Lucene search

K

594 matches found

CVE
CVE
added 2013/02/13 12:4 p.m.45 views

CVE-2013-1254

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel ...

4.9CVSS6.4AI score0.00434EPSS
CVE
CVE
added 2013/07/10 3:46 a.m.45 views

CVE-2013-3172

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to cause a denial of service (system hang) via a crafted application that leverages impr...

4.9CVSS6.4AI score0.00248EPSS
CVE
CVE
added 2007/06/12 7:30 p.m.44 views

CVE-2007-2229

Microsoft Windows Vista uses insecure default permissions for unspecified "local user information data stores" in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka "Permissive User Information Store ACLs Information Disc...

7.2CVSS5.5AI score0.00846EPSS
CVE
CVE
added 2007/11/07 11:46 p.m.44 views

CVE-2007-3751

Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors.

9.3CVSS7.6AI score0.16668EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.44 views

CVE-2009-2515

Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka "...

7.2CVSS6.1AI score0.01635EPSS
CVE
CVE
added 2010/03/10 10:30 p.m.44 views

CVE-2010-0265

Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability."

9.3CVSS7.7AI score0.69314EPSS
CVE
CVE
added 2010/04/14 4:0 p.m.44 views

CVE-2010-0810

The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability."

4.7CVSS6AI score0.0128EPSS
CVE
CVE
added 2010/11/04 7:0 p.m.44 views

CVE-2010-4182

Untrusted search path vulnerability in the Data Access Objects (DAO) library (dao360.dll) in Microsoft Windows XP Professional SP3, Windows Server 2003 R2 Enterprise Edition SP3, Windows Vista Business SP1, and Windows 7 Professional allows local users, and possibly remote attackers, to execute arb...

9.3CVSS7.4AI score0.3316EPSS
CVE
CVE
added 2011/04/13 6:55 p.m.44 views

CVE-2011-0665

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS
CVE
CVE
added 2011/04/13 8:26 p.m.44 views

CVE-2011-1233

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer deref...

7.2CVSS6.4AI score0.00845EPSS
CVE
CVE
added 2011/06/16 8:55 p.m.44 views

CVE-2011-1873

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers during the parsing of OpenType (aka OTF) fonts, wh...

9.3CVSS7.6AI score0.33768EPSS
CVE
CVE
added 2012/03/13 9:55 p.m.44 views

CVE-2012-0156

DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly render Unicode characters, which allows remote attackers to cause a denial of service (application hang) via a (1) instant message or (2) web site, aka "DirectWrite Appl...

4.3CVSS6.6AI score0.23239EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.44 views

CVE-2013-1280

The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a c...

7.2CVSS6.4AI score0.008EPSS
CVE
CVE
added 2016/03/09 11:59 a.m.44 views

CVE-2016-0100

Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."

8.4CVSS8.2AI score0.6875EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.43 views

CVE-2007-1533

The Teredo implementation in Microsoft Windows Vista uses the same nonce for communication with different UDP ports within a solicitation session, which makes it easier for remote attackers to spoof the nonce through brute force attacks.

5CVSS6.5AI score0.24205EPSS
CVE
CVE
added 2008/06/12 2:32 a.m.43 views

CVE-2008-1453

The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets.

8.3CVSS7.2AI score0.01142EPSS
CVE
CVE
added 2011/04/13 8:26 p.m.43 views

CVE-2011-0674

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS
CVE
CVE
added 2011/04/13 8:26 p.m.43 views

CVE-2011-1232

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer deref...

7.2CVSS6.4AI score0.00845EPSS
CVE
CVE
added 2011/12/14 12:55 a.m.43 views

CVE-2011-3401

ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .dvr-ms file, aka "Windows Media Player DVR-MS Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.51783EPSS
CVE
CVE
added 2012/06/12 10:55 p.m.43 views

CVE-2012-1866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to g...

7.2CVSS6.3AI score0.00872EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.43 views

CVE-2013-1269

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel ...

4.9CVSS6.4AI score0.00434EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.43 views

CVE-2013-1276

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel ...

4.9CVSS6.4AI score0.00366EPSS
CVE
CVE
added 2007/04/04 4:19 p.m.42 views

CVE-2007-1212

Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file.

6.6CVSS6.3AI score0.02795EPSS
CVE
CVE
added 2007/03/20 8:19 p.m.42 views

CVE-2007-1532

The neighbor discovery implementation in Microsoft Windows Vista allows remote attackers to conduct a redirect attack by (1) responding to queries by sending spoofed Neighbor Advertisements or (2) blindly sending Neighbor Advertisements.

6.4CVSS6.6AI score0.24205EPSS
CVE
CVE
added 2007/09/12 1:17 a.m.42 views

CVE-2007-3036

Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files."

6.9CVSS6.3AI score0.03161EPSS
CVE
CVE
added 2009/08/12 5:30 p.m.42 views

CVE-2009-1545

Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI...

9.3CVSS7.5AI score0.57802EPSS
CVE
CVE
added 2010/02/26 7:30 p.m.42 views

CVE-2010-0719

An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application.

4.7CVSS6.4AI score0.00416EPSS
CVE
CVE
added 2010/08/11 6:47 p.m.42 views

CVE-2010-2555

The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the length of strings in the registry, which allows local users to gain privileges or cause a denial of service (memory corruption) via vectors i...

6.8CVSS6.6AI score0.00765EPSS
CVE
CVE
added 2011/04/13 6:55 p.m.42 views

CVE-2011-0666

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application th...

7.2CVSS6.5AI score0.00623EPSS
CVE
CVE
added 2007/08/14 10:17 p.m.41 views

CVE-2007-3032

Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported.

6.8CVSS7.2AI score0.58353EPSS
CVE
CVE
added 2007/08/14 10:17 p.m.41 views

CVE-2007-3891

Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes.

6.8CVSS7.3AI score0.5212EPSS
CVE
CVE
added 2009/08/12 5:30 p.m.41 views

CVE-2009-1922

The Message Queuing (aka MSMQ) service for Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP2, and Vista Gold does not properly validate unspecified IOCTL request data from user mode before passing this data to kernel mode, which allows local users to gain privileges via a crafted request, aka "MS...

6.9CVSS6.3AI score0.0158EPSS
CVE
CVE
added 2007/12/12 12:46 a.m.40 views

CVE-2007-5350

Unspecified vulnerability in the Windows Advanced Local Procedure Call (ALPC) in the kernel in Microsoft Windows Vista allows local users to gain privileges via unspecified vectors involving "legacy reply paths."

7.2CVSS6.1AI score0.00846EPSS
CVE
CVE
added 2010/04/14 4:0 p.m.40 views

CVE-2010-0238

Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability."

4.9CVSS6AI score0.01209EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.40 views

CVE-2013-1268

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel ...

4.9CVSS6.4AI score0.00445EPSS
CVE
CVE
added 2007/08/08 11:17 p.m.39 views

CVE-2007-4247

Windows Calendar on Microsoft Windows Vista allows remote attackers to cause a denial of service (NULL dereference and persistent application crash) via a malformed ICS file.

4.3CVSS6.6AI score0.28809EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.39 views

CVE-2013-1265

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel ...

7CVSS6.3AI score0.003EPSS
CVE
CVE
added 2007/07/10 7:30 p.m.38 views

CVE-2007-3671

Unspecified vulnerability in the kernel in Microsoft Windows Vista has unspecified remote attack vectors and impact, as shown in the "0day IPO" presentation at SyScan'07.

7.8CVSS6.5AI score0.28167EPSS
CVE
CVE
added 2008/02/12 9:0 p.m.38 views

CVE-2008-0084

Unspecified vulnerability in the TCP/IP support in Microsoft Windows Vista allows remote DHCP servers to cause a denial of service (hang and restart) via a crafted DHCP packet.

7.8CVSS6.2AI score0.74028EPSS
CVE
CVE
added 2010/09/15 7:0 p.m.38 views

CVE-2010-0818

The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly handle crafted media content with MPEG-4 video encoding, which allows remote attackers to execute arbitrary code via a file in an unsp...

9.3CVSS7.6AI score0.29882EPSS
CVE
CVE
added 2010/12/16 7:33 p.m.38 views

CVE-2010-3957

Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted OpenType font, aka "OpenType Font Double Free...

7.3CVSS6.4AI score0.04043EPSS
CVE
CVE
added 2008/08/13 12:41 a.m.35 views

CVE-2008-2246

Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions.

7.8CVSS6.4AI score0.53579EPSS
CVE
CVE
added 2008/09/03 2:12 p.m.35 views

CVE-2008-3893

Microsoft Bitlocker in Windows Vista before SP1 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer during boot, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.

5.5CVSS5.9AI score0.00822EPSS
CVE
CVE
added 2013/02/13 12:4 p.m.35 views

CVE-2013-1270

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel ...

4.9CVSS6.4AI score0.00434EPSS
Total number of security vulnerabilities594