Windows 7 Security Vulnerabilities and Issues — Windows 7 CVE List

Lucene search

MicrosoftWindows 7

186 matches found

cve•added 2013/12/11 12:55 a.m.•3105 views

CVE-2013-3900

Why is Microsoft republishing a CVE from 2013?We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the format i...

8.8CVSS7.4AI score0.79689EPSS

In wild

cve•added 2021/09/15 12:15 p.m.•1496 views

CVE-2021-40444

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.An attacker could craft a malicious ActiveX c...

8.8CVSS7.3AI score0.94291EPSS

In wild

cve•added 2015/09/09 12:59 a.m.•1256 views

CVE-2015-2546

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption E...

8.2CVSS8.5AI score0.39088EPSS

In wild

cve•added 2020/04/15 3:15 p.m.•1208 views

CVE-2020-1020

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

8.8CVSS8.2AI score0.8787EPSS

In wild

cve•added 2022/05/10 9:15 p.m.•1179 views

CVE-2022-26925

Windows LSA Spoofing Vulnerability

8.1CVSS7.5AI score0.25186EPSS

In wild

cve•added 2021/06/08 11:15 p.m.•1176 views

CVE-2021-33742

Windows MSHTML Platform Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.54142EPSS

In wild

cve•added 2015/06/10 1:59 a.m.•872 views

CVE-2015-2360

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial o...

8.8CVSS6.5AI score0.05865EPSS

In wild

cve•added 2022/11/09 10:15 p.m.•854 views

CVE-2022-41128

Windows Scripting Languages Remote Code Execution Vulnerability

8.8CVSS8.3AI score0.67153EPSS

In wild

cve•added 2011/12/30 1:55 a.m.•778 views

CVE-2011-3416

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."

8.5CVSS6AI score0.83531EPSS

Web

cve•added 2022/03/09 5:15 p.m.•381 views

CVE-2022-21990

Remote Desktop Client Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.15997EPSS

cve•added 2018/05/09 7:29 p.m.•317 views

CVE-2018-0824

A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2...

8.8CVSS7.9AI score0.8545EPSS

In wild

cve•added 2018/12/12 12:29 a.m.•286 views

CVE-2018-8639

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server...

8.4CVSS8.5AI score0.2752EPSS

In wild

cve•added 2022/04/15 7:15 p.m.•274 views

CVE-2022-24500

Windows SMB Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.36017EPSS

cve•added 2022/04/15 7:15 p.m.•271 views

CVE-2022-24528

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.01953EPSS

cve•added 2023/01/10 10:15 p.m.•244 views

CVE-2023-21549

Windows SMB Witness Service Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.01858EPSS

cve•added 2021/01/12 8:15 p.m.•236 views

CVE-2021-1678

Windows Print Spooler Spoofing Vulnerability

8.8CVSS8AI score0.53619EPSS

Web

cve•added 2022/08/09 8:15 p.m.•235 views

CVE-2022-34691

Active Directory Domain Services Elevation of Privilege Vulnerability

8.8CVSS9.1AI score0.0122EPSS

cve•added 2017/07/11 9:29 p.m.•226 views

CVE-2017-8563

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Kerberos falling back to NT LAN Manager (NTLM) Authentication Pro...

8.1CVSS7.1AI score0.17921EPSS

cve•added 2020/06/09 8:15 p.m.•224 views

CVE-2020-1301

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.

8.8CVSS8.5AI score0.34234EPSS

cve•added 2022/04/15 7:15 p.m.•224 views

CVE-2022-24533

Remote Desktop Protocol Remote Code Execution Vulnerability

8.5CVSS8.9AI score0.06599EPSS

cve•added 2020/06/09 8:15 p.m.•222 views

CVE-2020-1300

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious ...

8.8CVSS8.3AI score0.40477EPSS

cve•added 2022/05/10 9:15 p.m.•217 views

CVE-2022-22019

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.02889EPSS

cve•added 2019/07/15 7:15 p.m.•216 views

CVE-2019-0887

A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

8.5CVSS8AI score0.54304EPSS

cve•added 2022/07/12 11:15 p.m.•211 views

CVE-2022-30221

Windows Graphics Component Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01583EPSS

cve•added 2020/10/16 11:15 p.m.•208 views

CVE-2020-16891

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could caus...

8.8CVSS8.7AI score0.00539EPSS

cve•added 2015/02/11 3:0 a.m.•204 views

CVE-2015-0008

The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication from the server to the client, which allows remote ...

8.3CVSS8.1AI score0.09423EPSS

cve•added 2022/05/10 9:15 p.m.•203 views

CVE-2022-22013

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.09826EPSS

cve•added 2022/08/09 8:15 p.m.•203 views

CVE-2022-34714

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

8.1CVSS9AI score0.01029EPSS

cve•added 2021/08/12 6:15 p.m.•202 views

CVE-2021-34535

Remote Desktop Client Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.03156EPSS

cve•added 2022/01/11 9:15 p.m.•199 views

CVE-2022-21893

Remote Desktop Protocol Remote Code Execution Vulnerability

8.5CVSS8.9AI score0.05377EPSS

cve•added 2023/01/10 10:15 p.m.•197 views

CVE-2023-21556

Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability

8.1CVSS8.2AI score0.00581EPSS

cve•added 2021/08/12 6:15 p.m.•190 views

CVE-2021-34480

Scripting Engine Memory Corruption Vulnerability

8.8CVSS7.8AI score0.01736EPSS

cve•added 2021/08/12 6:15 p.m.•186 views

CVE-2021-36947

Windows Print Spooler Remote Code Execution Vulnerability

8.8CVSS9AI score0.04539EPSS

cve•added 2021/05/11 7:15 p.m.•183 views

CVE-2021-28455

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.09683EPSS

cve•added 2021/11/10 1:18 a.m.•183 views

CVE-2021-38666

Remote Desktop Client Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.18948EPSS

cve•added 2022/05/10 9:15 p.m.•181 views

CVE-2022-29139

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.09236EPSS

cve•added 2022/10/11 7:15 p.m.•179 views

CVE-2022-41081

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.02826EPSS

cve•added 2020/10/16 11:15 p.m.•176 views

CVE-2020-16933

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file co...

8.8CVSS6.6AI score0.0284EPSS

cve•added 2022/11/09 10:15 p.m.•174 views

CVE-2022-41039

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.00114EPSS

cve•added 2022/09/13 7:15 p.m.•172 views

CVE-2022-37958

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

8.1CVSS8.8AI score0.07629EPSS

cve•added 2022/05/10 9:15 p.m.•169 views

CVE-2022-29141

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.11044EPSS

cve•added 2023/01/10 10:15 p.m.•168 views

CVE-2023-21732

Microsoft ODBC Driver Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00887EPSS

cve•added 2021/07/16 9:15 p.m.•167 views

CVE-2021-34446

Windows HTML Platforms Security Feature Bypass Vulnerability

8.8CVSS8AI score0.01423EPSS

cve•added 2022/06/15 10:15 p.m.•167 views

CVE-2022-30161

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.09164EPSS

cve•added 2021/07/16 9:15 p.m.•166 views

CVE-2021-34447

Windows MSHTML Platform Remote Code Execution Vulnerability

8.8CVSS7.7AI score0.0135EPSS

cve•added 2021/09/15 12:15 p.m.•164 views

CVE-2021-26435

Windows Scripting Engine Memory Corruption Vulnerability

8.1CVSS7.9AI score0.03809EPSS

cve•added 2022/07/12 11:15 p.m.•163 views

CVE-2022-22037

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

8.5CVSS7.7AI score0.06491EPSS

cve•added 2022/06/15 10:15 p.m.•162 views

CVE-2022-30163

Windows Hyper-V Remote Code Execution Vulnerability

8.5CVSS9.1AI score0.00705EPSS

cve•added 2020/06/09 8:15 p.m.•160 views

CVE-2020-1281

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.

8.8CVSS8.5AI score0.30214EPSS

cve•added 2022/05/10 9:15 p.m.•160 views

CVE-2022-22014

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.09826EPSS

Total number of security vulnerabilities186