Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_vista
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 829 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-02-10 | CVE-2016-0040 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability." | Windows_7, Windows_server_2008, Windows_vista | 7.8 | ||
| 2016-03-09 | CVE-2016-0099 | The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability." | Windows_10_1507, Windows_10_1511, Windows_7, Windows_8\.1, Windows_server_2008, Windows_server_2012, Windows_vista | 7.8 | ||
| 2015-04-21 | CVE-2015-1701 | Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability." | Windows_2003_server, Windows_7, Windows_server_2008, Windows_vista | 7.8 | ||
| 2015-06-10 | CVE-2015-2360 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | Windows_7, Windows_8, Windows_8\.1, Windows_rt, Windows_rt_8\.1, Windows_server_2003, Windows_server_2008, Windows_server_2012, Windows_vista | N/A | ||
| 2011-01-31 | CVE-2011-0096 | The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability." | Windows_2003_server, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2009-03-10 | CVE-2009-0082 | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified "actions," aka "Windows Kernel Handle Validation Vulnerability." | Windows_2000, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2009-08-12 | CVE-2009-2494 | The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka "ATL Object Type Mismatch Vulnerability." | Windows_2000, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2009-10-14 | CVE-2009-1547 | Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability." | Internet_explorer, Windows_2000, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-03-31 | CVE-2010-0488 | Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding Information Disclosure Vulnerability." | Internet_explorer, Windows_2000, Windows_2003_server, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp | N/A | ||
| 2010-02-10 | CVE-2010-0021 | Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka "SMB Memory Corruption Vulnerability." | Windows_2000, Windows_2003_server, Windows_7, Windows_server_2008, Windows_vista, Windows_xp | N/A |