | — | 0.14 | Aug 27, 2010 | Untrusted search path vulnerability in the Internet Connection Signup Wizard in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse smmscrpt.dll file in the current working directory, as demonstrated by a directory that… | |||
| CVE-2010-3142 | 0.04 | — | 0.16 | Aug 27, 2010 | Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a .odp, .pothtml, .potm,… |
- CVE-1999-0918Jul 3, 1999risk 0.05cvss —epss 0.30
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
- CVE-1999-0386Mar 1, 1999risk 0.05cvss —epss 0.19
Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
- CVE-1999-1375Feb 11, 1999risk 0.05cvss —epss 0.31
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.
- CVE-1999-0450Jan 26, 1999risk 0.05cvss —epss 0.19
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
- CVE-1999-1538Jan 14, 1999risk 0.05cvss —epss 0.25
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password.
- CVE-1999-0448Jan 1, 1999risk 0.05cvss —epss 0.24
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
- CVE-1999-0288Aug 1, 1998risk 0.05cvss —epss 0.21
The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.
- CVE-1999-0153Jul 1, 1997risk 0.05cvss —epss 0.23
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
- CVE-1999-0612Mar 1, 1997risk 0.05cvss —epss 0.68
A version of finger is running that exposes valid user information to any entity on the network.
- CVE-1999-0077Jan 1, 1995risk 0.05cvss —epss 0.31
Predictable TCP sequence numbers allow spoofing.
- CVE-2015-6176Dec 9, 2015risk 0.04cvss —epss 0.11
Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass Vulnerability."
- CVE-2015-6172Dec 9, 2015risk 0.04cvss —epss 0.54
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2016, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted email message processed by Outlook, aka "Microsoft Office RCE Vulnerability."
- CVE-2015-6099Nov 11, 2015risk 0.04cvss —epss 0.48
Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability."
- CVE-2015-2527Sep 9, 2015risk 0.04cvss —epss 0.07
The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain…
- CVE-2015-2433Aug 15, 2015risk 0.04cvss —epss 0.18
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application,…
- CVE-2015-0059Feb 11, 2015risk 0.04cvss —epss 0.11
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted TrueType font, aka "TrueType Font Parsing Remote…
- CVE-2015-0057Feb 11, 2015risk 0.04cvss —epss 0.13
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a…
- CVE-2015-0009Feb 11, 2015risk 0.04cvss —epss 0.08
The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows man-in-the-middle…
- CVE-2015-0002Jan 13, 2015risk 0.04cvss —epss 0.14
The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not verify that an impersonation token…
- CVE-2014-1767Jul 8, 2014risk 0.04cvss —epss 0.13
Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows…
- CVE-2014-1823Jun 11, 2014risk 0.04cvss —epss 0.51
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2010 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL containing a valid meeting ID, aka "Lync Server Content Sanitization Vulnerability."
- CVE-2014-1778Jun 11, 2014risk 0.04cvss —epss 0.15
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-2777.
- CVE-2014-1771Jun 11, 2014risk 0.04cvss —epss 0.08
SChannel in Microsoft Internet Explorer 6 through 11 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a…
- CVE-2013-4858Dec 30, 2013risk 0.04cvss —epss 0.13
Microsoft Windows Movie Maker 2.1.4026.0 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) via a crafted .wav file, as demonstrated by movieMaker.wav.
- CVE-2013-5045Dec 11, 2013risk 0.04cvss —epss 0.17
Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability."
- CVE-2013-3881Oct 9, 2013risk 0.04cvss —epss 0.15
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a crafted application, aka "Win32k NULL Page Vulnerability."
- CVE-2013-3128Oct 9, 2013risk 0.04cvss —epss 0.50
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers…
- CVE-2013-3179Sep 11, 2013risk 0.04cvss —epss 0.14
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
- CVE-2013-3166Jul 10, 2013risk 0.04cvss —epss 0.16
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scrolling events, aka "Shift JIS…
- CVE-2013-1300Jul 10, 2013risk 0.04cvss —epss 0.12
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local…
- CVE-2013-1305May 15, 2013risk 0.04cvss —epss 0.55
HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability."
- CVE-2013-0008Jan 9, 2013risk 0.04cvss —epss 0.17
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows local users to gain privileges…
- CVE-2012-5672Oct 25, 2012risk 0.04cvss —epss 0.13
Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a crafted spreadsheet file, as demonstrated by a .xls file with battery voltage data.
- CVE-2011-3416Dec 30, 2011risk 0.04cvss —epss 0.46
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass…
- CVE-2011-1984Sep 15, 2011risk 0.04cvss —epss 0.08
WINS in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges by sending crafted packets over the loopback interface, aka "WINS Local Elevation of Privilege Vulnerability."
- CVE-2011-1974Aug 10, 2011risk 0.04cvss —epss 0.07
NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "NDISTAPI Elevation of…
- CVE-2011-1966Aug 10, 2011risk 0.04cvss —epss 0.55
The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability."
- CVE-2011-1249Jun 16, 2011risk 0.04cvss —epss 0.08
The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users…
- CVE-2011-0661Apr 13, 2011risk 0.04cvss —epss 0.46
The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows remote attackers to execute…
- CVE-2010-2743Jan 20, 2011risk 0.04cvss —epss 0.15
The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by…
- CVE-2010-3229Oct 13, 2010risk 0.04cvss —epss 0.51
The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handshakes, which allows remote attackers to…
- CVE-2010-3886Oct 8, 2010risk 0.04cvss —epss 0.17
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about…
- CVE-2010-2738Sep 15, 2010risk 0.04cvss —epss 0.19
The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated…
- CVE-2010-3213Sep 7, 2010risk 0.04cvss —epss 0.09
Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007 through SP2 allows remote attackers to hijack the authentication of e-mail users for requests that perform Outlook requests, as demonstrated by setting the auto-forward rule.
- CVE-2010-3148Aug 27, 2010risk 0.04cvss —epss 0.14
Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio…
- CVE-2010-3147Aug 27, 2010risk 0.04cvss —epss 0.19
Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan…
- CVE-2010-3146Aug 27, 2010risk 0.04cvss —epss 0.14
Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gain privileges via a Trojan horse (1) mso.dll or (2) GroovePerfmon.dll file in the current working directory, as demonstrated by a directory that contains a Groove vCard (.vcg) or…
- CVE-2010-3145Aug 27, 2010risk 0.04cvss —epss 0.11
Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by…
- CVE-2010-3144Aug 27, 2010risk 0.04cvss —epss 0.14
Untrusted search path vulnerability in the Internet Connection Signup Wizard in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse smmscrpt.dll file in the current working directory, as demonstrated by a directory that…
- CVE-2010-3142Aug 27, 2010risk 0.04cvss —epss 0.16
Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a .odp, .pothtml, .potm,…
Page 214 of 287