Microsoft Windows 7

Windows Text Shaping Remote Code Execution Vulnerability

CVE-2021-40465 7.8 - High - October 13, 2021

Windows Text Shaping Remote Code Execution Vulnerability

Storage Spaces Controller Elevation of Privilege Vulnerability

CVE-2021-40489 7.8 - High - October 13, 2021

Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-41345.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-40467 7.8 - High - October 13, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40466.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-40466 7.8 - High - October 13, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40467.

Improper Privilege Management

Windows Fast FAT File System Driver Information Disclosure Vulnerability

CVE-2021-41343 5.5 - Medium - October 13, 2021

Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662.

Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2021-41342 8.8 - High - October 13, 2021

Windows MSHTML Platform Remote Code Execution Vulnerability

Windows Graphics Component Remote Code Execution Vulnerability

CVE-2021-41340 7.8 - High - October 13, 2021

Windows Graphics Component Remote Code Execution Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-41335 7.8 - High - October 13, 2021

Windows Kernel Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Print Spooler Information Disclosure Vulnerability

CVE-2021-41332 6.5 - Medium - October 13, 2021

Windows Print Spooler Information Disclosure Vulnerability

Windows Media Audio Decoder Remote Code Execution Vulnerability

CVE-2021-41331 7.8 - High - October 13, 2021

Windows Media Audio Decoder Remote Code Execution Vulnerability

Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability

CVE-2021-40460 6.5 - Medium - October 13, 2021

Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability

Windows Installer Spoofing Vulnerability

CVE-2021-40455 5.5 - Medium - October 13, 2021

Windows Installer Spoofing Vulnerability

Win32k Elevation of Privilege Vulnerability

CVE-2021-40449 7.8 - High - October 13, 2021

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-40443 7.8 - High - October 13, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40466, CVE-2021-40467.

Improper Privilege Management

Windows exFAT File System Information Disclosure Vulnerability

CVE-2021-38663 5.5 - Medium - October 13, 2021

Windows exFAT File System Information Disclosure Vulnerability

Windows Fast FAT File System Driver Information Disclosure Vulnerability

CVE-2021-38662 5.5 - Medium - October 13, 2021

Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41343.

Windows Print Spooler Spoofing Vulnerability

CVE-2021-36970 6.5 - Medium - October 13, 2021

Windows Print Spooler Spoofing Vulnerability

Windows TCP/IP Denial of Service Vulnerability

CVE-2021-36953 7.5 - High - October 13, 2021

Windows TCP/IP Denial of Service Vulnerability

Windows HTTP.sys Elevation of Privilege Vulnerability

CVE-2021-26442 7.8 - High - October 13, 2021

Windows HTTP.sys Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Installer Denial of Service Vulnerability

CVE-2021-36961 6.1 - Medium - September 15, 2021

Windows Installer Denial of Service Vulnerability

Windows SMB Information Disclosure Vulnerability

CVE-2021-36960 7.5 - High - September 15, 2021

Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972.

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-36955 7.8 - High - September 15, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36963, CVE-2021-38633.

Improper Privilege Management

Windows Scripting Engine Memory Corruption Vulnerability

CVE-2021-26435 7.8 - High - September 15, 2021

Windows Scripting Engine Memory Corruption Vulnerability

Memory Corruption

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-40447 7.8 - High - September 15, 2021

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38667, CVE-2021-38671.

Improper Privilege Management

Microsoft MSHTML Remote Code Execution Vulnerability

CVE-2021-40444 7.8 - High - September 15, 2021

Microsoft MSHTML Remote Code Execution Vulnerability

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-38671 7.8 - High - September 15, 2021

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38667, CVE-2021-40447.

Improper Privilege Management

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-38667 7.8 - High - September 15, 2021

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38671, CVE-2021-40447.

Improper Privilege Management

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability

CVE-2021-36969 5.5 - Medium - September 15, 2021

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38635, CVE-2021-38636.

Windows DNS Elevation of Privilege Vulnerability

CVE-2021-36968 7.8 - High - September 15, 2021

Windows DNS Elevation of Privilege Vulnerability

Improper Privilege Management

Windows WLAN AutoConfig Service Remote Code Execution Vulnerability

CVE-2021-36965 9.8 - Critical - September 15, 2021

Windows WLAN AutoConfig Service Remote Code Execution Vulnerability

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-36964 7.8 - High - September 15, 2021

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38630.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-36963 7.8 - High - September 15, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-38633.

Improper Privilege Management

Windows Installer Information Disclosure Vulnerability

CVE-2021-36962 5.5 - Medium - September 15, 2021

Windows Installer Information Disclosure Vulnerability

Win32k Elevation of Privilege Vulnerability

CVE-2021-38639 7.8 - High - September 15, 2021

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36975.

Improper Privilege Management

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2021-38638 7.8 - High - September 15, 2021

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38628.

Improper Privilege Management

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability

CVE-2021-38636 5.5 - Medium - September 15, 2021

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38635.

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-38633 7.8 - High - September 15, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-36963.

Improper Privilege Management

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-38630 7.8 - High - September 15, 2021

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36964.

Improper Privilege Management

Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability

CVE-2021-38629 6.5 - Medium - September 15, 2021

Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2021-38628 7.8 - High - September 15, 2021

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38638.

Improper Privilege Management

Windows Authenticode Spoofing Vulnerability

CVE-2021-36959 3.3 - Low - September 15, 2021

Windows Authenticode Spoofing Vulnerability

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability

CVE-2021-38635 5.5 - Medium - September 15, 2021

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38636.

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-26425 7.8 - High - August 12, 2021

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34486, CVE-2021-34487.

Improper Privilege Management

Windows User Account Profile Picture Elevation of Privilege Vulnerability

CVE-2021-26426 7.8 - High - August 12, 2021

Windows User Account Profile Picture Elevation of Privilege Vulnerability

Improper Privilege Management

Windows TCP/IP Remote Code Execution Vulnerability

CVE-2021-26424 9.8 - Critical - August 12, 2021

Windows TCP/IP Remote Code Execution Vulnerability

Windows Print Spooler Remote Code Execution Vulnerability

CVE-2021-36947 8.8 - High - August 12, 2021

Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36936, CVE-2021-36958.

Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability

CVE-2021-36937 7.8 - High - August 12, 2021

Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability

Windows Print Spooler Remote Code Execution Vulnerability

CVE-2021-36936 9.8 - Critical - August 12, 2021

Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36947, CVE-2021-36958.

Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability

CVE-2021-36932 7.5 - High - August 12, 2021

Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26433, CVE-2021-36926, CVE-2021-36933.

Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability

CVE-2021-36927 7.8 - High - August 12, 2021

Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Bluetooth Driver Elevation of Privilege Vulnerability

CVE-2021-34537 8 - High - August 12, 2021

Windows Bluetooth Driver Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-34483 7.8 - High - August 12, 2021

Windows Print Spooler Elevation of Privilege Vulnerability

Improper Privilege Management

Scripting Engine Memory Corruption Vulnerability

CVE-2021-34480 8.8 - High - August 12, 2021

Scripting Engine Memory Corruption Vulnerability

Memory Corruption

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2021-34535 8.8 - High - August 12, 2021

Remote Desktop Client Remote Code Execution Vulnerability

Windows Graphics Component Font Parsing Remote Code Execution Vulnerability

CVE-2021-34533 7.8 - High - August 12, 2021

Windows Graphics Component Font Parsing Remote Code Execution Vulnerability

Windows User Profile Service Elevation of Privilege Vulnerability

CVE-2021-34484 7.8 - High - August 12, 2021

Windows User Profile Service Elevation of Privilege Vulnerability

Improper Privilege Management

Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2021-34447 8.8 - High - July 16, 2021

Windows MSHTML Platform Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34497.

Windows HTML Platforms Security Feature Bypass Vulnerability

CVE-2021-34446 8.8 - High - July 16, 2021

Windows HTML Platforms Security Feature Bypass Vulnerability

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-34441 7.8 - High - July 16, 2021

Microsoft Windows Media Foundation Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34439, CVE-2021-34503.

GDI+ Information Disclosure Vulnerability

CVE-2021-34440 5.5 - Medium - July 16, 2021

GDI+ Information Disclosure Vulnerability

Windows Remote Access Connection Manager Information Disclosure Vulnerability

CVE-2021-34457 5.5 - Medium - July 16, 2021

Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34454.

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2021-34456 7.8 - High - July 16, 2021

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33761, CVE-2021-33773, CVE-2021-34445.

Improper Privilege Management

Scripting Engine Memory Corruption Vulnerability

CVE-2021-34448 8.8 - High - July 16, 2021

Scripting Engine Memory Corruption Vulnerability

Memory Corruption

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-34481 7.8 - High - July 16, 2021

Windows Print Spooler Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Installer Spoofing Vulnerability

CVE-2021-33765 5.5 - Medium - July 14, 2021

Windows Installer Spoofing Vulnerability

Windows DNS Snap-in Remote Code Execution Vulnerability

CVE-2021-33756 8.8 - High - July 14, 2021

Windows DNS Snap-in Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33749, CVE-2021-33750, CVE-2021-33752.

Windows TCP/IP Driver Denial of Service Vulnerability

CVE-2021-31183 7.5 - High - July 14, 2021

Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-33772, CVE-2021-34490.

Windows SMB Information Disclosure Vulnerability

CVE-2021-33783 6.5 - Medium - July 14, 2021

Windows SMB Information Disclosure Vulnerability

Windows Authenticode Spoofing Vulnerability

CVE-2021-33782 5.5 - Medium - July 14, 2021

Windows Authenticode Spoofing Vulnerability

Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability

CVE-2021-33757 9.8 - Critical - July 14, 2021

Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability

Windows DNS Snap-in Remote Code Execution Vulnerability

CVE-2021-33752 8.8 - High - July 14, 2021

Windows DNS Snap-in Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33749, CVE-2021-33750, CVE-2021-33756.

Windows DNS Snap-in Remote Code Execution Vulnerability

CVE-2021-33750 8.8 - High - July 14, 2021

Windows DNS Snap-in Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33749, CVE-2021-33752, CVE-2021-33756.

Windows DNS Snap-in Remote Code Execution Vulnerability

CVE-2021-33749 8.8 - High - July 14, 2021

Windows DNS Snap-in Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33750, CVE-2021-33752, CVE-2021-33756.

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-31979 7.8 - High - July 14, 2021

Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33771, CVE-2021-34514.

Improper Privilege Management

Windows GDI Elevation of Privilege Vulnerability

CVE-2021-34498 7.8 - High - July 14, 2021

Windows GDI Elevation of Privilege Vulnerability

Improper Privilege Management

Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2021-34497 8.8 - High - July 14, 2021

Windows MSHTML Platform Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34447.

Windows GDI Information Disclosure Vulnerability

CVE-2021-34496 5.5 - Medium - July 14, 2021

Windows GDI Information Disclosure Vulnerability

Windows LSA Denial of Service Vulnerability

CVE-2021-33788 7.5 - High - July 14, 2021

Windows LSA Denial of Service Vulnerability

Windows Remote Assistance Information Disclosure Vulnerability

CVE-2021-34507 6.5 - Medium - July 14, 2021

Windows Remote Assistance Information Disclosure Vulnerability

Windows Address Book Remote Code Execution Vulnerability

CVE-2021-34504 7.8 - High - July 14, 2021

Windows Address Book Remote Code Execution Vulnerability

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2021-34500 7.7 - High - July 14, 2021

Windows Kernel Memory Information Disclosure Vulnerability

Windows Certificate Spoofing Vulnerability

CVE-2021-34492 8.1 - High - July 14, 2021

Windows Certificate Spoofing Vulnerability

Bowser.sys Denial of Service Vulnerability

CVE-2021-34476 7.5 - High - July 14, 2021

Bowser.sys Denial of Service Vulnerability

Win32k Elevation of Privilege Vulnerability

CVE-2021-34516 7.8 - High - July 14, 2021

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34449.

Improper Privilege Management

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-34514 7.8 - High - July 14, 2021

Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-33771.

Improper Privilege Management

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-34511 7.8 - High - July 14, 2021

Windows Installer Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Print Spooler Remote Code Execution Vulnerability

CVE-2021-34527 8.8 - High - July 02, 2021

Windows Print Spooler Remote Code Execution Vulnerability

Improper Privilege Management

Windows HTML Platform Security Feature Bypass Vulnerability

CVE-2021-31971 8.8 - High - June 08, 2021

Windows HTML Platform Security Feature Bypass Vulnerability

Windows GPSVC Elevation of Privilege Vulnerability

CVE-2021-31973 7.8 - High - June 08, 2021

Windows GPSVC Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Remote Desktop Services Denial of Service Vulnerability

CVE-2021-31968 7.5 - High - June 08, 2021

Windows Remote Desktop Services Denial of Service Vulnerability

Kerberos AppContainer Security Feature Bypass Vulnerability

CVE-2021-31962 9.8 - Critical - June 08, 2021

Kerberos AppContainer Security Feature Bypass Vulnerability

Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2021-33742 8.8 - High - June 08, 2021

Windows MSHTML Platform Remote Code Execution Vulnerability

Windows NTLM Elevation of Privilege Vulnerability

CVE-2021-31958 8.8 - High - June 08, 2021

Windows NTLM Elevation of Privilege Vulnerability

Improper Privilege Management

Windows NTFS Elevation of Privilege Vulnerability

CVE-2021-31956 7.8 - High - June 08, 2021

Windows NTFS Elevation of Privilege Vulnerability

Improper Privilege Management

Scripting Engine Memory Corruption Vulnerability

CVE-2021-31959 7.8 - High - June 08, 2021

Scripting Engine Memory Corruption Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-31954 7.8 - High - June 08, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Filter Manager Elevation of Privilege Vulnerability

CVE-2021-31953 7.8 - High - June 08, 2021

Windows Filter Manager Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-1675 8.8 - High - June 08, 2021

Windows Print Spooler Elevation of Privilege Vulnerability

Improper Privilege Management

The 802.11 standard

CVE-2020-24588 3.5 - Low - May 11, 2021

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.

Missing Authentication for Critical Function

Hyper-V Remote Code Execution Vulnerability

CVE-2021-28476 9.9 - Critical - May 11, 2021

Hyper-V Remote Code Execution Vulnerability