Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-10 | CVE-2016-0050 | Improper Input Validation vulnerability in Microsoft Windows Server 2008 and Windows Server 2012 Network Policy Server (NPS) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 misparses username queries, which allows remote attackers to cause a denial of service (RADIUS authentication outage) via crafted requests, aka "Network Policy Server RADIUS Implementation Denial of Service Vulnerability." | 5.3 |
| 2016-02-10 | CVE-2016-0049 | Credentials Management vulnerability in Microsoft products Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypass authentication by deploying a crafted Key Distribution Center (KDC) and then performing a sign-in action, aka "Windows Kerberos Security Feature Bypass." | 6.2 |
| 2016-02-10 | CVE-2016-0048 | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | 7.8 |
| 2016-02-10 | CVE-2016-0047 | Information Exposure vulnerability in Microsoft .Net Framework WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to obtain sensitive information from process memory via crafted icon data, aka "Windows Forms Information Disclosure Vulnerability." | 7.5 |
| 2016-02-10 | CVE-2016-0046 | Improper Input Validation vulnerability in Microsoft Windows 10, Windows 8.1 and Windows Server 2012 Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Reader file, aka "Microsoft Windows Reader Vulnerability." | 7.8 |
| 2016-02-10 | CVE-2016-0044 | Improper Input Validation vulnerability in Microsoft Windows 8.1, Windows RT 8.1 and Windows Server 2012 Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows remote attackers to cause a denial of service (SyncShareSvc service outage) via crafted "change batch" data, aka "Windows DLL Loading Denial of Service Vulnerability." | 7.5 |
| 2016-02-10 | CVE-2016-0042 | Unspecified vulnerability in Microsoft products Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote Code Execution Vulnerability." | 7.8 |
| 2016-02-10 | CVE-2016-0041 | Unspecified vulnerability in Microsoft products Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." | 7.8 |
| 2016-02-10 | CVE-2016-0040 | Unspecified vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability." | 7.8 |
| 2016-02-10 | CVE-2016-0039 | Cross-site Scripting vulnerability in Microsoft Sharepoint Foundation 2013 Cross-site scripting (XSS) vulnerability in SharePoint Server in Microsoft SharePoint Foundation 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability." | 6.1 |