The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2012-1893 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate callback parameters during creation of a hook procedure, which allows local users to gain privileges via a crafted application, aka Win32k Incorrect Type Handling Vulnerability. | High | Jul 11, 2012 |
| CVE-2011-1985 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka Win32k Null Pointer De-reference Vulnerability.Per: http://cwe.mitre.org/data/definitions/476.html \'CWE-476: NULL Pointer Dereference\' | High | Oct 20, 2011 |
| CVE-2012-0180 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode for (1) windows and (2) messages, which allows local users to gain privileges via a crafted application, aka Windows and Messages Vulnerability. | High | May 9, 2012 |
| CVE-2012-1848 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka Scrollbar Calculation Vulnerability. | High | May 9, 2012 |
| CVE-2012-0181 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard Layout files, which allows local users to gain privileges via a crafted application, aka Keyboard Layout File Vulnerability. | High | May 9, 2012 |
| CVE-2011-1873 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers during the parsing of OpenType (aka OTF) fonts, which allows remote attackers to execute arbitrary code via a crafted font file, aka Win32k OTF Validation Vulnerability. | High | Jun 17, 2011 |
| CVE-2011-0673 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka Win32k Null Pointer De-reference Vulnerability.Per: http://cwe.mitre.org/data/definitions/476.html \'CWE-476: NULL Pointer Dereference\' | High | Apr 14, 2011 |
| CVE-2011-1886 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 does not properly validate the arguments to functions, which allows local users to read arbitrary data from kernel memory via a crafted application that triggers a NULL pointer dereference, aka Win32k Incorrect Parameter Validation Allows Information Disclosure Vulnerability.Per: http://cwe.mitre.org/data/definitions/476.html \'CWE-476: NULL Pointer Dereference\' | Low | Jul 14, 2011 |
| CVE-2013-1291 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 Gold and SP1, and Windows 8 allows local users to cause a denial of service (reboot) via a crafted OpenType font, aka OpenType Font Parsing Vulnerability or Win32k Font Parsing Vulnerability.Per: http://technet.microsoft.com/en-us/security/bulletin/ms13-036 How could an attacker exploit the vulnerability? There are multiple means that could allow an attacker to exploit this vulnerability. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker\'s website, or by opening an attachment sent through email. In a file sharing attack scenario, an attacker could provide a specially crafted document that is designed to exploit this vulnerability, and then convince a user to open the document. In a local attack scenario, an attacker could also exploit this vulnerability by running a specially crafted application. However, the attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability in this scenario. | High | Apr 10, 2013 |
| CVE-2013-4695 | Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution | MEDIUM | Jan 4, 2020 |
| CVE-2014-3442 | Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s. | Medium | May 27, 2014 |
| CVE-2017-10725 | Winamp 5.666 Build 3516(x86) allows attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to Data from Faulting Address controls Code Flow starting at in_flv!winampGetInModule2+0x00000000000009a8. | Medium | Jul 7, 2017 |
| CVE-2017-10727 | Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to Data from Faulting Address controls Branch Selection starting at in_mp3!DeleteAudioDecoder+0x000000000000762f. | MEDIUM | Jul 5, 2017 |
| CVE-2017-10726 | Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to Data from Faulting Address may be used as a return value starting at f263!GetWinamp5SystemComponent+0x0000000000001951. | MEDIUM | Jul 5, 2017 |
| CVE-2017-10728 | Winamp 5.666 Build 3516(x86) might allow attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to Error Code (0xe06d7363) starting at wow64!Wow64NotifyDebugger+0x000000000000001d. | MEDIUM | Jul 5, 2017 |
| CVE-2017-16951 | Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial of service via a crafted WAV, WMV, AU, ASF, AIFF, or AIF file. | MEDIUM | Nov 28, 2017 |
| CVE-2019-12265 | Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report. | MEDIUM | Aug 19, 2019 |
| CVE-2019-12257 | Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc. | MEDIUM | Aug 11, 2019 |
| CVE-2019-12258 | Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options. | MEDIUM | Aug 11, 2019 |
| CVE-2019-12262 | Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw). | HIGH | Aug 29, 2019 |
| CVE-2019-12259 | Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. | MEDIUM | Aug 11, 2019 |
| CVE-2019-12264 | Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. | MEDIUM | Aug 16, 2019 |
| CVE-2019-12261 | Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. | HIGH | Aug 19, 2019 |
| CVE-2019-12256 | Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options. | HIGH | Aug 11, 2019 |
| CVE-2019-12260 | Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. | HIGH | Aug 19, 2019 |
| CVE-2019-12263 | Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. | MEDIUM | Aug 19, 2019 |
| CVE-2015-3963 | Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value. | LOW | Aug 5, 2015 |
| CVE-2019-12255 | Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. | HIGH | Aug 11, 2019 |
| CVE-2017-16220 | wind-mvc is an mvc framework. wind-mvc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing ../ in the url. | MEDIUM | Jun 6, 2018 |
| CVE-2017-7894 | WinDjView 2.1 might allow user-assisted attackers to execute code via a crafted .djvu file, because of a User Mode Write AV near NULL in WinDjView.exe. One threat model is a victim who obtains an untrusted .djvu file from a remote location and issues several zoom in (e.g., Ctrl + Plus) commands. | MEDIUM | Jul 5, 2017 |
| CVE-2023-28223 | Windows Domain Name Service Remote Code Execution Vulnerability | -- | Apr 11, 2023 |
| CVE-2021-1699 | Windows (modem.sys) Information Disclosure Vulnerability | LOW | Jan 12, 2021 |
| CVE-2017-8584 | Windows 10 1607 and Windows Server 2016 allow an attacker to execute code remotely via a specially crafted WiFi packet aka HoloLens Remote Code Execution Vulnerability. | HIGH | Jul 11, 2017 |
| CVE-2018-12368 | Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the Mark of the Web. Without the warning, unsuspecting users unfamiliar with this new file type might run an unwanted executable. This also allows a WebExtension with the limited downloads.open permission to execute arbitrary code without user interaction on Windows 10 systems. *Note: this issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. | HIGH | Oct 18, 2018 |
| CVE-2021-43211 | Windows 10 Update Assistant Elevation of Privilege Vulnerability | MEDIUM | Nov 24, 2021 |
| CVE-2021-42297 | Windows 10 Update Assistant Elevation of Privilege Vulnerability | MEDIUM | Nov 24, 2021 |
| CVE-2021-36945 | Windows 10 Update Assistant Elevation of Privilege Vulnerability | MEDIUM | Aug 12, 2021 |
| CVE-2021-27070 | Windows 10 Update Assistant Elevation of Privilege Vulnerability | HIGH | Mar 11, 2021 |
| CVE-2018-0828 | Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka Windows Elevation of Privilege Vulnerability. | MEDIUM | Feb 15, 2018 |
| CVE-2018-1276 | Windows 2012R2 stemcells, versions prior to 1200.17, contain an information exposure vulnerability on vSphere. A remote user with the ability to push apps can execute crafted commands to read the IaaS metadata from the VM, which may contain BOSH credentials. | MEDIUM | May 17, 2018 |
| CVE-2022-28766 | Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of the Zoom client. | -- | Nov 18, 2022 |
| CVE-2023-34367 | Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in Windows 7 (any Windows until Windows 8) and in any implementation of TCP/IP, which is vulnerable to the Idle scan attack (including many IoT devices). NOTE: The vendor considers this a low severity issue. | -- | Jun 14, 2023 |
| CVE-2017-11885 | Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a remote code execution vulnerability due to the way the Routing and Remote Access service handles requests, aka Windows RRAS Service Remote Code Execution Vulnerability. | HIGH | Dec 12, 2017 |
| CVE-2018-0842 | Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an elevation of privilege vulnerability due to how objects in memory are handled, aka Windows Kernel Elevation of Privilege Vulnerability. | MEDIUM | Feb 15, 2018 |
| CVE-2017-11927 | Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an information vulnerability due to the way the Windows its:// protocol handler determines the zone of a request, aka Microsoft Windows Information Disclosure Vulnerability. | MEDIUM | Dec 12, 2017 |
| CVE-2018-0753 | Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a denial of service vulnerability due to the way objects are handled in memory, aka Windows IPSec Denial of Service Vulnerability. | HIGH | Jan 4, 2018 |
| CVE-2022-21859 | Windows Accounts Control Elevation of Privilege Vulnerability | MEDIUM | Jan 14, 2022 |
| CVE-2023-23412 | Windows Accounts Picture Elevation of Privilege Vulnerability | -- | Mar 14, 2023 |
| CVE-2023-35351 | Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | -- | Jul 11, 2023 |
| CVE-2023-35350 | Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability | -- | Jul 11, 2023 |
