Windows 8.1 Security Vulnerabilities and Issues — Windows 8.1 CVE List

Lucene search

MicrosoftWindows 8.1

349 matches found

CVE•added 2018/05/22 12:29 p.m.•724 views

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store ...

5.5CVSS5.9AI score0.46737EPSS

CVE•added 2019/09/03 6:15 p.m.•590 views

CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an a...

5.6CVSS6.8AI score0.15102EPSS

CVE•added 2022/03/09 5:15 p.m.•359 views

CVE-2022-24503

Remote Desktop Protocol Client Information Disclosure Vulnerability

5.4CVSS6.6AI score0.00575EPSS

CVE•added 2019/06/12 2:29 p.m.•251 views

CVE-2019-1040

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features.To exploit t...

5.9CVSS6.7AI score0.9061EPSS

CVE•added 2019/07/15 7:15 p.m.•241 views

CVE-2019-1073

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071.

5.5CVSS5.8AI score0.00349EPSS

CVE•added 2019/04/09 9:29 p.m.•238 views

CVE-2019-0796

An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.

5.5CVSS6.7AI score0.85917EPSS

CVE•added 2020/11/11 7:15 a.m.•227 views

CVE-2020-1599

Windows Spoofing Vulnerability

5.5CVSS7.2AI score0.05733EPSS

CVE•added 2022/03/09 5:15 p.m.•222 views

CVE-2022-23281

Windows Common Log File System Driver Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00475EPSS

CVE•added 2022/03/09 5:15 p.m.•217 views

CVE-2022-22010

Media Foundation Information Disclosure Vulnerability

5.5CVSS5.7AI score0.00991EPSS

CVE•added 2022/07/12 11:15 p.m.•208 views

CVE-2022-30223

Windows Hyper-V Information Disclosure Vulnerability

5.7CVSS6.6AI score0.03907EPSS

CVE•added 2022/03/09 5:15 p.m.•195 views

CVE-2022-23297

Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00325EPSS

CVE•added 2017/07/11 9:29 p.m.•181 views

CVE-2017-8582

HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in memor...

5.9CVSS5.7AI score0.12553EPSS

CVE•added 2019/07/15 7:15 p.m.•176 views

CVE-2019-1096

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.23126EPSS

CVE•added 2022/03/09 5:15 p.m.•174 views

CVE-2022-21973

Windows Media Center Update Denial of Service Vulnerability

5.5CVSS6.1AI score0.00141EPSS

CVE•added 2022/10/11 7:15 p.m.•172 views

CVE-2022-38043

Windows Security Support Provider Interface Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00447EPSS

CVE•added 2023/01/10 10:15 p.m.•169 views

CVE-2023-21776

Windows Kernel Information Disclosure Vulnerability

5.5CVSS5.5AI score0.00669EPSS

CVE•added 2018/11/14 1:29 a.m.•166 views

CVE-2018-8407

An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider" driver improperly initializes objects in memory, aka "MSRPC Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Wi...

5.5CVSS6.7AI score0.00704EPSS

CVE•added 2022/05/10 9:15 p.m.•164 views

CVE-2022-26930

Windows Remote Access Connection Manager Information Disclosure Vulnerability

5.5CVSS7.1AI score0.02048EPSS

CVE•added 2022/04/15 7:15 p.m.•161 views

CVE-2022-24493

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

5.5CVSS6.9AI score0.00435EPSS

CVE•added 2019/07/15 7:15 p.m.•160 views

CVE-2019-1071

5.5CVSS5.8AI score0.00349EPSS

CVE•added 2017/05/12 2:29 p.m.•154 views

CVE-2017-0267

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles...

5.9CVSS6.1AI score0.27804EPSS

CVE•added 2022/08/09 8:15 p.m.•154 views

CVE-2022-34708

Windows Kernel Information Disclosure Vulnerability

5.5CVSS7AI score0.01087EPSS

CVE•added 2023/01/10 10:15 p.m.•152 views

CVE-2023-21682

Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability

5.3CVSS5.3AI score0.01967EPSS

CVE•added 2021/10/13 1:15 a.m.•151 views

CVE-2021-40454

Rich Text Edit Control Information Disclosure Vulnerability

5.5CVSS6.7AI score0.00145EPSS

CVE•added 2022/05/10 9:15 p.m.•150 views

CVE-2022-22011

Windows Graphics Component Information Disclosure Vulnerability

5.5CVSS7AI score0.00618EPSS

CVE•added 2021/07/16 9:15 p.m.•148 views

CVE-2021-34457

Windows Remote Access Connection Manager Information Disclosure Vulnerability

5.5CVSS6.6AI score0.0052EPSS

CVE•added 2019/03/06 12:0 a.m.•146 views

CVE-2019-0621

5.5CVSS6.5AI score0.01706EPSS

CVE•added 2022/04/15 7:15 p.m.•146 views

CVE-2022-24483

Windows Kernel Information Disclosure Vulnerability

5.5CVSS7AI score0.06681EPSS

CVE•added 2013/11/13 12:55 a.m.•145 views

CVE-2013-3869

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to cause a denial of service (daemon hang) via a web-service r...

5CVSS6.5AI score0.0806EPSS

CVE•added 2021/07/16 9:15 p.m.•145 views

CVE-2021-34440

GDI+ Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00309EPSS

CVE•added 2022/06/15 10:15 p.m.•145 views

CVE-2022-30162

Windows Kernel Information Disclosure Vulnerability

5.5CVSS6.5AI score0.00558EPSS

CVE•added 2019/01/08 9:29 p.m.•140 views

CVE-2019-0569

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Wind...

5.5CVSS5.6AI score0.01077EPSS

CVE•added 2022/10/11 7:15 p.m.•140 views

CVE-2022-38026

Windows DHCP Client Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00189EPSS

CVE•added 2017/09/13 1:29 a.m.•139 views

CVE-2017-8695

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; L...

5.3CVSS6AI score0.25671EPSS

CVE•added 2019/04/09 9:29 p.m.•139 views

CVE-2019-0844

5.5CVSS6.1AI score0.00978EPSS

CVE•added 2019/04/09 12:29 a.m.•138 views

CVE-2019-0755

5.5CVSS5.6AI score0.00908EPSS

CVE•added 2019/09/11 10:15 p.m.•137 views

CVE-2019-1282

An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.

5.5CVSS6.2AI score0.00573EPSS

CVE•added 2018/11/14 1:29 a.m.•136 views

CVE-2018-8547

A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Active Directory Federation Services XSS Vulnerability." This a...

5.4CVSS6.5AI score0.00427EPSS

CVE•added 2019/04/09 9:29 p.m.•136 views

CVE-2019-0848

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814.

5.5CVSS6AI score0.00996EPSS

CVE•added 2021/07/16 9:15 p.m.•135 views

CVE-2021-34454

Windows Remote Access Connection Manager Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00437EPSS

CVE•added 2022/02/09 5:15 p.m.•135 views

CVE-2022-22710

Windows Common Log File System Driver Denial of Service Vulnerability

5.5CVSS6.3AI score0.00361EPSS

CVE•added 2014/06/11 4:56 a.m.•133 views

CVE-2014-1811

The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (non-paged pool memory consumption and system hang) via...

5CVSS6.5AI score0.3039EPSS

CVE•added 2019/03/06 12:0 a.m.•132 views

CVE-2019-0628

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS6.4AI score0.00549EPSS

CVE•added 2019/09/11 10:15 p.m.•132 views

CVE-2019-1274

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'.

5.5CVSS5.9AI score0.0059EPSS

CVE•added 2020/01/14 11:15 p.m.•132 views

CVE-2020-0607

An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.175EPSS

CVE•added 2020/01/14 11:15 p.m.•132 views

CVE-2020-0608

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS6.4AI score0.00978EPSS

CVE•added 2018/01/04 2:29 p.m.•131 views

CVE-2018-0754

The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerab...

5.5CVSS5.2AI score0.00779EPSS

CVE•added 2019/03/06 12:0 a.m.•131 views

CVE-2019-0636

An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'.

5.5CVSS6.8AI score0.00549EPSS

CVE•added 2018/11/14 1:29 a.m.•130 views

CVE-2018-8565

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka "Win32k Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2...

5.5CVSS6.4AI score0.0263EPSS

CVE•added 2020/01/14 11:15 p.m.•130 views

CVE-2020-0639

An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0615.

5.5CVSS6.6AI score0.00681EPSS

Total number of security vulnerabilities349