Windows 7 Security Vulnerabilities and Issues — Page 46 of Windows 7 CVE List

Lucene search

MicrosoftWindows 7

2372 matches found

CVE•added 2011/04/13 6:55 p.m.•51 views

CVE-2011-0670

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•51 views

CVE-2011-0671

8.4CVSS6.5AI score0.01054EPSS

CVE•added 2011/04/13 8:26 p.m.•51 views

CVE-2011-0672

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•51 views

CVE-2011-1227

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer deref...

7.2CVSS6.4AI score0.00845EPSS

CVE•added 2011/07/13 11:55 p.m.•51 views

CVE-2011-1875

7.2CVSS6.4AI score0.0061EPSS

CVE•added 2012/07/10 9:55 p.m.•51 views

CVE-2012-1890

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle keyboard-layout files, which allows local users to gain privileges via a crafted applic...

7.2CVSS6.3AI score0.00427EPSS

CVE•added 2013/02/13 12:4 p.m.•51 views

CVE-2013-1271

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel ...

4.9CVSS6.4AI score0.00434EPSS

CVE•added 2013/10/09 2:53 p.m.•51 views

CVE-2013-3894

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TT...

9.3CVSS7.5AI score0.24627EPSS

CVE•added 2014/07/08 10:55 p.m.•51 views

CVE-2014-2780

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges by leveraging control over a low-integrity process to execute a crafted application, aka "DirectShow Elevat...

6.9CVSS6.7AI score0.03119EPSS

CVE•added 2015/03/11 10:59 a.m.•51 views

CVE-2015-0079

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to cause a denial of service (memory consumption and RDP outage) by establishing many RDP sessions that do not properly free allocated mem...

7.8CVSS6.6AI score0.22982EPSS

CVE•added 2015/03/11 10:59 a.m.•51 views

CVE-2015-0089

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly...

5CVSS5.7AI score0.19489EPSS

CVE•added 2015/05/13 10:59 a.m.•51 views

CVE-2015-1696

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability,...

9.3CVSS7.8AI score0.33094EPSS

CVE•added 2010/04/14 4:0 p.m.•50 views

CVE-2010-0481

The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Virtual P...

5.5CVSS6AI score0.0067EPSS

CVE•added 2010/04/14 4:0 p.m.•50 views

CVE-2010-0486

The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a f...

9.3CVSS7.6AI score0.44165EPSS

CVE•added 2011/07/13 11:55 p.m.•50 views

CVE-2011-1881

8.4CVSS6.4AI score0.00759EPSS

CVE•added 2011/07/13 11:55 p.m.•50 views

CVE-2011-1882

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2011/07/13 11:55 p.m.•50 views

CVE-2011-1887

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs...

7.8CVSS6.4AI score0.00995EPSS

CVE•added 2011/08/10 9:55 p.m.•50 views

CVE-2011-1971

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse file metadata, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Metadata Parsing DOS Vulnerability."

4.7CVSS5.9AI score0.01221EPSS

CVE•added 2012/11/14 12:55 a.m.•50 views

CVE-2012-2530

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application, aka "Win32k Use...

7.2CVSS6.4AI score0.02798EPSS

CVE•added 2013/02/13 12:4 p.m.•50 views

CVE-2013-1275

7CVSS6.4AI score0.003EPSS

CVE•added 2013/09/11 2:3 p.m.•50 views

CVE-2013-1344

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multi...

7.2CVSS6.2AI score0.01084EPSS

CVE•added 2013/06/12 3:30 a.m.•50 views

CVE-2013-3136

The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly handle unspecified page-fault system calls, which allows local users to obtain sensitive information from kernel memory via...

4.4CVSS5.3AI score0.00916EPSS

CVE•added 2013/07/10 3:46 a.m.•50 views

CVE-2013-3167

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k...

7.2CVSS6.3AI score0.00679EPSS

CVE•added 2013/09/11 2:3 p.m.•50 views

CVE-2013-3865

7.2CVSS6.2AI score0.01084EPSS

CVE•added 2015/06/10 1:59 a.m.•50 views

CVE-2015-1719

The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to obtain sensitive information from kernel memory vi...

2.1CVSS5.4AI score0.03817EPSS

CVE•added 2016/07/13 1:59 a.m.•50 views

CVE-2016-3251

The GDI component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to obtain sensitive kernel-address information via a crafted ...

2.8CVSS4.4AI score0.10543EPSS

CVE•added 2019/03/12 10:29 p.m.•50 views

CVE-2019-5921

Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

7.8CVSS7.7AI score0.01907EPSS

CVE•added 2010/08/11 6:47 p.m.•49 views

CVE-2010-1897

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation, which allows local...

7.2CVSS6.2AI score0.01971EPSS

CVE•added 2010/12/16 7:33 p.m.•49 views

CVE-2010-3961

The Consent User Interface (UI) in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle an unspecified registry-key value, which allows local users with SeImpersonatePrivilege rights to gain privileges via a crafted application, aka "Con...

7.2CVSS6.5AI score0.00747EPSS

CVE•added 2011/01/07 12:0 p.m.•49 views

CVE-2010-4669

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 allows remote attackers to cause a denial of service (CPU consumption and system hang) by sending many Router Advertisement (RA) mess...

7.8CVSS7.2AI score0.07851EPSS

CVE•added 2011/02/10 4:0 p.m.•49 views

CVE-2011-0033

The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts, which allows remote attackers to execute arbitra...

9.3CVSS7.6AI score0.2718EPSS

CVE•added 2011/02/09 1:0 a.m.•49 views

CVE-2011-0089

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka ...

7.2CVSS6.4AI score0.00859EPSS

CVE•added 2011/02/10 4:0 p.m.•49 views

CVE-2011-0091

Kerberos in Microsoft Windows Server 2008 R2 and Windows 7 does not prevent a session from changing from strong encryption to DES encryption, which allows man-in-the-middle attackers to spoof network traffic and obtain sensitive information via a DES downgrade, aka "Kerberos Spoofing Vulnerability....

6.4CVSS5.8AI score0.0235EPSS

CVE•added 2011/04/13 6:55 p.m.•49 views

CVE-2011-0667

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2011/04/13 8:26 p.m.•49 views

CVE-2011-1225

7.2CVSS6.4AI score0.00827EPSS

CVE•added 2012/11/14 12:55 a.m.•49 views

CVE-2012-2553

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerabilit...

7.2CVSS6.4AI score0.01488EPSS

CVE•added 2013/02/13 12:4 p.m.•49 views

CVE-2013-1264

4.9CVSS6.3AI score0.00434EPSS

CVE•added 2013/09/11 2:3 p.m.•49 views

CVE-2013-1342

7.8CVSS6.2AI score0.01084EPSS

CVE•added 2013/09/11 2:3 p.m.•49 views

CVE-2013-1343

7.2CVSS6.2AI score0.01084EPSS

CVE•added 2013/09/11 2:3 p.m.•49 views

CVE-2013-3866

7.2CVSS6.5AI score0.0059EPSS

CVE•added 2015/03/11 10:59 a.m.•49 views

CVE-2015-0084

The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to bypass intended restrictions on launching executable files vi...

2.1CVSS6.1AI score0.01221EPSS

CVE•added 2016/03/09 11:59 a.m.•49 views

CVE-2016-0092

OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Memory Remote Code Execution Vulne...

9.3CVSS8AI score0.47205EPSS

CVE•added 2011/04/13 6:55 p.m.•48 views

CVE-2011-0660

The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Respon...

9.3CVSS7.5AI score0.4891EPSS

CVE•added 2011/04/13 8:26 p.m.•48 views

CVE-2011-1234

7.2CVSS6.4AI score0.00639EPSS

CVE•added 2011/04/13 8:26 p.m.•48 views

CVE-2011-1239

7.2CVSS6.4AI score0.00623EPSS

CVE•added 2011/07/13 11:55 p.m.•48 views

CVE-2011-1883

7.2CVSS6.5AI score0.0061EPSS

CVE•added 2013/02/13 12:4 p.m.•48 views

CVE-2013-1250