CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2016-0040	High	78.9%	MicrosoftWindows	The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.	Mar 28, 2022	KEV
CVE-2017-0213	High	92.7%	MicrosoftWindows	Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.	Mar 28, 2022	KEV
CVE-2017-0059	High	85.0%	MicrosoftInternet Explorer	Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted web site.	Mar 28, 2022	KEV
CVE-2016-7201	High	90.1%	MicrosoftEdge	The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.	Mar 28, 2022	KEV
CVE-2021-34486	High	34.7%	MicrosoftWindows	Microsoft Windows Event Tracing contains an unspecified vulnerability which can allow for privilege escalation.	Mar 28, 2022	KEV
CVE-2016-0189	High	92.1%	MicrosoftInternet Explorer	The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.	Mar 28, 2022	KEV
CVE-2013-3660	High	69.2%	MicrosoftWin32k	The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.	Mar 28, 2022	KEV
CVE-2018-8440	High	74.2%	MicrosoftWindows	An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).	Mar 28, 2022	KEV
CVE-2012-2539	High	84.4%	MicrosoftWord	Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.	Mar 28, 2022	KEV
CVE-2015-1770	High	78.2%	MicrosoftOffice	Microsoft Office allows remote attackers to execute arbitrary code via a crafted Office document.	Mar 28, 2022	KEV
CVE-2015-2419	High	71.7%	MicrosoftInternet Explorer	JScript in Microsoft Internet Explorer allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.	Mar 28, 2022	KEV
CVE-2013-2551	High	90.8%	MicrosoftInternet Explorer	Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafted web site that triggers access to a deleted object.	Mar 28, 2022	KEV
CVE-2010-4398	High	6.4%	MicrosoftWindows	Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.	Mar 28, 2022	KEV
CVE-2014-6332	High	94.1%	MicrosoftWindows	OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.	Mar 25, 2022	KEV
CVE-2022-21999	High	72.7%	MicrosoftWindows	Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.	Mar 25, 2022	KEV
CVE-2018-8373	High	82.4%	MicrosoftInternet Explorer Scripting Engine	A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.	Mar 25, 2022	KEV
CVE-2018-8414	High	87.9%	MicrosoftWindows	A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.	Mar 25, 2022	KEV
CVE-2017-0146	High	93.3%	MicrosoftWindows	The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.	Mar 25, 2022	KEV
CVE-2014-6324	High	89.8%	MicrosoftKerberos Key Distribution Center (KDC)	The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.	Mar 25, 2022	KEV
CVE-2019-0903	High	34.4%	MicrosoftGraphics Device Interface (GDI)	A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.	Mar 25, 2022	KEV

CVE-2016-0040KEV

High

The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.

MicrosoftEPSS 78.9%

CVE-2017-0213KEV

High

Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.

MicrosoftEPSS 92.7%

CVE-2017-0059KEV

High

Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted web site.

MicrosoftEPSS 85.0%

CVE-2016-7201KEV

High

The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.

MicrosoftEPSS 90.1%

CVE-2021-34486KEV

High

Microsoft Windows Event Tracing contains an unspecified vulnerability which can allow for privilege escalation.

MicrosoftEPSS 34.7%

CVE-2016-0189KEV

High

The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.

MicrosoftEPSS 92.1%

CVE-2013-3660KEV

High

The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.

MicrosoftEPSS 69.2%

CVE-2018-8440KEV

High

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).

MicrosoftEPSS 74.2%

CVE-2012-2539KEV

High

Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.

MicrosoftEPSS 84.4%

CVE-2015-1770KEV

High

Microsoft Office allows remote attackers to execute arbitrary code via a crafted Office document.

MicrosoftEPSS 78.2%

CVE-2015-2419KEV

High

JScript in Microsoft Internet Explorer allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.

MicrosoftEPSS 71.7%

CVE-2013-2551KEV

High

Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafted web site that triggers access to a deleted object.

MicrosoftEPSS 90.8%

CVE-2010-4398KEV

High

Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.

MicrosoftEPSS 6.4%

CVE-2014-6332KEV

High

OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.

MicrosoftEPSS 94.1%

CVE-2022-21999KEV

High

Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.

MicrosoftEPSS 72.7%

CVE-2018-8373KEV

High

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.

MicrosoftEPSS 82.4%

CVE-2018-8414KEV

High

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.

MicrosoftEPSS 87.9%

CVE-2017-0146KEV

High

The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.

MicrosoftEPSS 93.3%

CVE-2014-6324KEV

High

The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain administrator privileges.

MicrosoftEPSS 89.8%

CVE-2019-0903KEV

High

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.

MicrosoftEPSS 34.4%

10 11 12 13 14 15 16