Microsoft Windows 8.1 vulnerabilities
1,054 known vulnerabilities affecting microsoft/windows_8.1.
Total CVEs
1,054
CISA KEV
40
actively exploited
Public exploits
38
Exploited in wild
49
Severity breakdown
CRITICAL31HIGH764MEDIUM256LOW3
Vulnerabilities
Page 53 of 53
CVE-2018-1004HIGHCVSS 8.8v32-bit systemsvx64-based systems2018-04-12
CVE-2018-1004 [HIGH] CWE-787 CVE-2018-1004: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10.
nvd
CVE-2018-8116MEDIUMCVSS 5.5v32-bit systemsvx64-based systems2018-04-12
CVE-2018-8116 [MEDIUM] CVE-2018-8116: A denial of service vulnerability exists in the way that Windows handles objects in memory, aka "Mic
A denial of service vulnerability exists in the way that Windows handles objects in memory, aka "Microsoft Graphics Component Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
nvd
CVE-2018-0976MEDIUMCVSS 5.3v32-bit systemsvx64-based systems2018-04-12
CVE-2018-0976 [MEDIUM] CVE-2018-0976: A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka "Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.
nvd
CVE-2018-0887MEDIUMCVSS 5.5v32-bit systemsvx64-based systems2018-04-12
CVE-2018-0887 [MEDIUM] CWE-665 CVE-2018-0887: An information disclosure vulnerability exists when the Windows kernel fails to properly initialize
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, W
nvd
CVE-2017-0298HIGHCVSS 7.3vrt2017-06-15
CVE-2017-0298 [HIGH] CVE-2017-0298: A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window
A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016, when configured to run as the interactive user, allows an authenticated attacker to run arbitrary code in another user's session, aka "Windows COM
nvd
CVE-2017-0296HIGHCVSS 7.8vrt2017-06-15
CVE-2017-0296 [HIGH] CWE-120 CVE-2017-0296: Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows TDX Elevation of Privilege Vulnerabil
nvd
CVE-2017-0283HIGHCVSS 8.8PoCvrt2017-06-15
CVE-2017-0283 [HIGH] CVE-2017-0283: Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gol
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for Business 2016, Microsoft Silverlight 5 Developer Runtime when instal
nvd
CVE-2017-0193HIGHCVSS 7.8vrt2017-06-15
CVE-2017-0193 [HIGH] CWE-755 CVE-2017-0193: Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows
Windows Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to gain elevated privileges on a target guest operating system when Windows Hyper-V instruction emulation fails to properly enforce pri
nvd
CVE-2017-8468HIGHCVSS 7.8vrt2017-06-15
CVE-2017-8468 [HIGH] CVE-2017-8468: Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Windows kernel improperly handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-8465.
nvd
CVE-2017-8465HIGHCVSS 7.8vrt2017-06-15
CVE-2017-8465 [HIGH] CWE-281 CVE-2017-8465: Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Windows kernel improperly handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-8468.
nvd
CVE-2017-0299MEDIUMCVSS 5.0PoCvrt2017-06-15
CVE-2017-0299 [MEDIUM] CVE-2017-0299: The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Serv
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vu
nvd
CVE-2017-0300MEDIUMCVSS 5.0PoCvrt2017-06-15
CVE-2017-0300 [MEDIUM] CVE-2017-0300: The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Serv
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vu
nvd
CVE-2017-8474MEDIUMCVSS 5.0vrt2017-06-15
CVE-2017-8474 [MEDIUM] CVE-2017-8474: The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012
The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerabili
nvd
CVE-2017-0297MEDIUMCVSS 5.0vrt2017-06-15
CVE-2017-0297 [MEDIUM] CWE-200 CVE-2017-0297: The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012
The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vul
nvd
← Previous53 / 53