Windows@* Security Vulnerabilities and Issues — Windows@* CVE List

Lucene search

MicrosoftWindows*

68 matches found

CVE•added 2011/01/25 1:0 a.m.•179 views

CVE-2011-0638

Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that ...

6.9CVSS7.3AI score0.01284EPSS

CVE•added 2015/05/13 10:59 a.m.•99 views

CVE-2015-3052

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE...

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•96 views

CVE-2014-9160

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code via unknown vectors.

10CVSS7.5AI score0.45307EPSS

CVE•added 2007/04/18 6:19 p.m.•87 views

CVE-2007-2108

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 on Windows allows remote attackers to have an unknown impact, aka DB01. NOTE: as of 20070424, Oracle has not disputed reliable claims that this issue occurs because the NTLM SSPI Accept...

6.8CVSS6.4AI score0.32856EPSS

CVE•added 2015/10/21 9:59 p.m.•86 views

CVE-2015-4796

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-4888.

9CVSS8AI score0.1269EPSS

CVE•added 2015/10/21 6:59 p.m.•76 views

CVE-2015-4716

Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or execute arbitrary code via unspecified vectors.

10CVSS7.5AI score0.2332EPSS

CVE•added 2015/05/13 11:0 a.m.•75 views

CVE-2015-3072

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE...

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 10:59 a.m.•72 views

CVE-2015-3048

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unknown vectors.

10CVSS7.7AI score0.11897EPSS

CVE•added 2015/05/13 11:0 a.m.•72 views

CVE-2015-3073

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•71 views

CVE-2015-3066

10CVSS6.4AI score0.31105EPSS

CVE•added 2009/11/05 4:30 p.m.•69 views

CVE-2009-3864

The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which allows remote attackers to leverage vulnerabiliti...

7.5CVSS6.3AI score0.08556EPSS

CVE•added 2015/05/13 10:59 a.m.•68 views

CVE-2015-3055

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3059, and CVE-2015-3075.

7.5CVSS7.4AI score0.06245EPSS

CVE•added 2015/05/13 11:0 a.m.•68 views

CVE-2015-3074

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 10:59 a.m.•66 views

CVE-2015-3047

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors.

5CVSS6.3AI score0.03993EPSS

CVE•added 2015/05/13 10:59 a.m.•66 views

CVE-2015-3051

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•64 views

CVE-2015-3050

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•64 views

CVE-2015-3062

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•64 views

CVE-2015-3070

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•63 views

CVE-2015-3061

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE...

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 10:59 a.m.•63 views

CVE-2015-3064

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•63 views

CVE-2015-3071

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 10:59 a.m.•62 views

CVE-2015-3053

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3054, CVE-2015-3055, CVE-2015-3059, and CVE-2015-3075.

10CVSS7.4AI score0.06245EPSS

CVE•added 2015/05/13 11:0 a.m.•62 views

CVE-2015-3068

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•62 views

CVE-2015-3069

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•62 views

CVE-2015-3075

10CVSS7.4AI score0.06245EPSS

CVE•added 2014/12/10 9:59 p.m.•61 views

CVE-2014-8446

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE...

10CVSS7.6AI score0.27545EPSS

CVE•added 2014/12/10 9:59 p.m.•61 views

CVE-2014-9158

10CVSS7.6AI score0.27545EPSS

CVE•added 2015/05/13 10:59 a.m.•61 views

CVE-2015-3058

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors.

5CVSS5.9AI score0.05648EPSS

CVE•added 2015/05/13 10:59 a.m.•60 views

CVE-2015-3046

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 11:0 a.m.•60 views

CVE-2015-3065

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•60 views

CVE-2015-3067

10CVSS6.4AI score0.31105EPSS

CVE•added 2024/12/18 11:15 p.m.•60 views

CVE-2022-40733

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot....

5CVSS5.2AI score0.00147EPSS

CVE•added 2010/08/27 7:0 p.m.•59 views

CVE-2010-3139

Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp file.

9.3CVSS7.6AI score0.17052EPSS

CVE•added 2014/12/10 9:59 p.m.•59 views

CVE-2014-8445

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE...

10CVSS7.6AI score0.27545EPSS

CVE•added 2014/12/10 9:59 p.m.•59 views

CVE-2014-8448

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8451.

5CVSS5.8AI score0.24239EPSS

CVE•added 2015/05/13 10:59 a.m.•59 views

CVE-2015-3049

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•59 views

CVE-2015-3056

10CVSS7.6AI score0.10445EPSS

CVE•added 2015/05/13 10:59 a.m.•59 views

CVE-2015-3063

10CVSS6.4AI score0.31105EPSS

CVE•added 2015/05/13 11:0 a.m.•59 views

CVE-2015-3076

10CVSS7.6AI score0.10445EPSS

CVE•added 2014/12/10 9:59 p.m.•58 views

CVE-2014-8451

5CVSS5.8AI score0.24239EPSS

CVE•added 2014/12/10 9:59 p.m.•57 views

CVE-2014-8452

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

5CVSS6.5AI score0.10317EPSS

CVE•added 2015/05/13 10:59 a.m.•57 views

CVE-2015-3059

10CVSS7.4AI score0.06245EPSS

CVE•added 2010/10/08 10:0 p.m.•56 views

CVE-2010-3888

Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Kaspersky Lab researchers and other researchers.

7.2CVSS6.4AI score0.0136EPSS

CVE•added 2014/12/10 9:59 p.m.•56 views

CVE-2014-8456

10CVSS7.6AI score0.27545EPSS

CVE•added 2015/05/13 10:59 a.m.•56 views

CVE-2015-3054

10CVSS7.4AI score0.06245EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-9159

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-8460.

10CVSS7.9AI score0.36278EPSS

CVE•added 2015/05/13 10:59 a.m.•55 views

CVE-2015-3057

10CVSS7.6AI score0.10445EPSS

CVE•added 2010/10/08 10:0 p.m.•54 views

CVE-2010-3889

7.2CVSS6.5AI score0.00623EPSS

CVE•added 2024/12/18 11:15 p.m.•53 views

CVE-2022-40732

5CVSS5.2AI score0.0014EPSS

CVE•added 2014/12/10 9:59 p.m.•52 views

CVE-2014-8453

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

5CVSS6.6AI score0.10853EPSS

Total number of security vulnerabilities68