Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1292 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2020-09-28 | 6.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability." | |||||
| CVE-2013-1339 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2020-09-28 | 9.0 HIGH | N/A |
| The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly manage memory during deletion of printer connections, which allows remote authenticated users to execute arbitrary code via a crafted request, aka "Print Spooler Vulnerability." | |||||
| CVE-2013-1261 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2020-09-28 | 4.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016. | |||||
| CVE-2013-3200 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2020-09-28 | 7.2 HIGH | N/A |
| The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability." | |||||
| CVE-2013-3195 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2020-09-28 | 10.0 HIGH | N/A |
| The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted value in an argument to an ASP.NET web application, aka "Comctl32 Integer Overflow Vulnerability." | |||||
| CVE-2013-1340 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2020-09-28 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Dereference Vulnerability." | |||||
| CVE-2013-1345 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2020-09-28 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Vulnerability." | |||||
| CVE-2013-1347 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2020-09-28 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013. | |||||
| CVE-2013-1334 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2020-09-28 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Window Handle Vulnerability." | |||||
| CVE-2013-1250 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2020-09-28 | 4.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016. | |||||
| CVE-2013-1332 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2020-09-28 | 7.2 HIGH | N/A |
| dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability." | |||||
| CVE-2013-1253 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2020-09-28 | 4.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016. | |||||
| CVE-2013-1251 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2020-09-28 | 4.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016. | |||||
| CVE-2013-0001 | 1 Microsoft | 9 .net Framework, Windows 7, Windows 8 and 6 more | 2020-09-28 | 4.3 MEDIUM | N/A |
| The Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 4, and 4.5 does not properly initialize memory arrays, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages a pointer to an unmanaged memory location, aka "System Drawing Information Disclosure Vulnerability." | |||||
| CVE-2013-1293 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Vista | 2020-09-28 | 6.9 MEDIUM | N/A |
| The NTFS kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application that leverages improper handling of objects in memory, aka "NTFS NULL Pointer Dereference Vulnerability." | |||||
| CVE-2013-2556 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Vista | 2020-09-28 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 through SP1 allows attackers to bypass the ASLR protection mechanism via unknown vectors, as demonstrated against Adobe Flash Player by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "ASLR Security Feature Bypass Vulnerability." | |||||
| CVE-2013-1249 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2020-09-28 | 4.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016. | |||||
| CVE-2013-1248 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2020-09-28 | 4.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016. | |||||
| CVE-2013-0005 | 1 Microsoft | 9 .net Framework, Management Odata Iis Extension, Windows 7 and 6 more | 2020-09-28 | 7.8 HIGH | N/A |
| The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service (resource consumption and daemon restart) via crafted values in HTTP requests, aka "Replace Denial of Service Vulnerability." | |||||
| CVE-2013-0008 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2020-09-28 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows local users to gain privileges via a crafted application, aka "Win32k Improper Message Handling Vulnerability." | |||||