CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   

Microsoft » Windows 7 : Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-30223 668 2022-07-12 2023-05-17
2.7
None Local Network Low ??? Partial None None
Windows Hyper-V Information Disclosure Vulnerability
2 CVE-2022-30213 2022-07-12 2023-05-17
2.1
None Local Low Not required Partial None None
Windows GDI+ Information Disclosure Vulnerability
3 CVE-2022-23297 2022-03-09 2022-05-23
2.1
None Local Low Not required Partial None None
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability.
4 CVE-2022-23281 2022-03-09 2022-05-23
2.1
None Local Low Not required Partial None None
Windows Common Log File System Driver Information Disclosure Vulnerability.
5 CVE-2022-22011 668 2022-05-10 2022-05-18
2.1
None Local Low Not required Partial None None
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-26934, CVE-2022-29112.
6 CVE-2022-21985 668 2022-02-09 2022-05-23
2.1
None Local Low Not required Partial None None
Windows Remote Access Connection Manager Information Disclosure Vulnerability.
7 CVE-2022-21973 DoS 2022-03-09 2022-03-14
2.1
None Local Low Not required None None Partial
Windows Media Center Update Denial of Service Vulnerability.
8 CVE-2021-43224 668 2021-12-15 2022-05-23
2.1
None Local Low Not required Partial None None
Windows Common Log File System Driver Information Disclosure Vulnerability
9 CVE-2021-41371 2021-11-10 2021-11-10
2.1
None Local Low Not required Partial None None
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38631.
10 CVE-2021-41343 2021-10-13 2021-10-19
2.1
None Local Low Not required Partial None None
Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662.
11 CVE-2021-40455 2021-10-13 2022-05-23
2.1
None Local Low Not required None Partial None
Windows Installer Spoofing Vulnerability
12 CVE-2021-38663 2021-10-13 2022-05-23
2.1
None Local Low Not required Partial None None
Windows exFAT File System Information Disclosure Vulnerability
13 CVE-2021-38636 2021-09-15 2021-09-26
2.1
None Local Low Not required Partial None None
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38635.
14 CVE-2021-38635 2021-09-15 2021-09-28
2.1
None Local Low Not required Partial None None
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38636.
15 CVE-2021-38631 2021-11-10 2021-11-12
2.1
None Local Low Not required Partial None None
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41371.
16 CVE-2021-36969 2021-09-15 2021-09-25
2.1
None Local Low Not required Partial None None
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38635, CVE-2021-38636.
17 CVE-2021-34496 2021-07-14 2021-07-19
2.1
None Local Low Not required Partial None None
Windows GDI Information Disclosure Vulnerability
18 CVE-2021-34457 2021-07-16 2021-07-22
2.1
None Local Low Not required Partial None None
Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34454.
19 CVE-2021-34440 2021-07-16 2021-07-22
2.1
None Local Low Not required Partial None None
GDI+ Information Disclosure Vulnerability
20 CVE-2021-33765 2021-07-14 2021-07-16
2.1
None Local Low Not required None Partial None
Windows Installer Spoofing Vulnerability
21 CVE-2021-31188 416 2021-05-11 2022-05-03
2.1
None Local Low Not required Partial None None
Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31170.
22 CVE-2021-31184 200 +Info 2021-05-11 2021-05-17
2.1
None Local Low Not required Partial None None
Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability
23 CVE-2021-28447 Bypass 2021-04-13 2021-09-14
2.1
None Local Low Not required None Partial None
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-27094.
24 CVE-2021-28446 2021-04-13 2021-04-20
2.1
None Local Low Not required Partial None None
Windows Portmapping Information Disclosure Vulnerability
25 CVE-2021-28443 DoS 2021-04-13 2021-04-20
2.1
None Local Low Not required None None Partial
Windows Console Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-28438.
26 CVE-2021-28437 2021-04-13 2021-04-19
2.1
None Local Low Not required Partial None None
Windows Installer Information Disclosure Vulnerability
27 CVE-2021-28318 200 +Info 2021-04-13 2021-04-15
2.1
None Local Low Not required Partial None None
Windows GDI+ Information Disclosure Vulnerability
28 CVE-2021-28317 200 +Info 2021-04-13 2021-04-15
2.1
None Local Low Not required Partial None None
Microsoft Windows Codecs Library Information Disclosure Vulnerability
29 CVE-2021-28316 Bypass 2021-04-13 2021-04-15
2.1
None Local Low Not required Partial None None
Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
30 CVE-2021-28309 200 +Info 2021-04-13 2021-04-15
2.1
None Local Low Not required Partial None None
Windows Kernel Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-27093.
31 CVE-2021-27093 200 +Info 2021-04-13 2021-04-16
2.1
None Local Low Not required Partial None None
Windows Kernel Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28309.
32 CVE-2021-26869 200 +Info 2021-03-11 2021-03-15
2.1
None Local Low Not required Partial None None
Windows ActiveX Installer Service Information Disclosure Vulnerability
33 CVE-2021-26413 2021-04-13 2021-04-20
2.1
None Local Low Not required None Partial None
Windows Installer Spoofing Vulnerability
34 CVE-2021-24107 2021-03-11 2021-03-17
2.1
None Local Low Not required Partial None None
Windows Event Tracing Information Disclosure Vulnerability
35 CVE-2021-1699 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows (modem.sys) Information Disclosure Vulnerability
36 CVE-2021-1676 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
37 CVE-2021-1656 2021-01-12 2021-01-19
2.1
None Local Low Not required Partial None None
TPM Device Driver Information Disclosure Vulnerability
38 CVE-2020-24588 327 2021-05-11 2023-04-01
2.9
None Local Network Medium Not required None Partial None
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
39 CVE-2020-17098 2020-12-10 2021-03-03
2.1
None Local Low Not required Partial None None
Windows GDI+ Information Disclosure Vulnerability
40 CVE-2020-17069 2020-11-11 2020-11-16
2.1
None Local Low Not required Partial None None
Windows NDIS Information Disclosure Vulnerability
41 CVE-2020-17004 2020-11-11 2020-11-18
2.1
None Local Low Not required Partial None None
Windows Graphics Component Information Disclosure Vulnerability
42 CVE-2020-17000 2020-11-11 2020-11-18
2.1
None Local Low Not required Partial None None
Remote Desktop Protocol Client Information Disclosure Vulnerability
43 CVE-2020-16922 347 2020-10-16 2020-10-20
2.1
None Local Low Not required None Partial None
A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows Spoofing Vulnerability'.
44 CVE-2020-16914 200 +Info 2020-10-16 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'.
45 CVE-2020-16897 2020-10-16 2020-10-22
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory, aka 'NetBT Information Disclosure Vulnerability'.
46 CVE-2020-16889 200 +Info 2020-10-16 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory, aka 'Windows KernelStream Information Disclosure Vulnerability'.
47 CVE-2020-1599 2020-11-11 2020-11-24
2.1
None Local Low Not required None Partial None
Windows Spoofing Vulnerability
48 CVE-2020-1596 327 2020-09-11 2020-09-21
2.9
None Local Network Medium Not required Partial None None
A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka 'TLS Information Disclosure Vulnerability'.
49 CVE-2020-1589 200 +Info 2020-09-11 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1033, CVE-2020-1592, CVE-2020-16854.
50 CVE-2020-1485 200 +Info 2020-08-17 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory, aka 'Windows Image Acquisition Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1474.
Total number of vulnerabilities : 247   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.