Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0580 | 0.04 | — | 0.17 | Jun 30, 2000 | Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization. | |||
| CVE-2000-0400 | 0.04 | — | 0.07 | May 13, 2000 | The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post. | |||
| CVE-2000-0347 | 0.04 | — | 0.18 | May 2, 2000 | Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name. | |||
| CVE-2000-0256 | 0.04 | — | 0.12 | Apr 19, 2000 | Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability. | |||
| CVE-2000-0260 | 0.04 | — | 0.14 | Apr 14, 2000 | Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability. | |||
| CVE-2000-0200 | 0.04 | — | 0.16 | Mar 6, 2000 | Buffer overflow in Microsoft Clip Art Gallery allows remote attackers to cause a denial of service or execute commands via a malformed CIL (clip art library) file, aka the "Clip Art Buffer Overrun" vulnerability. | |||
| CVE-2000-0156 | 0.04 | — | 0.13 | Feb 16, 2000 | Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability. | |||
| CVE-2000-0114 | 0.04 | — | 0.48 | Feb 2, 2000 | Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory. | |||
| CVE-2000-0098 | 0.04 | — | 0.49 | Jan 26, 2000 | Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist. | |||
| CVE-1999-0981 | 0.04 | — | 0.13 | Dec 8, 1999 | Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect." | |||
| CVE-1999-0989 | 0.04 | — | 0.12 | Dec 6, 1999 | Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol. | |||
| CVE-1999-0819 | 0.04 | — | 0.16 | Dec 1, 1999 | NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. | |||
| CVE-1999-0793 | 0.04 | — | 0.13 | Nov 17, 1999 | Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. | |||
| CVE-1999-1110 | 0.04 | — | 0.10 | Nov 14, 1999 | Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client. | |||
| CVE-2000-0330 | 0.04 | — | 0.15 | Nov 12, 1999 | The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability. | |||
| CVE-2000-0329 | 0.04 | — | 0.08 | Nov 11, 1999 | A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. | |||
| CVE-1999-0877 | 0.04 | — | 0.18 | Oct 1, 1999 | Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME. | |||
| CVE-1999-0750 | 0.04 | — | 0.09 | Sep 13, 1999 | Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. | |||
| CVE-1999-0669 | 0.04 | — | 0.08 | Sep 1, 1999 | The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. | |||
| CVE-1999-1016 | 0.04 | — | 0.08 | Aug 27, 1999 | Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as… | |||
| CVE-1999-0749 | 0.04 | — | 0.08 | Aug 16, 1999 | Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument. | |||
| CVE-1999-0875 | 0.04 | — | 0.18 | Aug 11, 1999 | DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. | |||
| CVE-1999-0224 | 0.04 | — | 0.17 | Jul 23, 1999 | Denial of service in Windows NT messenger service through a long username. | |||
| CVE-1999-0140 | 0.04 | — | 0.14 | Jun 30, 1999 | Denial of service in RAS/PPTP on NT systems. | |||
| CVE-1999-0755 | 0.04 | — | 0.16 | May 27, 1999 | Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. | |||
| CVE-1999-1520 | 0.04 | — | 0.11 | May 11, 1999 | A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information. | |||
| CVE-1999-1033 | 0.04 | — | 0.17 | May 11, 1999 | Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang. | |||
| CVE-1999-0487 | 0.04 | — | 0.13 | May 1, 1999 | The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. | |||
| CVE-1999-0412 | 0.04 | — | 0.10 | Feb 19, 1999 | In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. | |||
| CVE-1999-1453 | 0.04 | — | 0.11 | Feb 2, 1999 | Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. | |||
| CVE-1999-0449 | 0.04 | — | 0.50 | Jan 26, 1999 | The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | |||
| CVE-1999-0869 | 0.04 | — | 0.17 | Dec 1, 1998 | Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. | |||
| CVE-1999-0506 | 0.04 | — | 0.17 | Oct 1, 1998 | A Windows NT domain user or administrator account has a default, null, blank, or missing password. | |||
| CVE-1999-0284 | 0.04 | — | 0.12 | Jan 1, 1998 | Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. | |||
| CVE-1999-0294 | 0.04 | — | 0.14 | Oct 1, 1997 | All records in a WINS database can be deleted through SNMP for a denial of service. | |||
| CVE-1999-0281 | 0.04 | — | 0.13 | Jun 1, 1997 | Denial of service in IIS using long URLs. | |||
| CVE-1999-0562 | 0.04 | — | 0.11 | Jan 1, 1997 | The registry in Windows NT can be accessed remotely by users who are not administrators. | |||
| CVE-1999-0233 | 0.04 | — | 0.16 | Feb 25, 1996 | IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. | |||
| CVE-2026-21244 | 0.03 | — | 0.01 | Feb 10, 2026 | Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. | |||
| CVE-2026-21250 | 0.03 | — | 0.01 | Feb 10, 2026 | Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-21248 | 0.03 | — | 0.01 | Feb 10, 2026 | Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. | |||
| CVE-2019-0539 | Hig | 0.03 | 7.5 | 0.83 | Jan 8, 2019 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567,… | ||
| CVE-2015-6174 | 0.03 | — | 0.03 | Dec 9, 2015 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka… | |||
| CVE-2015-6173 | 0.03 | — | 0.03 | Dec 9, 2015 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka… | |||
| CVE-2015-6171 | 0.03 | — | 0.03 | Dec 9, 2015 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka… | |||
| CVE-2015-6102 | 0.03 | — | 0.04 | Nov 11, 2015 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and… | |||
| CVE-2015-6101 | 0.03 | — | 0.03 | Nov 11, 2015 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka… | |||
| CVE-2015-6100 | 0.03 | — | 0.03 | Nov 11, 2015 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka… | |||
| CVE-2015-6098 | 0.03 | — | 0.04 | Nov 11, 2015 | Buffer overflow in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows NDIS Elevation of Privilege… | |||
| CVE-2015-6038 | 0.03 | — | 0.36 | Nov 11, 2015 | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allow remote attackers to… |
- CVE-2000-0580Jun 30, 2000risk 0.04cvss —epss 0.17
Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization.
- CVE-2000-0400May 13, 2000risk 0.04cvss —epss 0.07
The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post.
- CVE-2000-0347May 2, 2000risk 0.04cvss —epss 0.18
Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name.
- CVE-2000-0256Apr 19, 2000risk 0.04cvss —epss 0.12
Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.
- CVE-2000-0260Apr 14, 2000risk 0.04cvss —epss 0.14
Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability.
- CVE-2000-0200Mar 6, 2000risk 0.04cvss —epss 0.16
Buffer overflow in Microsoft Clip Art Gallery allows remote attackers to cause a denial of service or execute commands via a malformed CIL (clip art library) file, aka the "Clip Art Buffer Overrun" vulnerability.
- CVE-2000-0156Feb 16, 2000risk 0.04cvss —epss 0.13
Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability.
- CVE-2000-0114Feb 2, 2000risk 0.04cvss —epss 0.48
Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
- CVE-2000-0098Jan 26, 2000risk 0.04cvss —epss 0.49
Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist.
- CVE-1999-0981Dec 8, 1999risk 0.04cvss —epss 0.13
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."
- CVE-1999-0989Dec 6, 1999risk 0.04cvss —epss 0.12
Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol.
- CVE-1999-0819Dec 1, 1999risk 0.04cvss —epss 0.16
NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it.
- CVE-1999-0793Nov 17, 1999risk 0.04cvss —epss 0.13
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
- CVE-1999-1110Nov 14, 1999risk 0.04cvss —epss 0.10
Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.
- CVE-2000-0330Nov 12, 1999risk 0.04cvss —epss 0.15
The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.
- CVE-2000-0329Nov 11, 1999risk 0.04cvss —epss 0.08
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
- CVE-1999-0877Oct 1, 1999risk 0.04cvss —epss 0.18
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME.
- CVE-1999-0750Sep 13, 1999risk 0.04cvss —epss 0.09
Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.
- CVE-1999-0669Sep 1, 1999risk 0.04cvss —epss 0.08
The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
- CVE-1999-1016Aug 27, 1999risk 0.04cvss —epss 0.08
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as…
- CVE-1999-0749Aug 16, 1999risk 0.04cvss —epss 0.08
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
- CVE-1999-0875Aug 11, 1999risk 0.04cvss —epss 0.18
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.
- CVE-1999-0224Jul 23, 1999risk 0.04cvss —epss 0.17
Denial of service in Windows NT messenger service through a long username.
- CVE-1999-0140Jun 30, 1999risk 0.04cvss —epss 0.14
Denial of service in RAS/PPTP on NT systems.
- CVE-1999-0755May 27, 1999risk 0.04cvss —epss 0.16
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.
- CVE-1999-1520May 11, 1999risk 0.04cvss —epss 0.11
A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information.
- CVE-1999-1033May 11, 1999risk 0.04cvss —epss 0.17
Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.
- CVE-1999-0487May 1, 1999risk 0.04cvss —epss 0.13
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.
- CVE-1999-0412Feb 19, 1999risk 0.04cvss —epss 0.10
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
- CVE-1999-1453Feb 2, 1999risk 0.04cvss —epss 0.11
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object.
- CVE-1999-0449Jan 26, 1999risk 0.04cvss —epss 0.50
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
- CVE-1999-0869Dec 1, 1998risk 0.04cvss —epss 0.17
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.
- CVE-1999-0506Oct 1, 1998risk 0.04cvss —epss 0.17
A Windows NT domain user or administrator account has a default, null, blank, or missing password.
- CVE-1999-0284Jan 1, 1998risk 0.04cvss —epss 0.12
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
- CVE-1999-0294Oct 1, 1997risk 0.04cvss —epss 0.14
All records in a WINS database can be deleted through SNMP for a denial of service.
- CVE-1999-0281Jun 1, 1997risk 0.04cvss —epss 0.13
Denial of service in IIS using long URLs.
- CVE-1999-0562Jan 1, 1997risk 0.04cvss —epss 0.11
The registry in Windows NT can be accessed remotely by users who are not administrators.
- CVE-1999-0233Feb 25, 1996risk 0.04cvss —epss 0.16
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
- CVE-2026-21244Feb 10, 2026risk 0.03cvss —epss 0.01
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
- CVE-2026-21250Feb 10, 2026risk 0.03cvss —epss 0.01
Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.
- CVE-2026-21248Feb 10, 2026risk 0.03cvss —epss 0.01
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
- risk 0.03cvss 7.5epss 0.83
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567,…
- CVE-2015-6174Dec 9, 2015risk 0.03cvss —epss 0.03
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka…
- CVE-2015-6173Dec 9, 2015risk 0.03cvss —epss 0.03
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka…
- CVE-2015-6171Dec 9, 2015risk 0.03cvss —epss 0.03
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka…
- CVE-2015-6102Nov 11, 2015risk 0.03cvss —epss 0.04
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and…
- CVE-2015-6101Nov 11, 2015risk 0.03cvss —epss 0.03
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka…
- CVE-2015-6100Nov 11, 2015risk 0.03cvss —epss 0.03
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka…
- CVE-2015-6098Nov 11, 2015risk 0.03cvss —epss 0.04
Buffer overflow in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows NDIS Elevation of Privilege…
- CVE-2015-6038Nov 11, 2015risk 0.03cvss —epss 0.36
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allow remote attackers to…
Page 218 of 287