Microsoft » Windows 8.1 : Security Vulnerabilities, CVEs,
CVE-2015-6127
Public exploit
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability."
Max CVSS
4.3
EPSS Score
85.69%
Published
2015-12-09
Updated
2019-05-15
CVE-2015-2433
Public exploit
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."
Max CVSS
2.1
EPSS Score
0.06%
Published
2015-08-15
Updated
2019-05-15
Windows Kernel Elevation of Privilege Vulnerability
Max CVSS
3.3
EPSS Score
0.06%
Published
2022-10-11
Updated
2023-12-20
Windows Event Logging Service Denial of Service Vulnerability
Max CVSS
4.3
EPSS Score
0.12%
Published
2022-10-11
Updated
2023-12-20
BitLocker Security Feature Bypass Vulnerability
Max CVSS
4.2
EPSS Score
0.05%
Published
2022-05-10
Updated
2023-12-21
Media Foundation Information Disclosure Vulnerability
Max CVSS
4.3
EPSS Score
0.09%
Published
2022-03-09
Updated
2023-06-29
Windows Hyper-V Denial of Service Vulnerability
Max CVSS
4.7
EPSS Score
0.04%
Published
2022-03-09
Updated
2023-06-29
Windows Hyper-V Security Feature Bypass Vulnerability
Max CVSS
4.6
EPSS Score
0.04%
Published
2022-01-11
Updated
2023-12-21
Secure Boot Security Feature Bypass Vulnerability
Max CVSS
4.9
EPSS Score
0.11%
Published
2022-01-11
Updated
2023-12-21
Windows Kernel Information Disclosure Vulnerability
Max CVSS
4.7
EPSS Score
0.04%
Published
2022-07-12
Updated
2023-05-18
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Max CVSS
4.4
EPSS Score
0.04%
Published
2021-11-10
Updated
2023-12-28
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Max CVSS
4.4
EPSS Score
0.04%
Published
2021-11-10
Updated
2023-12-28
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
Max CVSS
4.4
EPSS Score
0.05%
Published
2021-04-13
Updated
2023-12-29
Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
Max CVSS
4.6
EPSS Score
0.07%
Published
2021-04-13
Updated
2023-12-29
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
Max CVSS
4.4
EPSS Score
0.05%
Published
2021-04-13
Updated
2023-12-29
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
Max CVSS
3.5
EPSS Score
0.21%
Published
2021-05-11
Updated
2023-04-01
This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service Denial of Service Vulnerability'.
Max CVSS
4.9
EPSS Score
0.15%
Published
2020-07-14
Updated
2021-07-21
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'.
Max CVSS
4.3
EPSS Score
1.57%
Published
2020-03-12
Updated
2021-07-21
A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers, aka 'Microsoft Defender Security Feature Bypass Vulnerability'.
Max CVSS
3.3
EPSS Score
0.04%
Published
2019-12-10
Updated
2020-08-24
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.
Max CVSS
3.3
EPSS Score
0.09%
Published
2019-11-12
Updated
2019-11-14
An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session, aka 'Windows Information Disclosure Vulnerability'.
Max CVSS
4.3
EPSS Score
0.59%
Published
2019-08-14
Updated
2019-08-21
An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838.
Max CVSS
4.4
EPSS Score
0.04%
Published
2019-04-09
Updated
2020-08-24
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782.
Max CVSS
4.7
EPSS Score
0.04%
Published
2019-04-09
Updated
2020-08-24
An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600.
Max CVSS
4.7
EPSS Score
0.12%
Published
2019-03-05
Updated
2020-08-24
An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0601.
Max CVSS
4.7
EPSS Score
0.12%
Published
2019-03-05
Updated
2020-08-24