Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows 101703

713 matches found

CVE
CVEadded 2019/08/14 9:15 p.m.90 views

CVE-2019-1186

An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted...

7CVSS7.3AI score0.00304EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.90 views

CVE-2019-1272

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulne...

7.8CVSS8AI score0.00372EPSS
CVE
CVEadded 2019/10/10 2:15 p.m.90 views

CVE-2019-1358

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1359.

9.3CVSS8.8AI score0.58897EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.89 views

CVE-2017-0192

The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive information via a specially...

4.3CVSS5.4AI score0.22919EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.89 views

CVE-2017-0259

The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability,"...

4.7CVSS4.2AI score0.04995EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.89 views

CVE-2017-0270

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles...

5.9CVSS6.1AI score0.27804EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.89 views

CVE-2017-0296

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior to copying memory t...

7.8CVSS5.7AI score0.00273EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.89 views

CVE-2017-11781

The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a denial of service vulnerability when an attacker sends spec...

7.8CVSS8AI score0.21784EPSS
CVE
CVEadded 2018/06/14 12:29 p.m.89 views

CVE-2018-8215

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. T...

5.3CVSS5.2AI score0.01097EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.89 views

CVE-2019-1171

An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to an affected syst...

5.6CVSS7AI score0.00417EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.89 views

CVE-2019-1267

An elevation of privilege vulnerability exists in Microsoft Compatibility Appraiser where a configuration file, with local privileges, is vulnerable to symbolic link and hard link attacks, aka 'Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability'.

7.8CVSS7.8AI score0.00469EPSS
CVE
CVEadded 2019/10/10 2:15 p.m.89 views

CVE-2019-1317

A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'.

7.3CVSS7.9AI score0.00496EPSS
CVE
CVEadded 2019/05/16 7:29 p.m.88 views

CVE-2019-0931

An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'.

7CVSS7AI score0.00268EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.87 views

CVE-2017-0212

Windows Hyper-V allows an elevation of privilege vulnerability when Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 fail to properly validate vSMB packet data, aka "Windows Hyper-V vSMB Elevation of Privilege Vulnerability".

7.6CVSS7.6AI score0.00351EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.87 views

CVE-2017-0258

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document...

4.7CVSS5.1AI score0.04995EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.87 views

CVE-2017-8470

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializ...

5CVSS4.7AI score0.15731EPSS
CVE
CVEadded 2017/06/29 1:29 p.m.87 views

CVE-2017-8575

The kernel in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application, aka "Microsoft Graphics Component Information Disclosure Vulnerability."

5.5CVSS4.8AI score0.02131EPSS
CVE
CVEadded 2018/03/14 5:29 p.m.87 views

CVE-2018-0899

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memo...

4.7CVSS4.7AI score0.06807EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.87 views

CVE-2019-1176

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with ful...

7.2CVSS8.2AI score0.00213EPSS
CVE
CVEadded 2019/10/10 2:15 p.m.87 views

CVE-2019-1230

An information disclosure vulnerability exists when the Windows Hyper-V Network Switch on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Information Disclosure Vulnerability'.

6.8CVSS7.1AI score0.02357EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.86 views

CVE-2017-0167

An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further comp...

5.5CVSS5.7AI score0.09513EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.86 views

CVE-2017-11824

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles objects ...

7CVSS8AI score0.01133EPSS
CVE
CVEadded 2019/07/15 7:15 p.m.86 views

CVE-2019-0999

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.

7.8CVSS7.6AI score0.00274EPSS
CVE
CVEadded 2019/10/10 2:15 p.m.86 views

CVE-2019-1325

An elevation of privilege vulnerability exists in the Windows redirected drive buffering system (rdbss.sys) when the operating system improperly handles specific local calls within Windows 7 for 32-bit systems, aka 'Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability'.

5.5CVSS7AI score0.00443EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.85 views

CVE-2017-0183

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V D...

6.3CVSS5.9AI score0.00584EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.85 views

CVE-2017-0274

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles...

5.9CVSS6.1AI score0.27804EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.85 views

CVE-2017-0294

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute remote code when Windows fails to properly handle cabinet files, aka "Windows Remote C...

9.3CVSS6.2AI score0.28742EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.85 views

CVE-2017-11779

The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows DNSAPI...

9.3CVSS9AI score0.38264EPSS
CVE
CVEadded 2017/06/29 1:29 p.m.85 views

CVE-2017-8576

The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability."

7CVSS5.6AI score0.01277EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.85 views

CVE-2017-8727

Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Windows Text Services Fram...

7.6CVSS8.6AI score0.20533EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.85 views

CVE-2019-1254

An information disclosure vulnerability exists when Windows Hyper-V writes uninitialized memory to disk, aka 'Windows Hyper-V Information Disclosure Vulnerability'.

5.5CVSS6.1AI score0.0059EPSS
CVE
CVEadded 2019/10/10 2:15 p.m.85 views

CVE-2019-1334

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1345.

5.5CVSS6.5AI score0.07944EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.84 views

CVE-2017-0250

Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to buffer overflow, aka "Microsoft JET Databa...

9.3CVSS8.4AI score0.30172EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.84 views

CVE-2019-1251

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1245.

5.5CVSS6.2AI score0.27638EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.84 views

CVE-2019-1292

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

6.8CVSS6.2AI score0.03676EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.83 views

CVE-2017-0246

The Graphics Component in the kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application or in Window...

7CVSS7.2AI score0.16582EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.83 views

CVE-2017-0300

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Window...

5CVSS4.8AI score0.15731EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.83 views

CVE-2017-11817

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly vali...

4.7CVSS6.1AI score0.03549EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.83 views

CVE-2017-8677

The Windows GDI+ component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly discloses kernel ...

5.5CVSS5.3AI score0.26895EPSS
CVE
CVEadded 2019/05/16 7:29 p.m.83 views

CVE-2019-0886

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.

6.8CVSS6.2AI score0.00822EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.82 views

CVE-2017-11783

Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles calls to Advanced Local Procedure Call (ALPC), aka "Windows Elevation of Privilege Vulnerability".

7CVSS7.9AI score0.07572EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.82 views

CVE-2017-11849

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted application due to the Windows...

4.7CVSS5.2AI score0.06375EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.82 views

CVE-2017-11851

The Windows kernel component on Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709, allows an information disclosure vulnerability when it improperl...

4.7CVSS5.3AI score0.06375EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.81 views

CVE-2017-0297

The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel...

5CVSS4.8AI score0.15731EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.81 views

CVE-2017-11815

The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it ha...

5.3CVSS6.4AI score0.22607EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.81 views

CVE-2017-11829

Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions.

5.5CVSS7.1AI score0.02283EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.81 views

CVE-2017-11853

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted application due to the Windows...

5.5CVSS5.2AI score0.06375EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.81 views

CVE-2017-8564

Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly initialize a memory ad...

5.5CVSS5.3AI score0.22928EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.81 views

CVE-2019-1216

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.

5.5CVSS6.2AI score0.01464EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.81 views

CVE-2019-1293

An information disclosure vulnerability exists in Windows when the Windows SMB Client kernel-mode driver fails to properly handle objects in memory, aka 'Windows SMB Client Driver Information Disclosure Vulnerability'.

5.5CVSS6.1AI score0.00955EPSS
Total number of security vulnerabilities713