Windows 8 Security Vulnerabilities and Issues — Windows 8 CVE List

Lucene search

MicrosoftWindows 8

7 matches found

CVE•added 2015/01/13 10:59 p.m.•902 views

CVE-2015-0016

Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted path...

9.3CVSS6.8AI score0.91334EPSS

CVE•added 2015/01/13 10:59 p.m.•101 views

CVE-2015-0014

Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows Telnet Se...

10CVSS7.9AI score0.80777EPSS

CVE•added 2015/01/13 10:59 p.m.•86 views

CVE-2015-0002

The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not verify that an impersonation token is associated with an...

7.2CVSS6.5AI score0.44232EPSS

CVE•added 2015/01/13 10:59 p.m.•78 views

CVE-2015-0001

The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass the Protected Process Light protection mechanism and read the contents of arbitrary process-memory locations by leveraging admin...

1.9CVSS6.3AI score0.00548EPSS

CVE•added 2015/01/13 10:59 p.m.•75 views

CVE-2015-0004

The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges by conducting a junction atta...

7.2CVSS6.5AI score0.20937EPSS

CVE•added 2015/01/13 10:59 p.m.•63 views

CVE-2015-0006

The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows ...

6.1CVSS6.6AI score0.12799EPSS

CVE•added 2015/01/13 10:59 p.m.•60 views

CVE-2015-0011

mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass an impersonatio...

4.7CVSS6.3AI score0.00628EPSS