Every CVE whose affected-product data names Microsoft Silverlight, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (32)
CVE-2010-0019 — CVSS 9.3 (critical): Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before 3.0.41130.0 on Mac OS X, does not properly handle pointers, which allows…
CVE-2010-1898 — CVSS 9.3 (critical): The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3…
CVE-2011-0664 — CVSS 9.3 (critical): Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly…
CVE-2011-1253 — CVSS 9.3 (critical): Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict…
CVE-2012-0159 — CVSS 9.3 (critical): Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and…
CVE-2012-0176 — CVSS 9.3 (critical): Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329 on Windows allows remote attackers to execute arbitrary code via…
CVE-2013-3131 — CVSS 9.3 (critical): Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does not properly prevent changes to data…
CVE-2013-3178 — CVSS 9.3 (critical): Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote attackers to execute arbitrary code or…
CVE-2015-1715 — CVSS 9.3 (critical): Microsoft Silverlight 5 before 5.1.40416.00 allows remote attackers to bypass intended integrity-level restrictions via a crafted…
CVE-2015-2435 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2455 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2456 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2463 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2464 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-6108 — CVSS 9.3 (critical): The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows…
CVE-2015-6166 — CVSS 9.3 (critical): Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds…
CVE-2016-3367 — CVSS 8.8 (high): StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not properly allocate memory for string-insert and string-append…
CVE-2017-8527 — CVSS 8.8 (high): Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10…
CVE-2017-0283 — CVSS 8.8 (high): Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10…
CVE-2017-0108 — CVSS 7.8 (high): The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010…
CVE-2013-3129 — CVSS 7.8 (high): Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and…
CVE-2011-1844 — CVSS 7.8 (high): Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remote attackers to cause a denial of service (memory consumption) via an…
CVE-2011-1845 — CVSS 7.8 (high): Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause…
CVE-2012-0014 — CVSS 7.8 (high): Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated…
CVE-2014-0319 — CVSS 7.1 (high): Microsoft Silverlight 5 before 5.1.30214.0 and Silverlight 5 Developer Runtime before 5.1.30214.0 allow attackers to bypass the DEP and…
CVE-2016-3209 — CVSS 5.5 (medium): Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1…
CVE-2015-6114 — CVSS 4.3 (medium): Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka…
CVE-2015-6165 — CVSS 4.3 (medium): Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka…