Lucene search

K
MicrosoftWindows 7

2372 matches found

CVE
CVE
added 2011/07/13 11:55 p.m.54 views

CVE-2011-1888

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs...

7.2CVSS6.3AI score0.01048EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.54 views

CVE-2013-1249

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges, and consequ...

4.9CVSS6.4AI score0.00434EPSS
CVE
CVE
added 2015/06/10 1:59 a.m.54 views

CVE-2015-1723

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges v...

7.2CVSS6.5AI score0.08098EPSS
CVE
CVE
added 2015/11/11 12:59 p.m.54 views

CVE-2015-6097

Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted Journal (.jnt) file, aka "Windows Journal Heap Overflow Vulnerability."

9.3CVSS8AI score0.3884EPSS
CVE
CVE
added 2016/01/13 5:59 a.m.54 views

CVE-2016-0009

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka "Win32k Remote Code Execution Vulnerability."

9.3CVSS9AI score0.24571EPSS
CVE
CVE
added 2016/03/09 11:59 a.m.54 views

CVE-2016-0087

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 do not properly validate handles, which allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."

7.8CVSS7.6AI score0.01576EPSS
CVE
CVE
added 2018/02/15 2:29 a.m.54 views

CVE-2018-0755

The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". This CVE ID is unique fro...

5.5CVSS4.5AI score0.10128EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.53 views

CVE-2009-1547

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability."

9.3CVSS7.1AI score0.37945EPSS
CVE
CVE
added 2010/04/14 4:0 p.m.53 views

CVE-2010-0482

The kernel in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate relocation sections of image files, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Malformed Image Vulnerability."

4.7CVSS6AI score0.00983EPSS
CVE
CVE
added 2010/08/11 6:47 p.m.53 views

CVE-2010-1892

The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle malformed IPv6 packets, which allows remote attackers to cause a denial of service (system hang) via multiple crafted packets, aka "IPv6 Memory Corruption Vulnerabi...

7.8CVSS6.6AI score0.80211EPSS
CVE
CVE
added 2010/10/13 7:0 p.m.53 views

CVE-2010-2746

Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer is used, allows remote attackers to execute arbitr...

7.6CVSS7.8AI score0.69314EPSS
CVE
CVE
added 2010/10/26 10:0 p.m.53 views

CVE-2010-3227

Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 all...

9.3CVSS7.8AI score0.54804EPSS
CVE
CVE
added 2010/12/16 7:33 p.m.53 views

CVE-2010-3944

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability."

7.2CVSS6.2AI score0.02542EPSS
CVE
CVE
added 2011/03/09 11:0 p.m.53 views

CVE-2011-0042

SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista does not properly parse Digital V...

9.3CVSS7.5AI score0.57023EPSS
CVE
CVE
added 2011/04/13 8:26 p.m.53 views

CVE-2011-1230

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer deref...

7.2CVSS6.4AI score0.00845EPSS
CVE
CVE
added 2011/04/13 8:26 p.m.53 views

CVE-2011-1242

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.4AI score0.0061EPSS
CVE
CVE
added 2011/10/12 2:52 a.m.53 views

CVE-2011-1247

Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in th...

9.3CVSS6.4AI score0.23727EPSS
CVE
CVE
added 2011/07/13 10:55 p.m.53 views

CVE-2011-1265

The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary code via crafted Bluetooth packets, aka "Bluetoo...

8.8CVSS9AI score0.00329EPSS
CVE
CVE
added 2011/06/16 8:55 p.m.53 views

CVE-2011-1869

The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote DFS servers to cause a denial of service (system hang) via a crafted refe...

7.8CVSS6.5AI score0.34157EPSS
CVE
CVE
added 2011/07/13 11:55 p.m.53 views

CVE-2011-1874

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.8CVSS6.4AI score0.01004EPSS
CVE
CVE
added 2011/06/16 8:55 p.m.53 views

CVE-2011-1894

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for embedded content in an HTML document, which allows re...

4.3CVSS5.5AI score0.20108EPSS
CVE
CVE
added 2012/06/12 10:55 p.m.53 views

CVE-2012-1865

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to g...

7.2CVSS6.2AI score0.0135EPSS
CVE
CVE
added 2013/01/09 6:9 p.m.53 views

CVE-2013-0011

The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted print job, aka "Windows Print Spooler Components Vulnerability."

10CVSS7.7AI score0.36315EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.53 views

CVE-2013-1260

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel ...

4.9CVSS6.3AI score0.00434EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.53 views

CVE-2013-1273

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel ...

4.9CVSS6.4AI score0.00434EPSS
CVE
CVE
added 2015/02/11 3:1 a.m.53 views

CVE-2015-0061

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for TIFF images, which allows remote attackers to obtain sensitive informat...

4.3CVSS5.9AI score0.22562EPSS
CVE
CVE
added 2015/03/11 10:59 a.m.53 views

CVE-2015-0076

The photo-decoder implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly initialize memory for rendering of JXR images, which allows remote attackers to ...

4.3CVSS5.8AI score0.08135EPSS
CVE
CVE
added 2015/03/11 10:59 a.m.53 views

CVE-2015-0095

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to cause a denial of service (NULL pointer dereference and blue ...

5.6CVSS6.2AI score0.04408EPSS
CVE
CVE
added 2015/05/13 10:59 a.m.53 views

CVE-2015-1678

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function c...

2.1CVSS5.9AI score0.03162EPSS
CVE
CVE
added 2015/05/13 10:59 a.m.53 views

CVE-2015-1681

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to cause a denial of service via a crafted .msc file, aka "Microsoft Management Console File Format Denial of Servic...

1.9CVSS6.1AI score0.00972EPSS
CVE
CVE
added 2016/01/13 5:59 a.m.53 views

CVE-2016-0020

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "MAPI DLL Loading Elevation of Privilege Vulnerability."

7.8CVSS7.6AI score0.00693EPSS
CVE
CVE
added 2009/08/14 3:16 p.m.52 views

CVE-2009-2764

Microsoft Internet Explorer 8.0.7100.0 on Windows 7 RC on the x64 platform allows remote attackers to cause a denial of service (application crash) via a certain DIV element in conjunction with SCRIPT elements that have empty contents and no reference to a valid external script location.

5CVSS6.8AI score0.2262EPSS
CVE
CVE
added 2010/12/16 7:33 p.m.52 views

CVE-2010-3959

The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted CMAP table in an OpenType font, aka "OpenType CMAP Table Vulnerability."

6.9CVSS6.4AI score0.30858EPSS
CVE
CVE
added 2010/12/16 7:33 p.m.52 views

CVE-2010-3966

Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an EML file, an RSS file, or a WPOST file...

9.3CVSS6.5AI score0.47326EPSS
CVE
CVE
added 2011/04/13 8:26 p.m.52 views

CVE-2011-1240

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS
CVE
CVE
added 2011/08/10 9:55 p.m.52 views

CVE-2011-1871

Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a series of crafted ICMP messages, aka "ICMP Denial of Service Vulnerability."

7.8CVSS6.4AI score0.74922EPSS
CVE
CVE
added 2011/10/12 2:52 a.m.52 views

CVE-2011-2009

Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista, allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Media Center Insecure Librar...

9.3CVSS6.4AI score0.26469EPSS
CVE
CVE
added 2011/12/14 12:55 a.m.52 views

CVE-2011-2018

The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 does not properly initialize objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Exception Handler Vulnerab...

7.2CVSS6.2AI score0.00623EPSS
CVE
CVE
added 2012/05/09 12:55 a.m.52 views

CVE-2012-0174

Windows Firewall in tcpip.sys in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly enforce firewall rules for outbound broadcast packets, which allows remote attackers to obtain potentially sensitive information by observing broadcast...

1.7CVSS6AI score0.00957EPSS
CVE
CVE
added 2020/02/20 3:15 p.m.52 views

CVE-2012-5364

The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.

7.8CVSS7.3AI score0.21577EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.52 views

CVE-2013-1259

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel ...

4.9CVSS6.3AI score0.00434EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.52 views

CVE-2013-1279

Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverage...

7.2CVSS6.2AI score0.00489EPSS
CVE
CVE
added 2013/10/09 2:53 p.m.52 views

CVE-2013-3888

dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability."

8.4CVSS6.4AI score0.00559EPSS
CVE
CVE
added 2015/03/11 10:59 a.m.52 views

CVE-2015-0074

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly allocate memory, which allows remote attackers to cause a denial of se...

4.3CVSS6.4AI score0.12579EPSS
CVE
CVE
added 2015/05/13 10:59 a.m.52 views

CVE-2015-1695

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability,...

9.3CVSS7.8AI score0.33094EPSS
CVE
CVE
added 2018/02/26 8:29 p.m.52 views

CVE-2018-7250

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak 16 bits of uninitiali...

5.5CVSS5.5AI score0.12224EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.51 views

CVE-2009-2531

Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulne...

9.3CVSS7.2AI score0.42147EPSS
CVE
CVE
added 2010/10/13 7:0 p.m.51 views

CVE-2010-3229

The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handshakes, which allows remote attackers to cause a denial of serv...

7.1CVSS6.4AI score0.64341EPSS
CVE
CVE
added 2010/12/16 7:33 p.m.51 views

CVE-2010-3942

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for copies from user mode, which allows local users to gain privileges via a crafted ...

7.2CVSS6.4AI score0.01575EPSS
CVE
CVE
added 2011/06/16 8:55 p.m.51 views

CVE-2011-0658

Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a ...

9.3CVSS7.5AI score0.31103EPSS
Total number of security vulnerabilities2372