Windows 8.1 Security Vulnerabilities and Issues — Windows 8.1 CVE List

Lucene search

MicrosoftWindows 8.1

19 matches found

CVE•added 2019/07/15 7:15 p.m.•1160 views

CVE-2019-0880

A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'.

7.8CVSS7.5AI score0.0137EPSS

CVE•added 2019/07/29 2:13 p.m.•1106 views

CVE-2019-1130

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129.

7.8CVSS7.7AI score0.08695EPSS

CVE•added 2019/07/15 7:15 p.m.•272 views

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

7.5CVSS7.8AI score0.03045EPSS

CVE•added 2019/07/15 7:15 p.m.•241 views

CVE-2019-1073

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071.

5.5CVSS5.8AI score0.00349EPSS

CVE•added 2019/07/15 7:15 p.m.•213 views

CVE-2019-0887

A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

8.5CVSS8AI score0.41145EPSS

CVE•added 2019/07/15 7:15 p.m.•192 views

CVE-2019-1089

An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application. The security update addresses this vulnerability by corr...

7.8CVSS7.5AI score0.03914EPSS

CVE•added 2019/07/15 7:15 p.m.•188 views

CVE-2019-1088

An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1087.

7.8CVSS7.6AI score0.00278EPSS

CVE•added 2019/07/15 7:15 p.m.•179 views

CVE-2019-1094

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116.

6.5CVSS6.1AI score0.12437EPSS

CVE•added 2019/07/15 7:15 p.m.•176 views

CVE-2019-1096

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.23126EPSS

CVE•added 2019/07/15 7:15 p.m.•175 views

CVE-2019-1086

An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1087, CVE-2019-1088.

7.8CVSS7.6AI score0.00278EPSS

CVE•added 2019/07/15 7:15 p.m.•160 views

CVE-2019-1071

5.5CVSS5.8AI score0.00349EPSS

CVE•added 2019/07/15 7:15 p.m.•128 views

CVE-2019-1082

An elevation of privilege vulnerability exists in Microsoft Windows where a certain DLL, with Local Service privilege, is vulnerable to race planting a customized DLL.An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM.The update addresses this vu...

7.8CVSS6.2AI score0.00372EPSS

CVE•added 2019/07/29 1:57 p.m.•127 views

CVE-2019-1102

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

9.3CVSS8.1AI score0.24741EPSS

CVE•added 2019/07/15 7:15 p.m.•119 views

CVE-2019-1095

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116.

6.5CVSS6.1AI score0.12437EPSS

CVE•added 2019/07/15 7:15 p.m.•118 views

CVE-2019-1087

An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1088.

7.8CVSS7.6AI score0.00278EPSS

CVE•added 2019/07/29 2:8 p.m.•107 views

CVE-2019-1108

An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerability'.

6.5CVSS6.3AI score0.21114EPSS

CVE•added 2019/07/15 7:15 p.m.•103 views

CVE-2019-1085

An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory, aka 'Windows WLAN Service Elevation of Privilege Vulnerability'.

7.8CVSS7.6AI score0.00278EPSS

CVE•added 2019/07/15 7:15 p.m.•100 views

CVE-2019-1093

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1097.

5.5CVSS5.8AI score0.0143EPSS

CVE•added 2019/07/15 7:15 p.m.•96 views

CVE-2019-1097

5.5CVSS5.8AI score0.0143EPSS