Microsoft Edge (Chromium-based) Spoofing Vulnerability
Source: Microsoft Corporation
Max CVSS
2.5
EPSS Score
0.06%
Published
2024-01-26
Updated
2024-06-11
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Source: Microsoft Corporation
Max CVSS
2.6
EPSS Score
0.22%
Published
2022-01-11
Updated
2023-12-21
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow elevation of privilege, due to how Internet Explorer handles zone and integrity settings, aka "Internet Explorer Elevation of Privilege Vulnerability".
Source: Microsoft Corporation
Max CVSS
2.6
EPSS Score
0.21%
Published
2018-03-14
Updated
2019-10-03
Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to log on to an affected system and run a specially crafted application due to improper handling of objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability".
Source: Microsoft Corporation
Max CVSS
2.5
EPSS Score
0.07%
Published
2017-11-15
Updated
2022-05-23
Windows Media Player in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows remote attackers to test for the presence of files on disk via a specially crafted application. due to the way Windows Media Player discloses file information, aka "Windows Media Player Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.5
EPSS Score
0.18%
Published
2017-11-15
Updated
2022-05-23
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to obtain sensitive information from host OS memory via a crafted application, aka "Hyper-V Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.6
EPSS Score
0.08%
Published
2017-03-17
Updated
2017-07-17

CVE-2016-3321

Public exploit
Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Internet Explorer Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.5
EPSS Score
0.08%
Published
2016-08-09
Updated
2018-10-12
Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.6
EPSS Score
0.98%
Published
2016-09-14
Updated
2018-10-12
The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles page-fault system calls, which allows local users to obtain sensitive information from an arbitrary process via a crafted application, aka "Windows Kernel Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.8
EPSS Score
0.10%
Published
2016-07-13
Updated
2018-10-12
The GDI component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to obtain sensitive kernel-address information via a crafted application, aka "Win32k Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.8
EPSS Score
83.59%
Published
2016-07-13
Updated
2018-10-12
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesystem permissions by leveraging Low Integrity access, aka "Windows Kernel Security Feature Bypass Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-11-11
Updated
2019-05-16
The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.06%
Published
2015-11-11
Updated
2019-05-15
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
73.27%
Published
2015-11-11
Updated
2019-05-16
The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.05%
Published
2015-09-09
Updated
2019-05-14
The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "WebDAV Client Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.6
EPSS Score
0.63%
Published
2015-08-15
Updated
2019-05-17
The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows Shell Security Feature Bypass Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-08-15
Updated
2019-05-17
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows KMD Security Feature Bypass Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.06%
Published
2015-08-15
Updated
2019-05-14

CVE-2015-2433

Public exploit
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.06%
Published
2015-08-15
Updated
2019-05-15
Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels during interaction with object symbolic links that originated in a sandboxed process, which allows local users to gain privileges via a crafted application, aka "Windows Object Manager Elevation of Privilege Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-08-15
Updated
2019-05-15
win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2381.
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.05%
Published
2015-07-14
Updated
2019-05-08
win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2382.
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.05%
Published
2015-07-14
Updated
2019-05-08
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from uninitialized kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.05%
Published
2015-07-14
Updated
2019-05-08
The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to obtain sensitive information from kernel memory via a crafted application, aka "Microsoft Windows Kernel Information Disclosure Vulnerability."
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.06%
Published
2015-06-10
Updated
2019-05-14
The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1678, and CVE-2015-1679.
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.06%
Published
2015-05-13
Updated
2019-05-15
The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1678, and CVE-2015-1680.
Source: Microsoft Corporation
Max CVSS
2.1
EPSS Score
0.06%
Published
2015-05-13
Updated
2019-05-13
168 vulnerabilities found
1 2 3 4 5 6 7
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!