U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20520:*:*:*:*:*:x64:*
  • CPE Name Search: true
There are 504 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2023-21739

Windows Bluetooth Driver Elevation of Privilege Vulnerability

Published: January 10, 2023; 5:15:17 PM -0500 		V3.1: 7.0 HIGH
 V2.0:(not available)
CVE-2022-24503

Remote Desktop Protocol Client Information Disclosure Vulnerability

Published: March 09, 2022; 12:15:15 PM -0500 		V3.1: 5.4 MEDIUM
 V2.0: 5.0 MEDIUM
CVE-2022-24502

Windows HTML Platforms Security Feature Bypass Vulnerability

Published: March 09, 2022; 12:15:14 PM -0500 		V3.1: 4.3 MEDIUM
 V2.0: 4.3 MEDIUM
CVE-2020-9633

Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

Published: June 12, 2020; 10:15:11 AM -0400 		V3.1: 9.8 CRITICAL
 V2.0: 10.0 HIGH
CVE-2020-0707

An elevation of privilege vulnerability exists when the Windows IME improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows IME Elevation of Privilege Vulnerability'.

Published: February 11, 2020; 5:15:17 PM -0500 		V3.1: 7.8 HIGH
 V2.0: 7.2 HIGH
CVE-2020-0646

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.

Published: January 14, 2020; 6:15:33 PM -0500 		V3.1: 9.8 CRITICAL
 V2.0: 10.0 HIGH
CVE-2020-0643

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'.

Published: January 14, 2020; 6:15:32 PM -0500 		V3.1: 5.5 MEDIUM
 V2.0: 2.1 LOW
CVE-2020-0640

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

Published: January 14, 2020; 6:15:32 PM -0500 		V3.1: 7.5 HIGH
 V2.0: 7.6 HIGH
CVE-2020-0639

An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0615.

Published: January 14, 2020; 6:15:32 PM -0500 		V3.1: 5.5 MEDIUM
 V2.0: 2.1 LOW
CVE-2020-0615

An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0639.

Published: January 14, 2020; 6:15:31 PM -0500 		V3.1: 5.5 MEDIUM
 V2.0: 2.1 LOW
CVE-2020-0611

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

Published: January 14, 2020; 6:15:30 PM -0500 		V3.1: 7.5 HIGH
 V2.0: 5.1 MEDIUM
CVE-2020-0608

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

Published: January 14, 2020; 6:15:30 PM -0500 		V3.1: 5.5 MEDIUM
 V2.0: 2.1 LOW
CVE-2020-0607

An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'.

Published: January 14, 2020; 6:15:30 PM -0500 		V3.1: 5.5 MEDIUM
 V2.0: 4.3 MEDIUM
CVE-2020-0606

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0605.

Published: January 14, 2020; 6:15:30 PM -0500 		V3.1: 8.8 HIGH
 V2.0: 9.3 HIGH
CVE-2020-0605

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0606.

Published: January 14, 2020; 6:15:30 PM -0500 		V3.1: 8.8 HIGH
 V2.0: 9.3 HIGH
CVE-2019-1142

An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations, aka '.NET Framework Elevation of Privilege Vulnerability'.

Published: September 11, 2019; 6:15:14 PM -0400 		V3.1: 5.5 MEDIUM
 V2.0: 2.1 LOW
CVE-2019-1113

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'.

Published: July 15, 2019; 3:15:20 PM -0400 		V3.0: 8.8 HIGH
 V2.0: 6.8 MEDIUM
CVE-2019-7090

Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Published: May 24, 2019; 3:29:02 PM -0400 		V3.0: 6.5 MEDIUM
 V2.0: 4.3 MEDIUM
CVE-2019-0754

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

Published: April 08, 2019; 8:29:01 PM -0400 		V3.0: 5.5 MEDIUM
 V2.0: 4.9 MEDIUM
CVE-2018-16183

An unquoted search path vulnerability in some pre-installed applications on Panasonic PC run on Windows 7 (32bit), Windows 7 (64bit), Windows 8 (64bit), Windows 8.1 (64bit), Windows 10 (64bit) delivered in or later than October 2009 allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.

Published: January 09, 2019; 6:29:03 PM -0500 		V3.0: 7.8 HIGH
 V2.0: 6.8 MEDIUM