Windows 7 Security Vulnerabilities and Issues — Windows 7 CVE List

Lucene search

MicrosoftWindows 7

1031 matches found

CVE•added 2018/05/09 7:29 p.m.•2085 views

CVE-2018-8174

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windo...

7.6CVSS8.1AI score0.94283EPSS

CVE•added 2018/05/09 7:29 p.m.•1600 views

CVE-2018-8120

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-...

7.2CVSS7.4AI score0.94013EPSS

CVE•added 2020/03/12 4:15 p.m.•1385 views

CVE-2020-0787

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.59671EPSS

CVE•added 2021/10/13 1:15 a.m.•1374 views

CVE-2021-40449

Win32k Elevation of Privilege Vulnerability

7.8CVSS8AI score0.83548EPSS

CVE•added 2022/04/15 7:15 p.m.•1327 views

CVE-2022-24521

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.9AI score0.02729EPSS

CVE•added 2017/05/12 2:29 p.m.•1258 views

CVE-2017-0213

Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially ...

7.3CVSS5.9AI score0.91805EPSS

CVE•added 2020/11/11 7:15 a.m.•1244 views

CVE-2020-17087

Windows Kernel Local Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.15084EPSS

CVE•added 2016/04/12 11:59 p.m.•1227 views

CVE-2016-0167

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vu...

7.8CVSS6.8AI score0.11623EPSS

CVE•added 2017/03/17 12:59 a.m.•1207 views

CVE-2017-0147

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory ...

7.5CVSS5.7AI score0.92418EPSS

CVE•added 2022/02/09 5:15 p.m.•1188 views

CVE-2022-22718

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.0674EPSS

CVE•added 2020/02/11 10:15 p.m.•1170 views

CVE-2020-0683

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.

7.8CVSS8AI score0.27418EPSS

CVE•added 2021/11/10 1:19 a.m.•1166 views

CVE-2021-41379

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS7AI score0.04121EPSS

CVE•added 2022/02/09 5:15 p.m.•1166 views

CVE-2022-21999

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.70876EPSS

CVE•added 2020/05/21 11:15 p.m.•1150 views

CVE-2020-1054

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.

7.8CVSS7.8AI score0.80387EPSS

CVE•added 2017/05/12 2:29 p.m.•1145 views

CVE-2017-0263

The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of P...

7.8CVSS7.6AI score0.18325EPSS

CVE•added 2021/08/12 6:15 p.m.•1144 views

CVE-2021-34484

Windows User Profile Service Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.06173EPSS

CVE•added 2019/04/09 9:29 p.m.•1141 views

CVE-2019-0859

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.

7.8CVSS8.2AI score0.84886EPSS

CVE•added 2019/11/12 7:15 p.m.•1137 views

CVE-2019-1405

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'.

7.8CVSS8.4AI score0.58623EPSS

CVE•added 2021/06/08 11:15 p.m.•1132 views

CVE-2021-31199

Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

7.8CVSS7.2AI score0.00462EPSS

CVE•added 2021/07/14 6:15 p.m.•1132 views

CVE-2021-31979

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.01032EPSS

CVE•added 2018/10/10 1:29 p.m.•1128 views

CVE-2018-8453

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server...

7.8CVSS7.6AI score0.84016EPSS

CVE•added 2021/06/08 11:15 p.m.•1128 views

CVE-2021-31201

Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability

7.8CVSS7.2AI score0.00172EPSS

CVE•added 2019/04/09 9:29 p.m.•1124 views

CVE-2019-0803

7.8CVSS8.2AI score0.84886EPSS

CVE•added 2019/12/10 10:15 p.m.•1124 views

CVE-2019-1458

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.8CVSS8.2AI score0.92947EPSS

CVE•added 2020/08/17 7:15 p.m.•1100 views

CVE-2020-1464

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.In an attack scenario, an attacker could bypass security features intended to prevent imprope...

7.8CVSS7.3AI score0.05831EPSS

CVE•added 2022/01/11 9:15 p.m.•1100 views

CVE-2022-21919

Windows User Profile Service Elevation of Privilege Vulnerability

7CVSS8.2AI score0.00684EPSS

CVE•added 2016/08/09 9:59 p.m.•1096 views

CVE-2016-3309

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privi...

7.8CVSS7.5AI score0.49455EPSS

CVE•added 2019/07/29 2:13 p.m.•1091 views

CVE-2019-1132

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.8CVSS7.7AI score0.29255EPSS

CVE•added 2016/03/09 11:59 a.m.•1090 views

CVE-2016-0099

The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a craf...

7.8CVSS7.5AI score0.91168EPSS

CVE•added 2021/09/15 12:15 p.m.•1082 views

CVE-2021-36955

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8AI score0.18971EPSS

CVE•added 2019/10/10 2:15 p.m.•1071 views

CVE-2019-1315

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342.

7.8CVSS8.5AI score0.06219EPSS

CVE•added 2016/11/10 7:0 a.m.•1070 views

CVE-2016-7255

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win3...

7.8CVSS7.6AI score0.89359EPSS

CVE•added 2022/04/15 7:15 p.m.•1070 views

CVE-2022-26904

Windows User Profile Service Elevation of Privilege Vulnerability

7CVSS8.2AI score0.27261EPSS

CVE•added 2020/04/15 3:15 p.m.•1068 views

CVE-2020-0938

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

7.8CVSS8.2AI score0.8787EPSS

CVE•added 2017/03/17 12:59 a.m.•1067 views

CVE-2017-0001

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI ...

7.8CVSS6.2AI score0.12861EPSS

CVE•added 2019/05/16 7:29 p.m.•1067 views

CVE-2019-0863

An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

7.8CVSS7.7AI score0.13544EPSS

CVE•added 2019/09/11 10:15 p.m.•1064 views

CVE-2019-1215

An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.

7.8CVSS8.1AI score0.19565EPSS

CVE•added 2019/09/11 10:15 p.m.•1062 views

CVE-2019-1214

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.11567EPSS

CVE•added 2020/04/15 3:15 p.m.•1062 views

CVE-2020-1027

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.

7.8CVSS8AI score0.13396EPSS

CVE•added 2018/09/13 12:29 a.m.•1052 views

CVE-2018-8440

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8....

7.8CVSS7.5AI score0.76175EPSS

CVE•added 2022/07/12 11:15 p.m.•1051 views

CVE-2022-22047

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.00669EPSS

CVE•added 2019/01/08 9:29 p.m.•1047 views

CVE-2019-0543

An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Window...

7.8CVSS7.7AI score0.03524EPSS

CVE•added 2017/03/17 12:59 a.m.•1034 views

CVE-2017-0005

7.8CVSS6.2AI score0.12861EPSS

CVE•added 2022/08/09 8:15 p.m.•1030 views

CVE-2022-34713

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

7.8CVSS8.9AI score0.08936EPSS

CVE•added 2010/12/06 1:44 p.m.•1004 views

CVE-2010-4398

Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (...

7.8CVSS6.8AI score0.14487EPSS

CVE•added 2016/02/10 11:59 a.m.•1001 views

CVE-2016-0040

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."

7.8CVSS7.3AI score0.72234EPSS

CVE•added 2017/03/17 12:59 a.m.•1000 views

CVE-2017-0101

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted app...

7.8CVSS6.2AI score0.6193EPSS

CVE•added 2013/05/24 8:55 p.m.•992 views

CVE-2013-3660

The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next ob...

7.8CVSS6.5AI score0.67944EPSS

CVE•added 2019/04/09 3:29 a.m.•988 views

CVE-2019-0808

7.8CVSS8.2AI score0.52291EPSS

CVE•added 2010/01/21 7:30 p.m.•984 views

CVE-2010-0232

The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly va...

7.8CVSS6.2AI score0.73257EPSS

Total number of security vulnerabilities1031