Windows 7@6.1.0 Security Vulnerabilities and Issues — Page 6 of Windows 7@6.1.0 CVE List

A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application.A remote unauthenticated attacker could exploit this vulnerability by iss...

5.5CVSS7AI score0.03246EPSS

CVE•added 2020/09/11 5:15 p.m.•93 views

CVE-2020-0782

An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.To exploit this vulnerability, an attacker would first have to log on ...

7.8CVSS8.1AI score0.00726EPSS

CVE•added 2021/01/12 8:15 p.m.•93 views

CVE-2021-1661

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.0044EPSS

CVE•added 2021/02/25 11:15 p.m.•93 views

CVE-2021-1734

Windows Remote Procedure Call Information Disclosure Vulnerability

7.5CVSS8.3AI score0.12209EPSS

CVE•added 2020/09/11 5:15 p.m.•92 views

CVE-2020-0838

An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafte...

7.8CVSS8AI score0.00726EPSS

CVE•added 2020/09/11 5:15 p.m.•92 views

CVE-2020-1598

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v...

7.8CVSS7.4AI score0.01512EPSS

CVE•added 2021/01/12 8:15 p.m.•92 views

CVE-2021-1652

Windows CSC Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00313EPSS

CVE•added 2021/01/12 8:15 p.m.•92 views

CVE-2021-1688

Windows CSC Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00256EPSS

CVE•added 2021/01/12 8:15 p.m.•92 views

CVE-2021-1708

Windows GDI+ Information Disclosure Vulnerability

5.7CVSS6.6AI score0.07968EPSS

CVE•added 2021/04/13 8:15 p.m.•92 views

CVE-2021-28439

Windows TCP/IP Driver Denial of Service Vulnerability

7.5CVSS7.9AI score0.17798EPSS

CVE•added 2020/11/11 7:15 a.m.•91 views

CVE-2020-17004

Windows Graphics Component Information Disclosure Vulnerability

5.5CVSS7AI score0.00448EPSS

CVE•added 2020/11/11 7:15 a.m.•91 views

CVE-2020-17068

Windows GDI+ Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.0073EPSS

CVE•added 2020/09/11 5:15 p.m.•90 views

CVE-2020-0922

A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.To exploit the vulnerability, a user would have to open a specially crafted file...

9.3CVSS8.7AI score0.129EPSS

CVE•added 2020/11/11 7:15 a.m.•90 views

CVE-2020-17045

Windows KernelStream Information Disclosure Vulnerability

5.5CVSS7AI score0.00606EPSS

CVE•added 2021/01/12 8:15 p.m.•90 views

CVE-2021-1693

Windows CSC Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00313EPSS

CVE•added 2021/04/13 8:15 p.m.•90 views

CVE-2021-28328

Windows DNS Information Disclosure Vulnerability

6.5CVSS7.1AI score0.11531EPSS

CVE•added 2020/09/11 5:15 p.m.•89 views

CVE-2020-0912

An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privil...

7.8CVSS7.7AI score0.00317EPSS

CVE•added 2021/01/12 8:15 p.m.•89 views

CVE-2021-1679

Windows CryptoAPI Denial of Service Vulnerability

6.5CVSS7.3AI score0.04105EPSS

CVE•added 2021/03/11 4:15 p.m.•89 views

CVE-2021-26881

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

8.8CVSS8.7AI score0.0607EPSS

CVE•added 2021/03/11 4:15 p.m.•89 views

CVE-2021-26901

Windows Event Tracing Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.0045EPSS

CVE•added 2021/04/13 8:15 p.m.•89 views

CVE-2021-28309

Windows Kernel Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00403EPSS

CVE•added 2020/09/11 5:15 p.m.•88 views

CVE-2020-1038

A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system...

5.5CVSS6.8AI score0.00702EPSS

CVE•added 2020/09/11 5:15 p.m.•88 views

CVE-2020-1074

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8.3AI score0.31961EPSS

CVE•added 2020/09/11 5:15 p.m.•88 views

CVE-2020-1245

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; o...

7.8CVSS7.8AI score0.0047EPSS

CVE•added 2020/10/16 11:15 p.m.•88 views

CVE-2020-16900

An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS7.7AI score0.00263EPSS

CVE•added 2020/11/11 7:15 a.m.•88 views

CVE-2020-17029

Windows Canonical Display Driver Information Disclosure Vulnerability

5.5CVSS7AI score0.00606EPSS

CVE•added 2021/04/13 8:15 p.m.•88 views

CVE-2021-26413

Windows Installer Spoofing Vulnerability

6.2CVSS7.2AI score0.00517EPSS

CVE•added 2021/03/11 4:15 p.m.•88 views

CVE-2021-26875

Windows Win32k Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00378EPSS

CVE•added 2021/03/11 4:15 p.m.•88 views

CVE-2021-27077

Windows Win32k Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.02391EPSS

CVE•added 2021/04/13 8:15 p.m.•88 views

CVE-2021-28446

Windows Portmapping Information Disclosure Vulnerability

7.1CVSS6.6AI score0.0099EPSS

CVE•added 2020/09/11 5:15 p.m.•87 views

CVE-2020-1491

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could...

7.8CVSS8.1AI score0.00529EPSS

CVE•added 2020/10/16 11:15 p.m.•87 views

CVE-2020-16973

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The ...

7.8CVSS8.2AI score0.00524EPSS

CVE•added 2021/04/13 8:15 p.m.•87 views

CVE-2021-28316

Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability

4.6CVSS6.1AI score0.00314EPSS

CVE•added 2019/06/12 2:29 p.m.•86 views

CVE-2019-0985

A remote code execution vulnerability exists when the Microsoft Speech API (SAPI) improperly handles text-to-speech (TTS) input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.To exploit the vulnerability, an att...

7.8CVSS7.7AI score0.14521EPSS

CVE•added 2020/09/11 5:15 p.m.•86 views

CVE-2020-0921

Microsoft Graphics Component Denial of Service Vulnerability

5.5CVSS6.7AI score0.01084EPSS

CVE•added 2020/09/11 5:15 p.m.•86 views

CVE-2020-1256

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

6.5CVSS6.4AI score0.158EPSS

CVE•added 2020/10/16 11:15 p.m.•86 views

CVE-2020-16912

7.8CVSS8.2AI score0.00542EPSS

CVE•added 2019/06/12 2:29 p.m.•85 views

CVE-2019-1013

6.5CVSS5.6AI score0.14112EPSS

CVE•added 2020/09/11 5:15 p.m.•85 views

CVE-2020-0790

A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.This vulnerability by itself does not allow arbitrary code ex...

7.8CVSS8.4AI score0.00512EPSS

CVE•added 2021/04/13 8:15 p.m.•85 views

CVE-2021-27093

Windows Kernel Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00442EPSS

CVE•added 2021/04/13 8:15 p.m.•85 views

CVE-2021-28317

Microsoft Windows Codecs Library Information Disclosure Vulnerability

5.5CVSS6.5AI score0.00448EPSS

CVE•added 2019/06/12 2:29 p.m.•84 views

CVE-2019-0968

6.5CVSS5.9AI score0.29578EPSS

CVE•added 2020/09/11 5:15 p.m.•84 views

CVE-2020-1030

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...

7.8CVSS8.1AI score0.02591EPSS

CVE•added 2020/09/11 5:15 p.m.•84 views

CVE-2020-1052

An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafte...

7.8CVSS8.1AI score0.00512EPSS

CVE•added 2020/10/16 11:15 p.m.•84 views

CVE-2020-16976

7.8CVSS8.2AI score0.00542EPSS

CVE•added 2021/04/13 8:15 p.m.•84 views

CVE-2021-27091

RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.004EPSS

Total number of security vulnerabilities327