Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_7
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2366 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-01-11 | CVE-2022-21916 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Windows_10, Windows_11, Windows_7, Windows_8\.1, Windows_server, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 7.8 | ||
| 2022-01-11 | CVE-2022-21920 | Windows Kerberos Elevation of Privilege Vulnerability | Windows_10, Windows_11, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 8.8 | ||
| 2022-01-11 | CVE-2022-21922 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Windows_10, Windows_11, Windows_7, Windows_8\.1, Windows_server, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 8.8 | ||
| 2022-01-11 | CVE-2022-21924 | Workstation Service Remote Protocol Security Feature Bypass Vulnerability | Windows_10, Windows_11, Windows_7, Windows_8\.1, Windows_server, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 5.3 | ||
| 2022-01-11 | CVE-2022-21925 | Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability | Windows_7, Windows_server_2008 | 5.3 | ||
| 2009-12-09 | CVE-2009-3671 | Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3674. | Internet_explorer, Windows_2000, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2009-10-14 | CVE-2009-2529 | Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability." | Internet_explorer, Windows_2000, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-03-31 | CVE-2010-0492 | Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." | Internet_explorer, Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2011-04-13 | CVE-2011-0657 | DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via (1) a crafted LLMNR broadcast query or (2) a crafted application, aka "DNS Query Vulnerability." | Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2011-04-13 | CVE-2011-0671 | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A |