Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft all windows vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-38039
When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless...
Haxx Curl
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows 10 21h2
NA
CVE-2005-0551
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window informa...
Microsoft Windows 2000
Microsoft Windows 2003 Server R2
Microsoft Windows Xp
1 EDB exploit
NA
CVE-2009-0079
The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to g...
Microsoft Windows Server 2003
Microsoft Windows Xp
1 EDB exploit
NA
CVE-2009-0080
The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privilege...
Microsoft Windows Server 2008 -
Microsoft Windows Vista -
1 EDB exploit
9.8
CVSSv3
CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulne...
Microsoft Windows Vista -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Xp -
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003 R2
Microsoft Windows 7 -
5 EDB exploits
2 Metasploit modules
171 Github repositories
10 Articles
NA
CVE-1999-1201
Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote malicious users to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, ...
Microsoft Windows 95
Microsoft Windows 98
7.8
CVSSv3
CVE-2017-0199
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote malicious users to execute arbitrary code via a crafted document, aka "Micros...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2016
Microsoft Windows 7
Microsoft Office 2007
3 EDB exploits
46 Github repositories
26 Articles
NA
CVE-2015-1635
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote malicious users to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
Microsoft Windows 8 -
Microsoft Windows 8.1 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows 7 -
2 EDB exploits
2 Metasploit modules
1 Nmap script
20 Github repositories
2 Articles
NA
CVE-2007-0069
Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote malicious users to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that trigger memory corruption...
Microsoft Windows Xp
Microsoft Windows 2003 Server
Microsoft Windows Vista
NA
CVE-2002-0018
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote malicious users to gain Domain Administrator privileges on t...
Microsoft Windows 2000
Microsoft Windows Nt
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »