Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_7
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2364 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-08-17 | CVE-2020-1464 | A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded. The update addresses the vulnerability by correcting how Windows validates file signatures. | Windows_10_1507, Windows_10_1607, Windows_10_1709, Windows_10_1803, Windows_10_1809, Windows_10_1903, Windows_10_1909, Windows_10_2004, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_1903, Windows_server_1909, Windows_server_2004, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 7.8 | ||
| 2021-07-14 | CVE-2021-31979 | Windows Kernel Elevation of Privilege Vulnerability | Windows_10, Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_1909, Windows_10_2004, Windows_10_20h2, Windows_10_21h1, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2004, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_20h2 | 7.8 | ||
| 2021-07-16 | CVE-2021-34448 | Scripting Engine Memory Corruption Vulnerability | Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_1909, Windows_10_2004, Windows_10_20h2, Windows_10_21h1, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 6.8 | ||
| 2016-11-10 | CVE-2016-7255 | The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | Windows_10_1507, Windows_10_1511, Windows_10_1607, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_vista | 7.8 | ||
| 2019-04-09 | CVE-2019-0808 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797. | Windows_7, Windows_server_2008 | 7.8 | ||
| 2019-05-16 | CVE-2019-0708 | A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | Agile_controller\-Campus_firmware, Bh620_v2_firmware, Bh621_v2_firmware, Bh622_v2_firmware, Bh640_v2_firmware, Ch121_firmware, Ch140_firmware, Ch220_firmware, Ch221_firmware, Ch222_firmware, Ch240_firmware, Ch242_firmware, Ch242_v3_firmware, E6000_chassis_firmware, E6000_firmware, Elog_firmware, Espace_ecs_firmware, Gtsoftx3000_firmware, Oceanstor_18500_firmware, Oceanstor_18800_firmware, Oceanstor_18800f_firmware, Oceanstor_hvs85t_firmware, Oceanstor_hvs88t_firmware, Rh1288_v2_firmware, Rh1288a_v2_firmware, Rh2265_v2_firmware, Rh2268_v2_firmware, Rh2285_v2_firmware, Rh2285h_v2_firmware, Rh2288_v2_firmware, Rh2288a_v2_firmware, Rh2288e_v2_firmware, Rh2288h_v2_firmware, Rh2485_v2_firmware, Rh5885_v2_firmware, Rh5885_v3_firmware, Seco_vsm_firmware, Smc2\.0_firmware, Uma_firmware, X6000_firmware, X8000_firmware, Windows_7, Windows_server_2008, Aptio_firmware, Atellica_solution_firmware, Axiom_multix_m_firmware, Axiom_vertix_md_trauma_firmware, Axiom_vertix_solitaire_m_firmware, Centralink_firmware, Lantis_firmware, Mobilett_xp_digital_firmware, Multix_pro_acss_firmware, Multix_pro_acss_p_firmware, Multix_pro_firmware, Multix_pro_navy_firmware, Multix_pro_p_firmware, Multix_swing_firmware, Multix_top_acss_firmware, Multix_top_acss_p_firmware, Multix_top_firmware, Multix_top_p_firmware, Rapidpoint_500_firmware, Streamlab_firmware, Syngo_lab_process_manager, Vertix_solitaire_firmware, Viva_e_firmware, Viva_twin_firmware | 9.8 | ||
| 2010-01-21 | CVE-2010-0232 | The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to... | Windows_2000, Windows_7, Windows_xp | 7.8 | ||
| 2014-10-22 | CVE-2014-6352 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document. | Windows_7, Windows_8, Windows_8\.1, Windows_rt, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_vista | 7.8 | ||
| 2017-04-12 | CVE-2017-0199 | Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." | Office, Windows_7, Windows_server_2008, Windows_server_2012, Windows_vista, Intellispace_portal | 7.8 | ||
| 2016-03-09 | CVE-2016-0099 | The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability." | Windows_10_1507, Windows_10_1511, Windows_7, Windows_8\.1, Windows_server_2008, Windows_server_2012, Windows_vista | 7.8 |