Windows 7 Security Vulnerabilities and Issues — Windows 7 CVE List

Lucene search

MicrosoftWindows 7

436 matches found

CVE•added 2017/04/12 2:59 p.m.•3684 views

CVE-2017-0199

Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code...

9.3CVSS8.3AI score0.94366EPSS

In wildWeb

CVE•added 2021/07/02 10:15 p.m.•2527 views

CVE-2021-34527

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or de...

9CVSS9AI score0.94349EPSS

In wildWeb

CVE•added 2022/06/01 8:15 p.m.•2114 views

CVE-2022-30190

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, vi...

9.3CVSS8.5AI score0.934EPSS

In wild

CVE•added 2021/06/08 11:15 p.m.•2068 views

CVE-2021-1675

Windows Print Spooler Remote Code Execution Vulnerability

9.3CVSS8.8AI score0.94349EPSS

In wildWeb

CVE•added 2010/07/22 10:0 a.m.•1651 views

CVE-2010-2568

Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explor...

9.3CVSS7.7AI score0.93204EPSS

In wild

CVE•added 2014/05/14 11:13 a.m.•1373 views

CVE-2014-1812

The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential i...

9CVSS8.6AI score0.77741EPSS

In wild

CVE•added 2017/06/15 1:29 a.m.•1341 views

CVE-2017-8464

Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file,...

9.3CVSS7.2AI score0.93388EPSS

In wild

CVE•added 2014/11/11 10:55 p.m.•1254 views

CVE-2014-6332

OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstra...

9.3CVSS8.8AI score0.94069EPSS

In wild

CVE•added 2021/06/08 11:15 p.m.•1195 views

CVE-2021-31956

Windows NTFS Elevation of Privilege Vulnerability

9.3CVSS8.5AI score0.8788EPSS

In wild

CVE•added 2021/07/16 9:15 p.m.•1164 views

CVE-2021-34448

Scripting Engine Memory Corruption Vulnerability

9.3CVSS7.4AI score0.02062EPSS

In wild

CVE•added 2012/04/10 9:55 p.m.•1087 views

CVE-2012-0151

The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE...

9.3CVSS5.8AI score0.88546EPSS

In wild

CVE•added 2019/05/16 7:29 p.m.•1048 views

CVE-2019-0903

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

9.3CVSS8AI score0.50834EPSS

In wild

CVE•added 2014/10/22 2:55 p.m.•1034 views

CVE-2014-6352

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted Pow...

9.3CVSS7.6AI score0.90891EPSS

In wild

CVE•added 2016/05/11 1:59 a.m.•1025 views

CVE-2016-0185

Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka "Windows Media Center Remote Code Execution Vulnerability."

9.3CVSS7.9AI score0.82752EPSS

In wild

CVE•added 2016/11/10 7:0 a.m.•1023 views

CVE-2016-7256

atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a cra...

9.3CVSS8.8AI score0.59042EPSS

In wild

CVE•added 2014/10/15 10:55 a.m.•946 views

CVE-2014-4114

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sand...

9.3CVSS9.5AI score0.92026EPSS

In wild

CVE•added 2014/11/18 11:59 p.m.•938 views

CVE-2014-6324

The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a...

9CVSS5.9AI score0.85883EPSS

In wild

CVE•added 2014/10/15 10:55 a.m.•914 views

CVE-2014-4148

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted True...

9.3CVSS7.9AI score0.34773EPSS

In wild

CVE•added 2015/01/13 10:59 p.m.•904 views

CVE-2015-0016

Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted path...

9.3CVSS6.8AI score0.91334EPSS

In wild

CVE•added 2016/10/14 2:59 a.m.•898 views

CVE-2016-3393

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted web site, ...

9.3CVSS7.8AI score0.29859EPSS

In wild

CVE•added 2015/07/20 6:59 p.m.•897 views

CVE-2015-2426

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a cra...

9.3CVSS7.4AI score0.91612EPSS

In wild

CVE•added 2014/11/11 10:55 p.m.•859 views

CVE-2014-4077

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanes...

9.3CVSS8.4AI score0.2956EPSS

In wild

CVE•added 2022/05/10 9:15 p.m.•585 views

CVE-2022-29130

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.13776EPSS

CVE•added 2022/05/10 9:15 p.m.•408 views

CVE-2022-22012

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.06584EPSS

CVE•added 2021/07/16 9:15 p.m.•359 views

CVE-2021-34481

9.8CVSS8.6AI score0.26941EPSS

In wild

CVE•added 2019/10/10 2:15 p.m.•358 views

CVE-2019-1365

An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability can allow an unprivileged function ran by the user to execute code in the context of NT AUTHORITY\sy...

9.9CVSS9.3AI score0.02534EPSS

CVE•added 2011/11/08 9:55 p.m.•312 views

CVE-2011-2016

Untrusted search path vulnerability in Windows Mail and Windows Meeting Space in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a direc...

9.3CVSS6.4AI score0.1561EPSS

CVE•added 2022/09/13 7:15 p.m.•312 views

CVE-2022-34721

Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.18666EPSS

In wild

CVE•added 2012/03/13 9:55 p.m.•310 views

CVE-2012-0002

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to execute arbitrary code ...

9.3CVSS9.5AI score0.86215EPSS

CVE•added 2022/08/09 8:15 p.m.•309 views

CVE-2022-30133

Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.15693EPSS

CVE•added 2022/05/10 9:15 p.m.•267 views

CVE-2022-21972

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

9.3CVSS9AI score0.5757EPSS

CVE•added 2021/08/12 6:15 p.m.•259 views

CVE-2021-26424

Windows TCP/IP Remote Code Execution Vulnerability

9.9CVSS8.8AI score0.09829EPSS

CVE•added 2021/12/15 3:15 p.m.•253 views

CVE-2021-43217

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability

9.8CVSS9.1AI score0.20568EPSS

In wild

CVE•added 2020/09/11 5:15 p.m.•238 views

CVE-2020-1013

An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.To exploit this vulnerability, an att...

9.3CVSS8.1AI score0.1795EPSS

CVE•added 2020/06/09 8:15 p.m.•225 views

CVE-2020-1299

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

9.3CVSS8.4AI score0.32912EPSS

CVE•added 2019/03/06 12:0 a.m.•224 views

CVE-2019-0633

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630.

9CVSS9.3AI score0.33738EPSS

CVE•added 2021/08/12 6:15 p.m.•222 views

CVE-2021-36936

Windows Print Spooler Remote Code Execution Vulnerability

9.8CVSS9AI score0.03658EPSS

CVE•added 2021/05/11 7:15 p.m.•218 views

CVE-2021-28476

Windows Hyper-V Remote Code Execution Vulnerability

9.9CVSS9.7AI score0.63205EPSS

CVE•added 2022/04/15 7:15 p.m.•209 views

CVE-2022-26903

Windows Graphics Component Remote Code Execution Vulnerability

9.3CVSS8.8AI score0.01609EPSS

CVE•added 2022/04/15 7:15 p.m.•206 views

CVE-2022-24541

Windows Server Service Remote Code Execution Vulnerability

9.3CVSS9.4AI score0.07634EPSS

CVE•added 2022/06/15 10:15 p.m.•205 views

CVE-2022-30141

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.3CVSS8.5AI score0.09953EPSS

CVE•added 2023/01/10 10:15 p.m.•202 views

CVE-2023-21557

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

9.1CVSS7.5AI score0.00554EPSS

CVE•added 2022/04/15 7:15 p.m.•193 views

CVE-2022-26919

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.3CVSS9AI score0.04017EPSS

CVE•added 2022/09/13 7:15 p.m.•193 views

CVE-2022-34718

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.8453EPSS

CVE•added 2019/03/06 12:0 a.m.•191 views

CVE-2019-0630

9CVSS9.3AI score0.33738EPSS

CVE•added 2022/05/10 9:15 p.m.•190 views

CVE-2022-29129

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9CVSS9.4AI score0.13405EPSS

CVE•added 2011/04/13 6:55 p.m.•189 views

CVE-2011-0657

DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via (1) a cr...

9.8CVSS7.6AI score0.49697EPSS

CVE•added 2019/01/08 9:29 p.m.•187 views

CVE-2019-0584

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Se...

9.3CVSS8AI score0.35437EPSS

CVE•added 2022/01/11 9:15 p.m.•187 views

CVE-2022-21857

Active Directory Domain Services Elevation of Privilege Vulnerability

9CVSS9.1AI score0.02533EPSS

CVE•added 2022/04/15 7:15 p.m.•184 views

CVE-2022-24492

Remote Procedure Call Runtime Remote Code Execution Vulnerability

9.3CVSS9.4AI score0.02482EPSS

Total number of security vulnerabilities436