Every CVE whose affected-product data names Microsoft Windows 7, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2013-3195 — CVSS 10.0 (critical): The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2…
CVE-2015-0014 — CVSS 10.0 (critical): Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows…
CVE-2010-0270 — CVSS 10.0 (critical): The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which…
CVE-2013-3175 — CVSS 10.0 (critical): Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8…
CVE-2013-0011 — CVSS 10.0 (critical): The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary…
CVE-2011-1268 — CVSS 10.0 (critical): The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2…
CVE-2020-1467 — CVSS 10.0 (critical): An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this…
CVE-2015-2373 — CVSS 10.0 (critical): The Remote Desktop Protocol (RDP) server service in Microsoft Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to…
CVE-2010-2550 — CVSS 10.0 (critical): The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and…
CVE-2010-0476 — CVSS 10.0 (critical): The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB…
CVE-2010-0269 — CVSS 10.0 (critical): The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows…
CVE-2011-0661 — CVSS 10.0 (critical): The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold…
CVE-2010-0231 — CVSS 10.0 (critical): The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista…
CVE-2014-6321 — CVSS 10.0 (critical): Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows…
CVE-2012-4786 — CVSS 10.0 (critical): The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and…
CVE-2010-0477 — CVSS 10.0 (critical): The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which…
CVE-2012-1851 — CVSS 10.0 (critical): Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2…
CVE-2019-1365 — CVSS 9.9 (critical): An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to…
CVE-2019-1384 — CVSS 9.9 (critical): A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this…
CVE-2020-1112 — CVSS 9.9 (critical): An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly…
CVE-2017-8589 — CVSS 9.8 (critical): Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold…
CVE-2019-0626 — CVSS 9.8 (critical): A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP…
CVE-2019-1181 — CVSS 9.8 (critical): A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated…
CVE-2019-1182 — CVSS 9.8 (critical): A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated…
CVE-2017-11771 — CVSS 9.8 (critical): The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012…
CVE-2019-0736 — CVSS 9.8 (critical): A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An…
CVE-2016-7182 — CVSS 9.8 (critical): The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012…
CVE-2016-3236 — CVSS 9.8 (critical): The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7…
CVE-2011-2013 — CVSS 9.8 (critical): Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold…
CVE-2019-1212 — CVSS 9.8 (critical): A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who…
CVE-2011-0657 — CVSS 9.8 (critical): DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008…
CVE-2015-2506 — CVSS 9.3 (critical): atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8…
CVE-2015-2509 — CVSS 9.3 (critical): Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to…
CVE-2015-2513 — CVSS 9.3 (critical): Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server…
CVE-2015-2514 — CVSS 9.3 (critical): Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server…
CVE-2015-2515 — CVSS 9.3 (critical): Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8…
CVE-2015-2519 — CVSS 9.3 (critical): Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows…
CVE-2010-0252 — CVSS 9.3 (critical): The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft…
CVE-2015-2530 — CVSS 9.3 (critical): Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server…
CVE-2015-2548 — CVSS 9.3 (critical): Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote…
CVE-2010-0250 — CVSS 9.3 (critical): Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and…
CVE-2011-1247 — CVSS 9.3 (critical): Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Windows XP SP2 and SP3, Windows Server…
CVE-2015-6097 — CVSS 9.3 (critical): Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows…
CVE-2015-6103 — CVSS 9.3 (critical): The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1…
CVE-2015-6104 — CVSS 9.3 (critical): The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1…
CVE-2015-6107 — CVSS 9.3 (critical): The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows…
CVE-2015-6108 — CVSS 9.3 (critical): The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows…
CVE-2015-6130 — CVSS 9.3 (critical): Integer underflow in Uniscribe in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows remote attackers to execute arbitrary code…
CVE-2015-6131 — CVSS 9.3 (critical): Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to execute arbitrary…
CVE-2010-0027 — CVSS 9.3 (critical): The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000…
CVE-2010-0018 — CVSS 9.3 (critical): Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows…
CVE-2010-0017 — CVSS 9.3 (critical): Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and…
CVE-2011-1873 — CVSS 9.3 (critical): win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008…
CVE-2009-3678 — CVSS 9.3 (critical): Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms…
CVE-2010-2729 — CVSS 9.3 (critical): The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008…
CVE-2011-1975 — CVSS 9.3 (critical): Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft…
CVE-2011-1991 — CVSS 9.3 (critical): Multiple untrusted search path vulnerabilities in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows…
CVE-2011-2003 — CVSS 9.3 (critical): Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2…
CVE-2011-2009 — CVSS 9.3 (critical): Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media…
CVE-2011-3401 — CVSS 9.3 (critical): ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1…
CVE-2011-3417 — CVSS 9.3 (critical): The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when…
CVE-2011-5046 — CVSS 9.3 (critical): The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2…
CVE-2012-0001 — CVSS 9.3 (critical): The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7…
CVE-2012-0002 — CVSS 9.3 (critical): The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows…
CVE-2012-0004 — CVSS 9.3 (critical): Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows…
CVE-2012-0013 — CVSS 9.3 (critical): Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2…
CVE-2012-0150 — CVSS 9.3 (critical): Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows…
CVE-2010-3147 — CVSS 9.3 (critical): Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server…
CVE-2012-0159 — CVSS 9.3 (critical): Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and…
CVE-2012-0173 — CVSS 9.3 (critical): The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows…
CVE-2010-3227 — CVSS 9.3 (critical): Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class…
CVE-2012-1527 — CVSS 9.3 (critical): Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008…
CVE-2012-1528 — CVSS 9.3 (critical): Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2…
CVE-2009-3674 — CVSS 9.3 (critical): Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by…
CVE-2012-2556 — CVSS 9.3 (critical): The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2…
CVE-2009-3673 — CVSS 9.3 (critical): Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by…
CVE-2012-4774 — CVSS 9.3 (critical): Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold…
CVE-2013-0007 — CVSS 9.3 (critical): Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute…
CVE-2009-0090 — CVSS 9.3 (critical): Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to…
CVE-2009-2531 — CVSS 9.3 (critical): Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute…
CVE-2010-3956 — CVSS 9.3 (critical): The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008…
CVE-2010-3966 — CVSS 9.3 (critical): Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to…
CVE-2009-0091 — CVSS 9.3 (critical): Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which…
CVE-2010-4182 — CVSS 9.3 (critical): Untrusted search path vulnerability in the Data Access Objects (DAO) library (dao360.dll) in Microsoft Windows XP Professional SP3, Windows…
CVE-2009-2530 — CVSS 9.3 (critical): Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute…
CVE-2009-2497 — CVSS 9.3 (critical): The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly…
CVE-2013-3128 — CVSS 9.3 (critical): The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2…
CVE-2011-0032 — CVSS 9.3 (critical): Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2…
CVE-2013-3174 — CVSS 9.3 (critical): DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7…
CVE-2011-0033 — CVSS 9.3 (critical): The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2…
CVE-2011-0034 — CVSS 9.3 (critical): Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server…
CVE-2013-3940 — CVSS 9.3 (critical): Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2…
CVE-2013-5056 — CVSS 9.3 (critical): Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows…
CVE-2014-0263 — CVSS 9.3 (critical): The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and…
CVE-2014-0301 — CVSS 9.3 (critical): Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2…
CVE-2014-1817 — CVSS 9.3 (critical): usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2…
CVE-2014-1818 — CVSS 9.3 (critical): GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1…
CVE-2014-1824 — CVSS 9.3 (critical): Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server…
CVE-2011-0658 — CVSS 9.3 (critical): Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003…
CVE-2011-0660 — CVSS 9.3 (critical): The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2…
CVE-2014-4118 — CVSS 9.3 (critical): XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7…
CVE-2010-0811 — CVSS 9.3 (critical): Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4…
CVE-2015-0081 — CVSS 9.3 (critical): Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1…
CVE-2015-0088 — CVSS 9.3 (critical): Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8…
CVE-2015-0090 — CVSS 9.3 (critical): Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8…
CVE-2015-0091 — CVSS 9.3 (critical): Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8…
CVE-2015-0092 — CVSS 9.3 (critical): Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8…
CVE-2015-0093 — CVSS 9.3 (critical): Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8…
CVE-2010-2553 — CVSS 9.3 (critical): The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files…
CVE-2015-0096 — CVSS 9.3 (critical): Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7…
CVE-2015-1645 — CVSS 9.3 (critical): Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to…
CVE-2015-1675 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-1695 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-1696 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-1697 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-1698 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-1699 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2010-0490 — CVSS 9.3 (critical): Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute…
CVE-2010-0487 — CVSS 9.3 (critical): The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft…
CVE-2015-1756 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7…
CVE-2010-0486 — CVSS 9.3 (critical): The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3…
CVE-2015-2429 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2430 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2432 — CVSS 9.3 (critical): ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1…
CVE-2015-2435 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2455 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2456 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2458 — CVSS 9.3 (critical): ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1…
CVE-2015-2459 — CVSS 9.3 (critical): ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1…
CVE-2015-2461 — CVSS 9.3 (critical): ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1…
CVE-2015-2462 — CVSS 9.3 (critical): ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1…
CVE-2015-2463 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2464 — CVSS 9.3 (critical): Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2015-2473 — CVSS 9.3 (critical): Untrusted search path vulnerability in the client in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows 7 SP1 and Windows…
CVE-2019-0719 — CVSS 9.1 (critical): A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an…
CVE-2013-1339 — CVSS 9.0 (critical): The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and…
CVE-2011-2014 — CVSS 9.0 (critical): The LDAP over SSL (aka LDAPS) implementation in Active Directory, Active Directory Application Mode (ADAM), and Active Directory…
CVE-2010-0020 — CVSS 9.0 (critical): The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista…
CVE-2019-0791 — CVSS 8.8 (high): A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote…
CVE-2019-0790 — CVSS 8.8 (high): A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote…
CVE-2019-0787 — CVSS 8.8 (high): A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote…
CVE-2019-0772 — CVSS 8.8 (high): A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine…
CVE-2019-0765 — CVSS 8.8 (high): A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory, aka 'Comctl32 Remote Code Execution…
CVE-2019-0756 — CVSS 8.8 (high): A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote…
CVE-2016-7272 — CVSS 8.8 (high): The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012…
CVE-2016-7274 — CVSS 8.8 (high): Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2…
CVE-2018-1012 — CVSS 8.8 (high): A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka…
CVE-2016-7205 — CVSS 8.8 (high): Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1…
CVE-2019-0792 — CVSS 8.8 (high): A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote…
CVE-2020-1300 — CVSS 8.8 (high): A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an…
CVE-2020-1301 — CVSS 8.8 (high): A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain…
CVE-2019-1419 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially…
CVE-2011-1265 — CVSS 8.8 (high): The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that…
CVE-2019-1333 — CVSS 8.8 (high): A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote…
CVE-2021-34481 — CVSS 8.8 (high): <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An…
CVE-2019-1291 — CVSS 8.8 (high): A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote…
CVE-2020-1408 — CVSS 8.8 (high): A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka…
CVE-2019-1290 — CVSS 8.8 (high): A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote…
CVE-2010-0820 — CVSS 8.8 (high): Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows…
CVE-2019-1149 — CVSS 8.8 (high): A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker…
CVE-2019-1183 — CVSS 8.8 (high): This information is being revised to indicate that this CVE (CVE-2019-1183) is fully mitigated by the security updates for the…
CVE-2016-0101 — CVSS 8.8 (high): Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and…