Every CVE whose affected-product data names Microsoft Windows, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (76)
CVE-2015-3067 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2014-9159 — CVSS 10.0 (critical): Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to…
CVE-2014-9160 — CVSS 10.0 (critical): Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow…
CVE-2014-9165 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers…
CVE-2015-3046 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2015-3048 — CVSS 10.0 (critical): Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute…
CVE-2015-3049 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2015-3050 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2015-3051 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2015-3052 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2015-3053 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers…
CVE-2015-3054 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers…
CVE-2015-3056 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2015-3057 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2015-3059 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers…
CVE-2015-3060 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3061 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3062 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3063 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3064 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3065 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3066 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3068 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3069 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3070 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2015-3071 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3072 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3073 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3074 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on…
CVE-2015-3075 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers…
CVE-2015-3076 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2015-4716 — CVSS 10.0 (critical): Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows…
CVE-2014-8445 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2014-8446 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2014-8447 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2014-8449 — CVSS 10.0 (critical): Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute…
CVE-2014-8454 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers…
CVE-2014-8455 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers…
CVE-2014-8456 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2014-8457 — CVSS 10.0 (critical): Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to…
CVE-2014-8458 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2014-8459 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2014-8460 — CVSS 10.0 (critical): Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to…
CVE-2014-8461 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2014-9158 — CVSS 10.0 (critical): Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause…
CVE-2010-3143 — CVSS 9.3 (critical): Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary…
CVE-2010-3139 — CVSS 9.3 (critical): Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote…
CVE-2008-3012 — CVSS 9.3 (critical): gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008…
CVE-2008-4037 — CVSS 9.3 (critical): Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote…
CVE-2007-5348 — CVSS 9.3 (critical): Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server…
CVE-2015-4796 — CVSS 9.0 (critical): Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows…
CVE-2011-3310 — CVSS 9.0 (critical): The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, Cisco…
CVE-2021-36958 — CVSS 7.8 (high): <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An…
CVE-2008-6194 — CVSS 7.8 (high): Memory leak in the DNS server in Microsoft Windows allows remote attackers to cause a denial of service (memory consumption) via DNS…
CVE-2018-0598 — CVSS 7.8 (high): Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled with Microsoft Windows allows an attacker…
CVE-2018-0599 — CVSS 7.8 (high): Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse…
CVE-2022-0280 — CVSS 7.5 (high): A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local…
CVE-2009-3864 — CVSS 7.5 (high): The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before…
CVE-2015-3055 — CVSS 7.5 (high): Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers…
CVE-2016-4158 — CVSS 7.3 (high): Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to…
CVE-2010-3889 — CVSS 7.2 (high): Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited…
CVE-2010-3888 — CVSS 7.2 (high): Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited…
CVE-2011-0638 — CVSS 6.9 (medium): Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which…
CVE-2007-2108 — CVSS 6.8 (medium): Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 on Windows allows remote…
CVE-2014-7237 — CVSS 6.8 (medium): lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier, when running on Windows, allows remote attackers to bypass intended access restrictions…
CVE-2016-1715 — CVSS 6.6 (medium): The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449…
CVE-2014-8452 — CVSS 5.0 (medium): Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via…
CVE-2014-8453 — CVSS 5.0 (medium): Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin…
CVE-2015-3058 — CVSS 5.0 (medium): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to obtain sensitive information…
CVE-2008-5112 — CVSS 5.0 (medium): The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 responds differently to a failed bind attempt…
CVE-2014-8451 — CVSS 5.0 (medium): An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers…
CVE-2014-8448 — CVSS 5.0 (medium): An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers…
CVE-2015-3047 — CVSS 5.0 (medium): Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to cause a denial of service (NULL…
CVE-2011-3389 — CVSS 4.3 (medium): The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome…
CVE-2016-4534 — CVSS 3.0 (low): The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local…