Lucene search

K

256 matches found

CVE
CVE
added 2017/09/13 1:29 a.m.71 views

CVE-2017-8707

The Windows Hyper-V component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated u...

5.3CVSS5.2AI score0.03199EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.70 views

CVE-2017-0215

Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerabil...

5.3CVSS5.2AI score0.5143EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.70 views

CVE-2017-0216

Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature...

5.3CVSS5.3AI score0.5143EPSS
CVE
CVE
added 2017/12/12 9:29 p.m.70 views

CVE-2017-11899

Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way untrusted files are handled, aka "Microsoft Windows Security Feature Bypass Vulnerability".

9.8CVSS9.2AI score0.15901EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.70 views

CVE-2017-8588

Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it parses specially crafted files, aka "WordPa...

7.6CVSS7.2AI score0.28882EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.70 views

CVE-2017-8591

Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an remote code execution vulnerability when it fails to properly handle objects in memory, aka "Windows IME Remote Code Execution ...

7.8CVSS8.4AI score0.03109EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.69 views

CVE-2017-0051

Microsoft Windows 10 1607 and Windows Server 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Hyper-V Network Switch Denial of Service Vulnerability." This vulnerability is different from those described in CVE-2017-0074, CVE-...

5.4CVSS5.2AI score0.00651EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.69 views

CVE-2017-0082

The kernel-mode drivers in Microsoft Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0024, CVE-2017-0026, CVE-2017-0056, CVE-2017-0078, CVE-20...

7.8CVSS6AI score0.06734EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.69 views

CVE-2017-0098

Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka "Hyper-V Denial of Service Vulnerability." This vulnerability is different from those described in CVE-2017-0...

5.4CVSS5.2AI score0.00651EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.69 views

CVE-2017-11823

The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Microsoft Windows Security Feature Bypass".

7.2CVSS7.7AI score0.0302EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.68 views

CVE-2017-8624

CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows CLFS Elevation...

7.8CVSS8.1AI score0.01092EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.68 views

CVE-2017-8666

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly handle objects in memory, aka ...

5.5CVSS6.2AI score0.08EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.68 views

CVE-2017-8704

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability".

5.3CVSS5.9AI score0.00344EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.67 views

CVE-2017-11769

The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles loading dll files, aka "TRIE Remote Code Execution Vulnerability".

9.3CVSS8.9AI score0.3391EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.67 views

CVE-2017-8486

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an information disclosure due to the way it handles objects in memory, aka "Win32k Information Disclosure Vulner...

4.7CVSS5AI score0.01433EPSS
CVE
CVE
added 2017/06/29 1:29 p.m.67 views

CVE-2017-8554

The kernel in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an authenticated attacker to obtain memory contents via a specially crafted application.

4.7CVSS4.5AI score0.0127EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.67 views

CVE-2017-8562

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows improperly handling calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privil...

7CVSS6.7AI score0.00474EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.67 views

CVE-2017-8648

Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8597 and CV...

4.3CVSS4.3AI score0.12825EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.67 views

CVE-2017-8664

Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hype...

8.8CVSS8.8AI score0.00929EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.67 views

CVE-2017-8694

The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to prope...

7CVSS8AI score0.01133EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.67 views

CVE-2017-8714

The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Remote Desktop Virtua...

7.8CVSS7.2AI score0.01056EPSS
CVE
CVE
added 2017/04/12 2:59 p.m.66 views

CVE-2017-0159

A security feature bypass vulnerability exists in Windows 10 1607, Windows Server 2012 R2, and Windows 2016 when ADFS incorrectly treats requests coming from Extranet clients as Intranet requests, aka "ADFS Security Feature Bypass Vulnerability."

4.3CVSS5.7AI score0.04918EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.66 views

CVE-2017-8473

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in memory, aka "Win32k Informat...

5CVSS4.7AI score0.15731EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.66 views

CVE-2017-8593

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka ...

7CVSS7.5AI score0.00972EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.66 views

CVE-2017-8716

Windows Control Flow Guard in Microsoft Windows 10 Version 1703 allows an attacker to run a specially crafted application to bypass Control Flow Guard, due to the way that Control Flow Guard handles objects in memory, aka "Windows Security Feature Bypass Vulnerability".

5.3CVSS6.4AI score0.02335EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.65 views

CVE-2017-0291

Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-20...

9.3CVSS6.3AI score0.28742EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.65 views

CVE-2017-0293

Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows PDF Remote Co...

7.6CVSS8.2AI score0.2824EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.65 views

CVE-2017-11814

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly hand...

5.5CVSS6.7AI score0.08EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.65 views

CVE-2017-8578

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka ...

9.3CVSS6.9AI score0.12071EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.64 views

CVE-2017-0218

Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy...

5.3CVSS5.3AI score0.5143EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.64 views

CVE-2017-0295

Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure, aka "Windows Default Folder Tampering Vulnerability".

5.5CVSS5.4AI score0.00529EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.64 views

CVE-2017-8556

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, ak...

7CVSS6.9AI score0.00972EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.63 views

CVE-2017-8460

Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows information disclosure when a user opens a specially crafted PDF file, aka "Windows PDF Information Disclosure Vulnerability".

7.3CVSS5AI score0.01927EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.63 views

CVE-2017-8466

Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows improper elevation of privilege, aka "Windows Cursor Elevation of Privilege Vulnerability".

7.8CVSS5.7AI score0.00692EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.63 views

CVE-2017-8711

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability". This CVE ID is uniqu...

5.3CVSS4.9AI score0.03199EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.62 views

CVE-2017-0080

The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0024, CVE-2017-0026, CVE-2...

7.8CVSS6AI score0.06734EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.62 views

CVE-2017-11818

The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka "Windows Storage Security F...

4.5CVSS6.5AI score0.01721EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.62 views

CVE-2017-8465

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Windows kernel improperly handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability."...

7.8CVSS5.5AI score0.06987EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.62 views

CVE-2017-8515

Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an unauthenticated attacker to send a specially crafted kernel mode request to cause a denial of service on the target system, aka "Windows VAD Cloning Denial of Service Vulnerability".

5.5CVSS5.4AI score0.00388EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.62 views

CVE-2017-8675

The Windows Kernel-Mode Drivers component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when the Win32k compo...

7CVSS7.2AI score0.01052EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.62 views

CVE-2017-8713

The Windows Hyper-V component on Microsoft Windows Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating sys...

5.3CVSS5.2AI score0.03199EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.62 views

CVE-2017-8715

The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Windows Security Feature Bypass".

5.3CVSS7AI score0.01906EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.60 views

CVE-2017-8693

The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Microsoft Graphics Information Disclosure Vulnerability".

5.5CVSS6.6AI score0.06191EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.59 views

CVE-2017-8584

Windows 10 1607 and Windows Server 2016 allow an attacker to execute code remotely via a specially crafted WiFi packet aka "HoloLens Remote Code Execution Vulnerability."

7.9CVSS7.2AI score0.02314EPSS
CVE
CVE
added 2017/06/15 1:29 a.m.58 views

CVE-2017-8494

Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally-authenticated attacker to run a specially crafted application on a targeted system when Windows Secure Kernel Mode fails to properly handle objects in memory, aka "Windows Elevation of Privilege Vulnerability".

7.3CVSS5.5AI score0.00591EPSS
CVE
CVE
added 2017/10/13 1:29 p.m.57 views

CVE-2017-8703

The Microsoft Windows Subsystem for Linux on Microsoft Windows 10 1703 allows a denial of service vulnerability when it improperly handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability".

5.5CVSS6.1AI score0.00424EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.56 views

CVE-2017-8574

Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8573 and CVE-2017-8556...

7CVSS6.9AI score0.00972EPSS
CVE
CVE
added 2017/09/13 1:29 a.m.55 views

CVE-2017-8706

The Windows Hyper-V component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability...

5.3CVSS5AI score0.03199EPSS
CVE
CVE
added 2017/07/11 9:29 p.m.54 views

CVE-2017-8566

Microsoft Windows 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows Input Method Editor (IME) improperly handling parameters in a method of a DCOM class, aka "Windows IME Elevation of Privilege Vulnerability".

7CVSS6.7AI score0.00554EPSS
CVE
CVE
added 2017/08/08 9:29 p.m.54 views

CVE-2017-8622

Windows Subsystem for Linux in Windows 10 1703 allows an elevation of privilege vulnerability when it fails to properly handle handles NT pipes, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability".

7.8CVSS8AI score0.01092EPSS
Total number of security vulnerabilities256