Microsoft Windows 7
By the Year
In 2023 there have been 56 vulnerabilities in Microsoft Windows 7 with an average score of 7.5 out of ten. Last year Windows 7 had 315 security vulnerabilities published. Right now, Windows 7 is on track to have less security vulnerabilities in 2023 than it did last year. Last year, the average CVE base score was greater by 0.01
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 56 | 7.54 |
| 2022 | 315 | 7.55 |
| 2021 | 254 | 7.70 |
| 2020 | 386 | 7.42 |
| 2019 | 322 | 7.25 |
| 2018 | 164 | 6.53 |
It may take a day or so for new Windows 7 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows 7 Security Vulnerabilities
Windows 7 is vulnerable to a full blind TCP/IP hijacking attack
CVE-2023-34367
6.5 - Medium
- June 14, 2023
Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in Windows 7 (any Windows until Windows 8) and in any implementation of TCP/IP, which is vulnerable to the Idle scan attack (including many IoT devices). NOTE: The vendor considers this a low severity issue.
authentification
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2022-35758
5.5 - Medium
- May 31, 2023
Windows Kernel Memory Information Disclosure Vulnerability
Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
CVE-2022-35744
9.8 - Critical
- May 31, 2023
Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
Win32k Elevation of Privilege Vulnerability
CVE-2022-35750
7.8 - High
- May 31, 2023
Win32k Elevation of Privilege Vulnerability
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2022-35751
7.8 - High
- May 31, 2023
Windows Hyper-V Elevation of Privilege Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-35752
8.1 - High
- May 31, 2023
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-35753
8.1 - High
- May 31, 2023
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Unified Write Filter Elevation of Privilege Vulnerability
CVE-2022-35754
6.7 - Medium
- May 31, 2023
Unified Write Filter Elevation of Privilege Vulnerability
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-35756
7.8 - High
- May 31, 2023
Windows Kerberos Elevation of Privilege Vulnerability
Windows Local Security Authority (LSA) Denial of Service Vulnerability
CVE-2022-35759
6.5 - Medium
- May 31, 2023
Windows Local Security Authority (LSA) Denial of Service Vulnerability
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
CVE-2022-35743
7.8 - High
- May 31, 2023
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Code Injection
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-35745
8.1 - High
- May 31, 2023
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
CVE-2022-35747
5.9 - Medium
- May 31, 2023
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
BitLocker Security Feature Bypass Vulnerability
CVE-2023-21563
6.8 - Medium
- January 10, 2023
BitLocker Security Feature Bypass Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21675
7.8 - High
- January 10, 2023
Windows Kernel Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21678
7.8 - High
- January 10, 2023
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
CVE-2023-21679
8.1 - High
- January 10, 2023
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
Race Condition
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2023-21730
7.8 - High
- January 10, 2023
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2023-21524
7.8 - High
- January 10, 2023
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-21525
5.3 - Medium
- January 10, 2023
Remote Procedure Call Runtime Denial of Service Vulnerability
Windows iSCSI Service Denial of Service Vulnerability
CVE-2023-21527
7.5 - High
- January 10, 2023
Windows iSCSI Service Denial of Service Vulnerability
Windows Win32k Elevation of Privilege Vulnerability
CVE-2023-21680
7.8 - High
- January 10, 2023
Windows Win32k Elevation of Privilege Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-21681
8.8 - High
- January 10, 2023
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Windows GDI Elevation of Privilege Vulnerability
CVE-2023-21532
7 - High
- January 10, 2023
Windows GDI Elevation of Privilege Vulnerability
Windows GDI Elevation of Privilege Vulnerability
CVE-2023-21552
7.8 - High
- January 10, 2023
Windows GDI Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
CVE-2023-21555
8.1 - High
- January 10, 2023
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
CVE-2023-21556
8.1 - High
- January 10, 2023
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2023-21557
7.5 - High
- January 10, 2023
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
Resource Exhaustion
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
CVE-2023-21537
7.8 - High
- January 10, 2023
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
Windows SMB Witness Service Elevation of Privilege Vulnerability
CVE-2023-21549
8.8 - High
- January 10, 2023
Windows SMB Witness Service Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
CVE-2023-21543
8.1 - High
- January 10, 2023
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
CVE-2023-21546
8.1 - High
- January 10, 2023
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
Race Condition
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2023-21548
8.1 - High
- January 10, 2023
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2023-21561
7.8 - High
- January 10, 2023
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Task Scheduler Elevation of Privilege Vulnerability
CVE-2023-21541
7.8 - High
- January 10, 2023
Windows Task Scheduler Elevation of Privilege Vulnerability
Windows Installer Elevation of Privilege Vulnerability
CVE-2023-21542
7 - High
- January 10, 2023
Windows Installer Elevation of Privilege Vulnerability
Race Condition
Windows Boot Manager Security Feature Bypass Vulnerability
CVE-2023-21560
6.6 - Medium
- January 10, 2023
Windows Boot Manager Security Feature Bypass Vulnerability
AuthZ
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-21732
8.8 - High
- January 10, 2023
Microsoft ODBC Driver Remote Code Execution Vulnerability
Windows Netlogon Denial of Service Vulnerability
CVE-2023-21728
7.5 - High
- January 10, 2023
Windows Netlogon Denial of Service Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21772
7.8 - High
- January 10, 2023
Windows Kernel Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Credential Manager User Interface Elevation of Privilege Vulnerability
CVE-2023-21726
7.8 - High
- January 10, 2023
Windows Credential Manager User Interface Elevation of Privilege Vulnerability
Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability
CVE-2023-21682
5.3 - Medium
- January 10, 2023
Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21773
7.8 - High
- January 10, 2023
Windows Kernel Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21765
7.8 - High
- January 10, 2023
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21760
7.1 - High
- January 10, 2023
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
CVE-2023-21757
7.5 - High
- January 10, 2023
Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21755
7.8 - High
- January 10, 2023
Windows Kernel Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21754
7.8 - High
- January 10, 2023
Windows Kernel Elevation of Privilege Vulnerability
Windows Backup Service Elevation of Privilege Vulnerability
CVE-2023-21752
7.1 - High
- January 10, 2023
Windows Backup Service Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21774
7.8 - High
- January 10, 2023
Windows Kernel Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Kernel Information Disclosure Vulnerability
CVE-2023-21776
5.5 - Medium
- January 10, 2023
Windows Kernel Information Disclosure Vulnerability
Windows NTLM Elevation of Privilege Vulnerability
CVE-2023-21746
7.8 - High
- January 10, 2023
Windows NTLM Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21747
7.8 - High
- January 10, 2023
Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21748
7.8 - High
- January 10, 2023
Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21749
7.8 - High
- January 10, 2023
Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21750
7.1 - High
- January 10, 2023
Windows Kernel Elevation of Privilege Vulnerability
Windows Media Remote Code Execution Vulnerability
CVE-2022-44668
7.8 - High
- December 13, 2022
Windows Media Remote Code Execution Vulnerability
Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2022-44675
7.8 - High
- December 13, 2022
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Windows Media Remote Code Execution Vulnerability
CVE-2022-44667
7.8 - High
- December 13, 2022
Windows Media Remote Code Execution Vulnerability
Windows Contacts Remote Code Execution Vulnerability
CVE-2022-44666
7.8 - High
- December 13, 2022
Windows Contacts Remote Code Execution Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-41121
7.8 - High
- December 13, 2022
Windows Graphics Component Elevation of Privilege Vulnerability
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2022-41094
7.8 - High
- December 13, 2022
Windows Hyper-V Elevation of Privilege Vulnerability
Windows Fax Compose Form Elevation of Privilege Vulnerability
CVE-2022-41077
7.8 - High
- December 13, 2022
Windows Fax Compose Form Elevation of Privilege Vulnerability
PowerShell Remote Code Execution Vulnerability
CVE-2022-41076
8.5 - High
- December 13, 2022
PowerShell Remote Code Execution Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-41074
5.5 - Medium
- December 13, 2022
Windows Graphics Component Information Disclosure Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44697
7.8 - High
- December 13, 2022
Windows Graphics Component Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-44681
7.8 - High
- December 13, 2022
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-44678
7.8 - High
- December 13, 2022
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-44676
8.1 - High
- December 13, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Race Condition
Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2022-44673
7 - High
- December 13, 2022
Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-44670
8.1 - High
- December 13, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
TOCTTOU
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2022-41049
5.4 - Medium
- November 09, 2022
Windows Mark of the Web Security Feature Bypass Vulnerability
Improper Privilege Management
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-41086
6.4 - Medium
- November 09, 2022
Windows Group Policy Elevation of Privilege Vulnerability
Race Condition
Windows Scripting Languages Remote Code Execution Vulnerability
CVE-2022-41118
7.5 - High
- November 09, 2022
Windows Scripting Languages Remote Code Execution Vulnerability
Race Condition
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
CVE-2022-41125
7.8 - High
- November 09, 2022
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
Memory Corruption
Windows Scripting Languages Remote Code Execution Vulnerability
CVE-2022-41128
8.8 - High
- November 09, 2022
Windows Scripting Languages Remote Code Execution Vulnerability
Memory Corruption
Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2022-41058
7.5 - High
- November 09, 2022
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2022-41057
7.8 - High
- November 09, 2022
Windows HTTP.sys Elevation of Privilege Vulnerability
Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability
CVE-2022-41056
7.5 - High
- November 09, 2022
Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-41048
8.8 - High
- November 09, 2022
Microsoft ODBC Driver Remote Code Execution Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-41047
8.8 - High
- November 09, 2022
Microsoft ODBC Driver Remote Code Execution Vulnerability
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-41045
7.8 - High
- November 09, 2022
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Race Condition
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41044
8.1 - High
- November 09, 2022
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41039
8.1 - High
- November 09, 2022
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-37992
7.8 - High
- November 09, 2022
Windows Group Policy Elevation of Privilege Vulnerability
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
CVE-2022-41116
5.9 - Medium
- November 09, 2022
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
Race Condition
Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-41109
7.8 - High
- November 09, 2022
Windows Win32k Elevation of Privilege Vulnerability
Windows Kerberos Denial of Service Vulnerability
CVE-2022-41053
7.5 - High
- November 09, 2022
Windows Kerberos Denial of Service Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-41073
7.8 - High
- November 09, 2022
Windows Print Spooler Elevation of Privilege Vulnerability
Memory Corruption
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
CVE-2022-41090
5.9 - Medium
- November 09, 2022
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
Race Condition
Windows GDI+ Information Disclosure Vulnerability
CVE-2022-41098
5.5 - Medium
- November 09, 2022
Windows GDI+ Information Disclosure Vulnerability
Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability
CVE-2022-41097
6.5 - Medium
- November 09, 2022
Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability
Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2022-41095
7.8 - High
- November 09, 2022
Windows Digital Media Receiver Elevation of Privilege Vulnerability
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41081
8.1 - High
- October 11, 2022
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047.
Windows Print Spooler Elevation of Privilege Vulnerability.
CVE-2022-38028
7.8 - High
- October 11, 2022
Windows Print Spooler Elevation of Privilege Vulnerability.
Microsoft ODBC Driver Remote Code Execution Vulnerability.
CVE-2022-38040
8.8 - High
- October 11, 2022
Microsoft ODBC Driver Remote Code Execution Vulnerability.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38038
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38039.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38037
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38038, CVE-2022-38039.
Windows Workstation Service Elevation of Privilege Vulnerability.
CVE-2022-38034
8.8 - High
- October 11, 2022
Windows Workstation Service Elevation of Privilege Vulnerability.
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-38031
8.8 - High
- October 11, 2022
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37982.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows Server 2022 or by Microsoft? Click the Watch button to subscribe.
