CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   

Microsoft » Windows 7 : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-30221 Exec Code 2022-07-12 2022-07-20
5.1
None Remote High Not required Partial Partial Partial
Windows Graphics Component Remote Code Execution Vulnerability.
2 CVE-2022-30209 2022-07-12 2022-07-20
5.8
None Remote Medium Not required Partial Partial None
Windows IIS Server Elevation of Privilege Vulnerability.
3 CVE-2022-30152 400 DoS 2022-06-15 2022-06-25
5.0
None Remote Low Not required None None Partial
Windows Network Address Translation (NAT) Denial of Service Vulnerability.
4 CVE-2022-30149 Exec Code 2022-06-15 2022-06-27
5.1
None Remote High Not required Partial Partial Partial
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30153, CVE-2022-30161.
5 CVE-2022-30146 Exec Code 2022-06-15 2022-06-27
5.1
None Remote High Not required Partial Partial Partial
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.
6 CVE-2022-30143 Exec Code 2022-06-15 2022-06-27
5.1
None Remote High Not required Partial Partial Partial
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.
7 CVE-2022-30140 Exec Code 2022-06-15 2022-09-22
5.1
None Remote High Not required Partial Partial Partial
Windows iSCSI Discovery Service Remote Code Execution Vulnerability.
8 CVE-2022-26918 Exec Code 2022-04-15 2022-04-25
5.1
None Remote High Not required Partial Partial Partial
Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26916, CVE-2022-26917.
9 CVE-2022-26917 Exec Code 2022-04-15 2022-04-25
5.1
None Remote High Not required Partial Partial Partial
Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26916, CVE-2022-26918.
10 CVE-2022-26916 Exec Code 2022-04-15 2022-04-25
5.1
None Remote High Not required Partial Partial Partial
Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26917, CVE-2022-26918.
11 CVE-2022-26915 DoS 2022-04-15 2022-04-25
5.0
None Remote Low Not required None None Partial
Windows Secure Channel Denial of Service Vulnerability.
12 CVE-2022-26831 DoS 2022-04-15 2022-04-26
5.0
None Remote Low Not required None None Partial
Windows LDAP Denial of Service Vulnerability.
13 CVE-2022-24534 Exec Code 2022-04-15 2022-04-25
5.1
None Remote High Not required Partial Partial Partial
Win32 Stream Enumeration Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21983.
14 CVE-2022-24503 668 2022-03-09 2022-05-23
5.0
None Remote Low Not required Partial None None
Remote Desktop Protocol Client Information Disclosure Vulnerability.
15 CVE-2022-24485 Exec Code 2022-04-15 2022-04-22
5.1
None Remote High Not required Partial Partial Partial
Win32 File Enumeration Remote Code Execution Vulnerability.
16 CVE-2022-22025 DoS 2022-07-12 2022-07-16
5.0
None Remote Low Not required None None Partial
Windows Internet Information Services Cachuri Module Denial of Service Vulnerability.
17 CVE-2022-22024 Exec Code 2022-07-12 2022-07-16
5.1
None Remote High Not required Partial Partial Partial
Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027.
18 CVE-2022-21983 Exec Code 2022-04-15 2022-04-21
5.1
None Remote High Not required Partial Partial Partial
Win32 Stream Enumeration Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24534.
19 CVE-2022-21925 Bypass 2022-01-11 2022-01-21
5.4
None Remote High Not required Complete None None
Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability.
20 CVE-2022-21924 Bypass 2022-01-11 2022-05-23
5.4
None Remote High Not required Complete None None
Workstation Service Remote Protocol Security Feature Bypass Vulnerability.
21 CVE-2022-21913 863 Bypass 2022-01-11 2022-05-23
5.0
None Remote Low Not required Partial None None
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass.
22 CVE-2022-21904 668 2022-01-11 2022-05-23
5.0
None Remote Low Not required Partial None None
Windows GDI Information Disclosure Vulnerability.
23 CVE-2021-43236 2021-12-15 2022-05-23
5.0
None Remote Low Not required Partial None None
Microsoft Message Queuing Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43222.
24 CVE-2021-43233 Exec Code 2021-12-15 2022-07-12
5.1
None Remote High Not required Partial Partial Partial
Remote Desktop Client Remote Code Execution Vulnerability
25 CVE-2021-43222 668 2021-12-15 2022-05-23
5.0
None Remote Low Not required Partial None None
Microsoft Message Queuing Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43236.
26 CVE-2021-36960 2021-09-15 2021-09-24
5.0
None Remote Low Not required Partial None None
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972.
27 CVE-2021-36953 DoS 2021-10-13 2022-05-23
5.0
None Remote Low Not required None None Partial
Windows TCP/IP Denial of Service Vulnerability
28 CVE-2021-36932 2021-08-12 2021-08-20
5.0
None Remote Low Not required Partial None None
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26433, CVE-2021-36926, CVE-2021-36933.
29 CVE-2021-34537 269 2021-08-12 2021-08-20
5.2
None Local Network Low ??? Partial Partial Partial
Windows Bluetooth Driver Elevation of Privilege Vulnerability
30 CVE-2021-34492 2021-07-14 2021-07-19
5.8
None Remote Medium Not required Partial Partial None
Windows Certificate Spoofing Vulnerability
31 CVE-2021-34476 DoS 2021-07-14 2021-07-19
5.0
None Remote Low Not required None None Partial
Bowser.sys Denial of Service Vulnerability
32 CVE-2021-33788 DoS 2021-07-14 2021-07-19
5.0
None Remote Low Not required None None Partial
Windows LSA Denial of Service Vulnerability
33 CVE-2021-31968 DoS 2021-06-08 2021-06-11
5.0
None Remote Low Not required None None Partial
Windows Remote Desktop Services Denial of Service Vulnerability
34 CVE-2021-31183 DoS 2021-07-14 2021-07-16
5.0
None Remote Low Not required None None Partial
Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-33772, CVE-2021-34490.
35 CVE-2021-28439 DoS 2021-04-13 2021-04-20
5.0
None Remote Low Not required None None Partial
Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-28319.
36 CVE-2021-24086 DoS 2021-02-25 2022-05-27
5.0
None Remote Low Not required None None Partial
Windows TCP/IP Denial of Service Vulnerability
37 CVE-2021-1734 200 +Info 2021-02-25 2021-03-03
5.0
None Remote Low Not required Partial None None
Windows Remote Procedure Call Information Disclosure Vulnerability
38 CVE-2021-1678 Bypass 2021-01-12 2021-01-20
5.0
None Remote Low Not required Partial None None
NTLM Security Feature Bypass Vulnerability
39 CVE-2020-16949 401 DoS 2020-10-16 2020-10-21
5.0
None Remote Low Not required None None Partial
A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Denial of Service Vulnerability'.
40 CVE-2020-16896 200 +Info 2020-10-16 2021-07-21
5.0
None Remote Low Not required Partial None None
An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability'.
41 CVE-2020-1374 119 Exec Code Overflow 2020-07-14 2021-07-21
5.1
None Remote High Not required Partial Partial Partial
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
42 CVE-2020-1031 2020-09-11 2020-09-16
5.0
None Remote Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory.To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server, aka 'Windows DHCP Server Information Disclosure Vulnerability'.
43 CVE-2020-0909 20 DoS 2020-05-21 2021-07-21
5.0
None Remote Low Not required None None Partial
A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to properly handle these network packets., aka 'Windows Hyper-V Denial of Service Vulnerability'.
44 CVE-2020-0645 20 2020-03-12 2021-07-21
5.0
None Remote Low Not required None Partial None
A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.
45 CVE-2020-0611 20 Exec Code 2020-01-14 2021-07-21
5.1
None Remote High Not required Partial Partial Partial
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
46 CVE-2019-1453 DoS 2019-12-10 2020-08-24
5.0
None Remote Low Not required None None Partial
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
47 CVE-2019-1399 20 DoS 2019-11-12 2019-11-13
5.5
None Local Network Low ??? None None Complete
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712, CVE-2019-1309, CVE-2019-1310.
48 CVE-2019-1187 611 DoS 2019-08-14 2019-08-21
5.0
None Remote Low Not required None None Partial
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input, aka 'XmlLite Runtime Denial of Service Vulnerability'.
49 CVE-2019-1006 295 Bypass 2019-07-15 2020-08-24
5.0
None Remote Low Not required None Partial None
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
50 CVE-2019-0941 19 DoS 2019-06-12 2019-06-12
5.0
None Remote Low Not required None None Partial
A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests, aka 'Microsoft IIS Server Denial of Service Vulnerability'.
Total number of vulnerabilities : 83   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.