Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows 8.1
Total 2840 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-36964 1 Microsoft 9 Windows 10, Windows 7, Windows 8.1 and 6 more 2021-09-24 4.6 MEDIUM 7.8 HIGH
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38630.
CVE-2021-36963 1 Microsoft 9 Windows 10, Windows 7, Windows 8.1 and 6 more 2021-09-24 4.6 MEDIUM 7.8 HIGH
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-38633.
CVE-2021-36962 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-09-24 4.9 MEDIUM 5.5 MEDIUM
Windows Installer Information Disclosure Vulnerability
CVE-2021-36961 1 Microsoft 9 Windows 10, Windows 7, Windows 8.1 and 6 more 2021-09-24 3.6 LOW 6.1 MEDIUM
Windows Installer Denial of Service Vulnerability
CVE-2021-36960 1 Microsoft 9 Windows 10, Windows 7, Windows 8.1 and 6 more 2021-09-24 5.0 MEDIUM 7.5 HIGH
Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972.
CVE-2021-36955 1 Microsoft 9 Windows 10, Windows 7, Windows 8.1 and 6 more 2021-09-24 4.6 MEDIUM 7.8 HIGH
Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36963, CVE-2021-38633.
CVE-2021-26435 1 Microsoft 9 Windows 10, Windows 7, Windows 8.1 and 6 more 2021-09-24 6.8 MEDIUM 7.8 HIGH
Windows Scripting Engine Memory Corruption Vulnerability
CVE-2020-9633 5 Adobe, Apple, Google and 2 more 8 Flash Player, Flash Player Desktop Runtime, Macos and 5 more 2021-09-16 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2020-3757 6 Adobe, Apple, Google and 3 more 10 Flash Player, Macos, Chrome Os and 7 more 2021-09-16 9.3 HIGH 8.8 HIGH
Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2021-34480 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2021-09-16 6.8 MEDIUM 8.8 HIGH
Scripting Engine Memory Corruption Vulnerability
CVE-2021-30605 2 Google, Microsoft 4 Chrome Os Readiness Tool, Windows 10, Windows 7 and 1 more 2021-09-15 4.6 MEDIUM 7.8 HIGH
Inappropriate implementation in the ChromeOS Readiness Tool installer on Windows prior to 1.0.2.0 loosens DCOM access rights on two objects allowing an attacker to potentially bypass discretionary access controls.
CVE-2021-27094 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2021-09-14 2.1 LOW 4.4 MEDIUM
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-28447.
CVE-2021-28447 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2021-09-14 2.1 LOW 4.4 MEDIUM
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-27094.
CVE-2021-31970 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2021-09-13 2.1 LOW 5.5 MEDIUM
Windows TCP/IP Driver Security Feature Bypass Vulnerability
CVE-2020-15707 8 Canonical, Debian, Gnu and 5 more 15 Ubuntu Linux, Debian Linux, Grub2 and 12 more 2021-09-13 4.4 MEDIUM 6.4 MEDIUM
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.
CVE-2018-8434 1 Microsoft 6 Windows 10, Windows 7, Windows 8.1 and 3 more 2021-09-12 5.2 MEDIUM 5.4 MEDIUM
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
CVE-2019-1255 1 Microsoft 12 Forefront Endpoint Protection 2010, Security Essentials, System Center Endpoint Protection and 9 more 2021-09-09 5.0 MEDIUM 7.5 HIGH
A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'.
CVE-2018-0986 1 Microsoft 13 Exchange Server, Forefront Endpoint Protection 2010, Intune Endpoint Protection and 10 more 2021-09-09 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.
CVE-2020-1002 1 Microsoft 12 Forefront Endpoint Protection 2010, Security Essentials, System Center Endpoint Protection and 9 more 2021-09-09 6.6 MEDIUM 7.1 HIGH
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.
CVE-2019-1161 1 Microsoft 11 Forefront Endpoint Protection 2010, Security Essentials, System Center Endpoint Protection and 8 more 2021-09-09 6.6 MEDIUM 7.1 HIGH
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.