CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows Rt 8.1 : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-30209 2022-07-12 2022-07-20
5.8
None Remote Medium Not required Partial Partial None
Windows IIS Server Elevation of Privilege Vulnerability.
2 CVE-2022-30152 400 DoS 2022-06-15 2022-06-25
5.0
None Remote Low Not required None None Partial
Windows Network Address Translation (NAT) Denial of Service Vulnerability.
3 CVE-2022-30149 Exec Code 2022-06-15 2022-06-27
5.1
None Remote High Not required Partial Partial Partial
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30153, CVE-2022-30161.
4 CVE-2022-30146 Exec Code 2022-06-15 2022-06-27
5.1
None Remote High Not required Partial Partial Partial
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.
5 CVE-2022-30143 Exec Code 2022-06-15 2022-06-27
5.1
None Remote High Not required Partial Partial Partial
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.
6 CVE-2022-30140 Exec Code 2022-06-15 2022-09-22
5.1
None Remote High Not required Partial Partial Partial
Windows iSCSI Discovery Service Remote Code Execution Vulnerability.
7 CVE-2022-26918 Exec Code 2022-04-15 2022-04-25
5.1
None Remote High Not required Partial Partial Partial
Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26916, CVE-2022-26917.
8 CVE-2022-26917 Exec Code 2022-04-15 2022-04-25
5.1
None Remote High Not required Partial Partial Partial
Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26916, CVE-2022-26918.
9 CVE-2022-26916 Exec Code 2022-04-15 2022-04-25
5.1
None Remote High Not required Partial Partial Partial
Windows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26917, CVE-2022-26918.
10 CVE-2022-26915 DoS 2022-04-15 2022-04-25
5.0
None Remote Low Not required None None Partial
Windows Secure Channel Denial of Service Vulnerability.
11 CVE-2022-26831 DoS 2022-04-15 2022-04-26
5.0
None Remote Low Not required None None Partial
Windows LDAP Denial of Service Vulnerability.
12 CVE-2022-24534 Exec Code 2022-04-15 2022-04-25
5.1
None Remote High Not required Partial Partial Partial
Win32 Stream Enumeration Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21983.
13 CVE-2022-24503 668 2022-03-09 2022-05-23
5.0
None Remote Low Not required Partial None None
Remote Desktop Protocol Client Information Disclosure Vulnerability.
14 CVE-2022-24485 Exec Code 2022-04-15 2022-04-22
5.1
None Remote High Not required Partial Partial Partial
Win32 File Enumeration Remote Code Execution Vulnerability.
15 CVE-2022-22025 DoS 2022-07-12 2022-07-16
5.0
None Remote Low Not required None None Partial
Windows Internet Information Services Cachuri Module Denial of Service Vulnerability.
16 CVE-2022-22024 Exec Code 2022-07-12 2022-07-16
5.1
None Remote High Not required Partial Partial Partial
Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22027.
17 CVE-2022-21983 Exec Code 2022-04-15 2022-04-21
5.1
None Remote High Not required Partial Partial Partial
Win32 Stream Enumeration Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24534.
18 CVE-2022-21913 863 Bypass 2022-01-11 2022-05-23
5.0
None Remote Low Not required Partial None None
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass.
19 CVE-2022-21904 668 2022-01-11 2022-05-23
5.0
None Remote Low Not required Partial None None
Windows GDI Information Disclosure Vulnerability.
20 CVE-2021-43236 2021-12-15 2022-05-23
5.0
None Remote Low Not required Partial None None
Microsoft Message Queuing Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43222.
21 CVE-2021-43233 Exec Code 2021-12-15 2022-07-12
5.1
None Remote High Not required Partial Partial Partial
Remote Desktop Client Remote Code Execution Vulnerability
22 CVE-2021-43222 668 2021-12-15 2022-05-23
5.0
None Remote Low Not required Partial None None
Microsoft Message Queuing Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43236.
23 CVE-2021-36960 2021-09-15 2021-09-24
5.0
None Remote Low Not required Partial None None
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972.
24 CVE-2021-36953 DoS 2021-10-13 2022-05-23
5.0
None Remote Low Not required None None Partial
Windows TCP/IP Denial of Service Vulnerability
25 CVE-2021-36933 2021-08-12 2021-08-20
5.0
None Remote Low Not required Partial None None
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26433, CVE-2021-36926, CVE-2021-36932.
26 CVE-2021-36932 2021-08-12 2021-08-20
5.0
None Remote Low Not required Partial None None
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26433, CVE-2021-36926, CVE-2021-36933.
27 CVE-2021-36926 2021-08-12 2021-08-20
5.0
None Remote Low Not required Partial None None
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26433, CVE-2021-36932, CVE-2021-36933.
28 CVE-2021-34537 269 2021-08-12 2021-08-20
5.2
None Local Network Low ??? Partial Partial Partial
Windows Bluetooth Driver Elevation of Privilege Vulnerability
29 CVE-2021-34492 2021-07-14 2021-07-19
5.8
None Remote Medium Not required Partial Partial None
Windows Certificate Spoofing Vulnerability
30 CVE-2021-31974 DoS 2021-06-08 2021-06-11
5.0
None Remote Low Not required None None Partial
Server for NFS Denial of Service Vulnerability
31 CVE-2021-31968 DoS 2021-06-08 2021-06-11
5.0
None Remote Low Not required None None Partial
Windows Remote Desktop Services Denial of Service Vulnerability
32 CVE-2021-31183 DoS 2021-07-14 2021-07-16
5.0
None Remote Low Not required None None Partial
Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-33772, CVE-2021-34490.
33 CVE-2021-28439 DoS 2021-04-13 2021-04-20
5.0
None Remote Low Not required None None Partial
Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-28319.
34 CVE-2021-26433 2021-08-12 2021-08-18
5.0
None Remote Low Not required Partial None None
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36926, CVE-2021-36932, CVE-2021-36933.
35 CVE-2021-24086 DoS 2021-02-25 2022-05-27
5.0
None Remote Low Not required None None Partial
Windows TCP/IP Denial of Service Vulnerability
36 CVE-2021-1734 200 +Info 2021-02-25 2021-03-03
5.0
None Remote Low Not required Partial None None
Windows Remote Procedure Call Information Disclosure Vulnerability
37 CVE-2021-1678 Bypass 2021-01-12 2021-01-20
5.0
None Remote Low Not required Partial None None
NTLM Security Feature Bypass Vulnerability
38 CVE-2020-16949 401 DoS 2020-10-16 2020-10-21
5.0
None Remote Low Not required None None Partial
A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Denial of Service Vulnerability'.
39 CVE-2020-16896 200 +Info 2020-10-16 2021-07-21
5.0
None Remote Low Not required Partial None None
An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability'.
40 CVE-2020-1374 119 Exec Code Overflow 2020-07-14 2021-07-21
5.1
None Remote High Not required Partial Partial Partial
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
41 CVE-2020-1031 2020-09-11 2020-09-16
5.0
None Remote Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory.To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server, aka 'Windows DHCP Server Information Disclosure Vulnerability'.
42 CVE-2020-0660 20 DoS 2020-02-11 2021-07-21
5.0
None Remote Low Not required None None Partial
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
43 CVE-2020-0645 20 2020-03-12 2021-07-21
5.0
None Remote Low Not required None Partial None
A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.
44 CVE-2020-0611 20 Exec Code 2020-01-14 2021-07-21
5.1
None Remote High Not required Partial Partial Partial
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
45 CVE-2019-1453 DoS 2019-12-10 2020-08-24
5.0
None Remote Low Not required None None Partial
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
46 CVE-2019-1187 611 DoS 2019-08-14 2019-08-21
5.0
None Remote Low Not required None None Partial
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input, aka 'XmlLite Runtime Denial of Service Vulnerability'.
47 CVE-2019-1006 295 Bypass 2019-07-15 2020-08-24
5.0
None Remote Low Not required None Partial None
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
48 CVE-2019-0941 19 DoS 2019-06-12 2019-06-12
5.0
None Remote Low Not required None None Partial
A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests, aka 'Microsoft IIS Server Denial of Service Vulnerability'.
49 CVE-2019-0718 20 DoS 2019-08-14 2019-08-20
5.5
None Local Network Low ??? None None Complete
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0714, CVE-2019-0715, CVE-2019-0717, CVE-2019-0723.
50 CVE-2019-0713 20 DoS 2019-06-12 2019-06-12
5.5
None Local Network Low ??? None None Complete
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0710, CVE-2019-0711.
Total number of vulnerabilities : 75   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.