Search Results (Refine Search)
- CPE Product Version: cpe:/o:microsoft:windows_8:-:-:x64
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-0254 |
The IPv6 implementation in Microsoft Windows 8, Windows Server 2012, and Windows RT does not properly validate packets, which allows remote attackers to cause a denial of service (system hang) via crafted ICMPv6 Router Advertisement packets, aka "TCP/IP Version 6 (IPv6) Denial of Service Vulnerability." Published: February 11, 2014; 11:50:39 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2013-3907 |
portcls.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Port-Class Driver Double Fetch Vulnerability." Published: December 10, 2013; 7:55:03 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-3903 |
Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to cause a denial of service (reboot) via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability." Published: December 10, 2013; 7:55:03 PM -0500 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2013-3898 |
Microsoft Windows 8 and Windows Server 2012, when Hyper-V is used, does not ensure memory-address validity, which allows guest OS users to execute arbitrary code in all guest OS instances, and allows guest OS users to cause a denial of service (host OS crash), via a guest-to-host hypercall with a crafted function parameter, aka "Address Corruption Vulnerability." Published: November 12, 2013; 7:55:02 PM -0500 |
V3.x:(not available) V2.0: 7.9 HIGH |
CVE-2013-3887 |
The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows local users to obtain sensitive information from kernel memory by leveraging improper copy operations, aka "Ancillary Function Driver Information Disclosure Vulnerability." Published: November 12, 2013; 7:55:02 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2013-3894 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka "TrueType Font CMAP Table Vulnerability." Published: October 09, 2013; 10:53:25 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-3880 |
The App Container feature in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to bypass intended access restrictions and obtain sensitive information from a different container via a Trojan horse application, aka "App Container Elevation of Privilege Vulnerability." Published: October 09, 2013; 10:53:24 AM -0400 |
V3.x:(not available) V2.0: 3.5 LOW |
CVE-2013-3879 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability." Published: October 09, 2013; 10:53:24 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-3200 |
The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability." Published: October 09, 2013; 10:53:24 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-3195 |
The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted value in an argument to an ASP.NET web application, aka "Comctl32 Integer Overflow Vulnerability." Published: October 09, 2013; 10:53:24 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2013-3868 |
Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial of service (LDAP directory-service outage) via a crafted LDAP query, aka "Remote Anonymous DoS Vulnerability." Published: September 11, 2013; 10:03:48 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2013-3866 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." Published: September 11, 2013; 10:03:48 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-3865 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3864. Published: September 11, 2013; 10:03:48 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-3864 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-1344, and CVE-2013-3865. Published: September 11, 2013; 10:03:48 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-1344 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865. Published: September 11, 2013; 10:03:48 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-1343 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. Published: September 11, 2013; 10:03:48 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-1342 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. Published: September 11, 2013; 10:03:48 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-1341 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability." Published: September 11, 2013; 10:03:48 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-3183 |
The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly perform memory allocation for inbound ICMPv6 packets, which allows remote attackers to cause a denial of service (system hang) via crafted packets, aka "ICMPv6 Vulnerability." Published: August 14, 2013; 7:10:36 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2013-3175 |
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a malformed asynchronous RPC request, aka "Remote Procedure Call Vulnerability." Published: August 14, 2013; 7:10:36 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |