Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1281 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2012 | 2020-09-28 | 7.1 HIGH | N/A |
| The NFS server in Microsoft Windows Server 2008 R2 and R2 SP1 and Server 2012 allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via an attempted renaming of a file or folder located on a read-only share, aka "NULL Dereference Vulnerability." | |||||
| CVE-2013-1280 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2020-09-28 | 7.2 HIGH | N/A |
| The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Reference Count Vulnerability." | |||||
| CVE-2013-1279 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2020-09-28 | 7.2 HIGH | N/A |
| Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages incorrect handling of objects in memory, aka "Kernel Race Condition Vulnerability," a different vulnerability than CVE-2013-1278. | |||||
| CVE-2013-1278 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2020-09-28 | 7.2 HIGH | N/A |
| Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages incorrect handling of objects in memory, aka "Kernel Race Condition Vulnerability," a different vulnerability than CVE-2013-1279. | |||||
| CVE-2013-1283 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2020-09-28 | 6.9 MEDIUM | N/A |
| Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability." | |||||
| CVE-2013-3183 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2020-09-28 | 7.8 HIGH | N/A |
| The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly perform memory allocation for inbound ICMPv6 packets, which allows remote attackers to cause a denial of service (system hang) via crafted packets, aka "ICMPv6 Vulnerability." | |||||
| CVE-2013-3185 | 1 Microsoft | 3 Active Directory Federation Services, Windows Server 2008, Windows Server 2012 | 2020-09-28 | 5.0 MEDIUM | N/A |
| Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 allows remote attackers to obtain sensitive information about the service account, and possibly conduct account-lockout attacks, by connecting to an endpoint, aka "AD FS Information Disclosure Vulnerability." | |||||
| CVE-2020-1410 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-09-28 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists when Windows Address Book (WAB) improperly processes vcard files.To exploit the vulnerability, an attacker could send a malicious vcard that a victim opens using Windows Address Book (WAB), aka 'Windows Address Book Remote Code Execution Vulnerability'. | |||||
| CVE-2020-0718 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2020-09-28 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory, aka 'Active Directory Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0761. | |||||
| CVE-2019-1397 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2020-09-28 | 7.7 HIGH | 8.4 HIGH |
| A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1389, CVE-2019-1398. | |||||
| CVE-2020-0761 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2020-09-28 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory, aka 'Active Directory Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0718. | |||||
| CVE-2019-1389 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2020-09-28 | 7.7 HIGH | 8.4 HIGH |
| A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1397, CVE-2019-1398. | |||||
| CVE-2020-1596 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-09-28 | 2.9 LOW | 5.3 MEDIUM |
| A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka 'TLS Information Disclosure Vulnerability'. | |||||
| CVE-2020-1593 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-09-28 | 6.8 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects, aka 'Windows Media Audio Decoder Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1508. | |||||
| CVE-2020-0922 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-09-28 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory, aka 'Microsoft COM for Windows Remote Code Execution Vulnerability'. | |||||
| CVE-2020-1408 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-09-28 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. | |||||
| CVE-2020-1113 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-09-28 | 9.3 HIGH | 7.5 HIGH |
| A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'. | |||||
| CVE-2020-9739 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2020-09-25 | 5.8 MEDIUM | 7.1 HIGH |
| Adobe Media Encoder version 14.3.2 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | |||||
| CVE-2020-9744 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2020-09-25 | 5.8 MEDIUM | 7.1 HIGH |
| Adobe Media Encoder version 14.3.2 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | |||||
| CVE-2020-9745 | 2 Adobe, Microsoft | 2 Media Encoder, Windows | 2020-09-25 | 5.8 MEDIUM | 7.1 HIGH |
| Adobe Media Encoder version 14.3.2 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | |||||