Vulnerabilities > Microsoft > Windows Vista > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-20 | CVE-2012-5364 | Resource Exhaustion vulnerability in Microsoft products The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. | 7.5 |
| 2020-02-20 | CVE-2012-5362 | Resource Exhaustion vulnerability in Microsoft products The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669. | 7.5 |
| 2018-02-26 | CVE-2018-7249 | Use After Free vulnerability in multiple products An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. | 7.0 |
| 2017-04-12 | CVE-2017-0199 | Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." | 7.8 |
| 2017-04-12 | CVE-2017-0166 | Incorrect Calculation of Buffer Size vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. | 8.1 |
| 2017-04-12 | CVE-2017-0158 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability." | 7.5 |
| 2017-04-12 | CVE-2017-0155 | Unspecified vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Graphics Elevation of Privilege Vulnerability." | 7.0 |
| 2017-03-17 | CVE-2017-0147 | The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability." | 7.5 |
| 2017-03-17 | CVE-2017-0109 | Improper Input Validation vulnerability in Microsoft products Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0075. | 7.6 |
| 2017-03-17 | CVE-2017-0108 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014. | 7.8 |