Total
3317 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1332 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2024-02-28 | 7.2 HIGH | N/A |
| dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability." | |||||
| CVE-2012-2549 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2012 | 2024-02-28 | 5.8 MEDIUM | N/A |
| The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server 2012 does not properly validate certificates, which allows remote attackers to bypass intended access restrictions via a revoked certificate, aka "Revoked Certificate Bypass Vulnerability." | |||||
| CVE-2013-0088 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2024-02-28 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerability." | |||||
| CVE-2013-3868 | 1 Microsoft | 6 Active Directory Lightweight Directory Service, Windows 7, Windows 8 and 3 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial of service (LDAP directory-service outage) via a crafted LDAP query, aka "Remote Anonymous DoS Vulnerability." | |||||
| CVE-2012-4787 | 1 Microsoft | 7 Internet Explorer, Windows 7, Windows 8 and 4 more | 2024-02-28 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free Vulnerability." | |||||
| CVE-2013-1345 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2024-02-28 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Vulnerability." | |||||
| CVE-2012-2556 | 1 Microsoft | 9 Windows 2003 Server, Windows 7, Windows 8 and 6 more | 2024-02-28 | 9.3 HIGH | N/A |
| The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to execute arbitrary code via a crafted OpenType font file, aka "OpenType Font Parsing Vulnerability." | |||||
| CVE-2013-3185 | 1 Microsoft | 3 Active Directory Federation Services, Windows Server 2008, Windows Server 2012 | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 allows remote attackers to obtain sensitive information about the service account, and possibly conduct account-lockout attacks, by connecting to an endpoint, aka "AD FS Information Disclosure Vulnerability." | |||||
| CVE-2013-3940 | 1 Microsoft | 10 Windows 7, Windows 8, Windows 8.1 and 7 more | 2024-02-28 | 9.3 HIGH | N/A |
| Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image in a Windows Write (.wri) document, which is not properly handled in WordPad, aka "Graphics Device Interface Integer Overflow Vulnerability." | |||||
| CVE-2013-0002 | 1 Microsoft | 9 .net Framework, Windows 7, Windows 8 and 6 more | 2024-02-28 | 9.3 HIGH | N/A |
| Buffer overflow in the Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages improper counting of objects during a memory copy operation, aka "WinForms Buffer Overflow Vulnerability." | |||||
| CVE-2013-1342 | 1 Microsoft | 8 Windows 2003 Server, Windows 7, Windows 8 and 5 more | 2024-02-28 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. | |||||
| CVE-2013-3900 | 1 Microsoft | 13 Windows 10, Windows 11, Windows 7 and 10 more | 2024-02-28 | 7.6 HIGH | N/A |
| The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability." | |||||
| CVE-2012-2519 | 1 Microsoft | 8 .net Framework, Windows 7, Windows 8 and 5 more | 2024-02-28 | 7.9 HIGH | N/A |
| Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .NET application, aka ".NET Framework Insecure Library Loading Vulnerability." | |||||
| CVE-2013-3869 | 1 Microsoft | 10 Windows 7, Windows 8, Windows 8.1 and 7 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to cause a denial of service (daemon hang) via a web-service request containing a crafted X.509 certificate that is not properly handled during validation, aka "Digital Signatures Vulnerability." | |||||
| CVE-2013-1294 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2024-02-28 | 4.9 MEDIUM | N/A |
| Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability." | |||||
| CVE-2013-0075 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2024-02-28 | 7.8 HIGH | N/A |
| The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (reboot) via a crafted packet that terminates a TCP connection, aka "TCP FIN WAIT Vulnerability." | |||||
| CVE-2013-1281 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2012 | 2024-02-28 | 7.1 HIGH | N/A |
| The NFS server in Microsoft Windows Server 2008 R2 and R2 SP1 and Server 2012 allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via an attempted renaming of a file or folder located on a read-only share, aka "NULL Dereference Vulnerability." | |||||
| CVE-2013-3864 | 1 Microsoft | 8 Windows 2003 Server, Windows 7, Windows 8 and 5 more | 2024-02-28 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865. | |||||
| CVE-2013-1712 | 2 Microsoft, Mozilla | 8 Windows 7, Windows 8, Windows Server 2008 and 5 more | 2024-02-28 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 allow local users to gain privileges via a Trojan horse DLL in (1) the update directory or (2) the current working directory. | |||||
| CVE-2013-1343 | 1 Microsoft | 8 Windows 2003 Server, Windows 7, Windows 8 and 5 more | 2024-02-28 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. | |||||