Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 2013-11-12 |
Product | Windows 8.1 | Last view | 2021-01-12 |
Version | - | Type | Os |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:o:microsoft:windows_8.1 |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.8 | 2021-01-12 | CVE-2021-1710 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
7.8 | 2021-01-12 | CVE-2021-1709 | Windows Win32k Elevation of Privilege Vulnerability |
5.7 | 2021-01-12 | CVE-2021-1708 | Windows GDI+ Information Disclosure Vulnerability |
8.8 | 2021-01-12 | CVE-2021-1706 | Windows LUAFV Elevation of Privilege Vulnerability |
7.8 | 2021-01-12 | CVE-2021-1702 | Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability |
8.8 | 2021-01-12 | CVE-2021-1701 | Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700. |
8.8 | 2021-01-12 | CVE-2021-1700 | Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1701. |
5.5 | 2021-01-12 | CVE-2021-1699 | Windows (modem.sys) Information Disclosure Vulnerability |
5.5 | 2021-01-12 | CVE-2021-1696 | Windows Graphics Component Information Disclosure Vulnerability |
7.8 | 2021-01-12 | CVE-2021-1695 | Windows Print Spooler Elevation of Privilege Vulnerability |
9.8 | 2021-01-12 | CVE-2021-1694 | Windows Update Stack Elevation of Privilege Vulnerability |
7.8 | 2021-01-12 | CVE-2021-1693 | Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688. |
7.8 | 2021-01-12 | CVE-2021-1688 | Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1693. |
5.5 | 2021-01-12 | CVE-2021-1684 | Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683. |
5.5 | 2021-01-12 | CVE-2021-1683 | Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684. |
6.5 | 2021-01-12 | CVE-2021-1679 | Windows CryptoAPI Denial of Service Vulnerability |
7.5 | 2021-01-12 | CVE-2021-1678 | NTLM Security Feature Bypass Vulnerability |
5.5 | 2021-01-12 | CVE-2021-1676 | Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability |
8.8 | 2021-01-12 | CVE-2021-1674 | Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability |
8.8 | 2021-01-12 | CVE-2021-1673 | Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1700, CVE-2021-1701. |
8.8 | 2021-01-12 | CVE-2021-1671 | Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701. |
7.8 | 2021-01-12 | CVE-2021-1668 | Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability |
8.8 | 2021-01-12 | CVE-2021-1667 | Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701. |
8.8 | 2021-01-12 | CVE-2021-1666 | Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701. |
7.8 | 2021-01-12 | CVE-2021-1665 | GDI+ Remote Code Execution Vulnerability |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
30% (247) | CWE-269 | Improper Privilege Management |
20% (161) | CWE-200 | Information Exposure |
10% (84) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
8% (65) | CWE-264 | Permissions, Privileges, and Access Controls |
5% (48) | CWE-20 | Improper Input Validation |
2% (23) | CWE-787 | Out-of-bounds Write |
2% (20) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
1% (16) | CWE-665 | Improper Initialization |
1% (13) | CWE-611 | Information Leak Through XML External Entity File Disclosure |
1% (12) | CWE-416 | Use After Free |
1% (12) | CWE-404 | Improper Resource Shutdown or Release |
1% (11) | CWE-125 | Out-of-bounds Read |
1% (9) | CWE-254 | Security Features |
1% (9) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
0% (8) | CWE-19 | Data Handling |
0% (5) | CWE-426 | Untrusted Search Path |
0% (5) | CWE-310 | Cryptographic Issues |
0% (4) | CWE-476 | NULL Pointer Dereference |
0% (4) | CWE-399 | Resource Management Errors |
0% (4) | CWE-287 | Improper Authentication |
0% (3) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
0% (3) | CWE-415 | Double Free |
0% (3) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
0% (3) | CWE-362 | Race Condition |
0% (3) | CWE-347 | Improper Verification of Cryptographic Signature |
SAINT Exploits
Description | Link |
---|---|
Windows OLE Automation Array command execution | More info here |
Windows Media Center command execution | More info here |
Windows OLE Package Manager CPackage::DoVerb() INF File Download Vulnerability | More info here |
ExploitDB Exploits
id | Description |
---|---|
35236 | MS14-064 Microsoft Windows OLE Package Manager Code Execution |
35235 | MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python |
35230 | Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF) |
35229 | Internet Explorer <11 - OLE Automation Array Remote Code Execution |
35216 | MS Office 2007 and 2010 - OLE Arbitrary Command Execution |
35101 | Windows TrackPopupMenu Win32k NULL Pointer Dereference |
35055 | Windows OLE - Remote Code Execution "Sandworm" Exploit (MS14-060) |
35020 | MS14-060 Microsoft Windows OLE Package Manager Code Execution |
35019 | Windows OLE Package Manager SandWorm Exploit |
30397 | Windows Kernel win32k.sys - Integer Overflow (MS13-101) |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0216 | Multiple Vulnerabilities in Microsoft Windows Journal (MS15-098) Severity: Category II - VMSKEY: V0061393 |
2015-A-0215 | Multiple Vulnerabilities in Microsoft Windows Task Management (MS15-102) Severity: Category II - VMSKEY: V0061391 |
2015-A-0212 | Multiple Vulnerabilities in Microsoft Graphics Component (MS15-097) Severity: Category II - VMSKEY: V0061385 |
2015-B-0112 | Microsoft Media Center Remote Code Execution Vulnerability (MS15-100) Severity: Category II - VMSKEY: V0061373 |
2015-A-0197 | Microsoft Command Line Parameter Information Disclosure Vulnerability (MS15-088) Severity: Category II - VMSKEY: V0061313 |
2015-A-0196 | Multiple Vulnerabilities in Microsoft Graphics Component (MS15-080) Severity: Category II - VMSKEY: V0061311 |
2015-A-0194 | Multiple Vulnerabilities in Microsoft Office (MS15-081) Severity: Category II - VMSKEY: V0061307 |
2015-A-0193 | Multiple Privilege Escalation Vulnerabilities in Microsoft Windows (MS15-090) Severity: Category II - VMSKEY: V0061305 |
2015-A-0192 | Microsoft Windows Mount Manager Privilege Escalation Vulnerability (MS15-085) Severity: Category I - VMSKEY: V0061303 |
2015-A-0190 | Multiple Vulnerabilities in Microsoft Remote Desktop Protocol (RDP) (MS15-082) Severity: Category II - VMSKEY: V0061299 |
2015-A-0188 | Cumulative Security Update for Microsoft Internet Explorer (MS15-079) Severity: Category I - VMSKEY: V0061297 |
2015-B-0096 | Microsoft WebDAV Information Disclosure Vulnerability (MS15-089) Severity: Category II - VMSKEY: V0061285 |
2015-A-0169 | Multiple Vulnerabilities in Microsoft OLE (MS15-075) Severity: Category II - VMSKEY: V0061103 |
2015-A-0165 | Microsoft Remote Procedure Call (RPC) Privilege Escalation Vulnerability (MS1... Severity: Category II - VMSKEY: V0061093 |
2015-A-0164 | Microsoft Windows Installer Privilege Escalation Vulnerability (MS15-074) Severity: Category II - VMSKEY: V0061095 |
2015-A-0162 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-073) Severity: Category II - VMSKEY: V0061097 |
2015-A-0168 | Microsoft Graphics Component Privilege Escalation Vulnerability (MS15-072) Severity: Category II - VMSKEY: V0061105 |
2015-B-0091 | Multiple Vulnerabilities in Microsoft Hyper-V (MS15-068) Severity: Category II - VMSKEY: V0061119 |
2015-A-0167 | Multiple Vulnerabilities in Microsoft Windows (MS15-069) Severity: Category II - VMSKEY: V0061129 |
2015-A-0125 | Microsoft Common Controls Could Allow Remote Code Execution Vulnerability (MS... Severity: Category II - VMSKEY: V0060943 |
2015-A-0111 | Microsoft SChannel Information Disclosure Vulnerability (MS15-055) Severity: Category I - VMSKEY: V0060659 |
2015-A-0108 | Multiple Vulnerabilities in Microsoft Windows Kernel-Mode Driver (MS15-051) Severity: Category II - VMSKEY: V0060653 |
2015-A-0107 | Microsoft Service Control Manager Privilege Escalation Vulnerability (MS15-050) Severity: Category II - VMSKEY: V0060651 |
2015-A-0092 | Microsoft Windows HTTP stack Remote Code Execution Vulnerability (MS15-034) Severity: Category I - VMSKEY: V0059899 |
2015-A-0091 | Multiple Vulnerabilities in Microsoft Windows (MS15-038) Severity: Category II - VMSKEY: V0059897 |
Snort® IPS/IDS
Date | Description |
---|---|
2021-01-12 | Microsoft Windows SMB2 SET_INFO information disclosure attempt RuleID : 56571 - Type : OS-WINDOWS - Revision : 1 |
2021-01-08 | Microsoft Windows SMB authenticated remote code execution attempt RuleID : 56562 - Type : OS-WINDOWS - Revision : 1 |
2021-01-08 | Microsoft Windows SMB authenticated remote code execution attempt RuleID : 56561 - Type : OS-WINDOWS - Revision : 1 |
2020-12-12 | Windows Network File System denial of service attempt RuleID : 56309 - Type : PROTOCOL-RPC - Revision : 1 |
2020-12-10 | Microsoft Windows NFS read procedure remote code execution attempt RuleID : 56302 - Type : OS-WINDOWS - Revision : 1 |
2020-12-10 | Microsoft Windows NFS read procedure remote code execution attempt RuleID : 56301 - Type : OS-WINDOWS - Revision : 1 |
2020-12-10 | Microsoft Windows Common Log Files System driver privilege escalation attempt RuleID : 56296 - Type : FILE-OTHER - Revision : 1 |
2020-12-10 | Microsoft Windows Common Log Files System driver privilege escalation attempt RuleID : 56295 - Type : FILE-OTHER - Revision : 1 |
2020-12-10 | Microsoft Windows Win32k elevation of privilege attempt RuleID : 56262 - Type : OS-WINDOWS - Revision : 1 |
2020-12-10 | Microsoft Windows Win32k elevation of privilege attempt RuleID : 56261 - Type : OS-WINDOWS - Revision : 1 |
2020-12-08 | Microsoft Windows Kernel Cryptography Driver privilege escalation attempt RuleID : 56231 - Type : OS-WINDOWS - Revision : 1 |
2020-12-08 | Microsoft Windows Kernel Cryptography Driver privilege escalation attempt RuleID : 56230 - Type : OS-WINDOWS - Revision : 1 |
2020-11-12 | Microsoft Windows digital signature spoofing attempt RuleID : 55983 - Type : OS-WINDOWS - Revision : 1 |
2020-11-12 | Microsoft Windows digital signature spoofing attempt RuleID : 55982 - Type : OS-WINDOWS - Revision : 1 |
2020-10-06 | Microsoft Windows kernel DirectComposition use after free attempt RuleID : 55162 - Type : OS-WINDOWS - Revision : 1 |
2020-10-06 | Microsoft Windows kernel DirectComposition use after free attempt RuleID : 55161 - Type : OS-WINDOWS - Revision : 1 |
2020-10-06 | Microsoft Windows win32k kernel driver use after free attempt RuleID : 55144 - Type : OS-WINDOWS - Revision : 1 |
2020-10-06 | Microsoft Windows win32k kernel driver use after free attempt RuleID : 55143 - Type : OS-WINDOWS - Revision : 1 |
2020-10-06 | Microsoft Windows CLFS Driver elevation of privilege attempt RuleID : 55142 - Type : FILE-OTHER - Revision : 1 |
2020-10-06 | Microsoft Windows CLFS Driver elevation of privilege attempt RuleID : 55141 - Type : FILE-OTHER - Revision : 1 |
2020-10-01 | Microsoft Windows Win32k local privilege escalation attempt RuleID : 54919 - Type : OS-WINDOWS - Revision : 1 |
2020-10-01 | Microsoft Windows Win32k local privilege escalation attempt RuleID : 54918 - Type : OS-WINDOWS - Revision : 1 |
2020-09-19 | Windows print spooler elevation of privilege attempt RuleID : 54820 - Type : OS-WINDOWS - Revision : 1 |
2020-09-19 | Windows print spooler elevation of privilege attempt RuleID : 54819 - Type : OS-WINDOWS - Revision : 1 |
2020-09-19 | Windows Print Spooler elevation of privilege attempt RuleID : 54818 - Type : OS-WINDOWS - Revision : 1 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-09-11 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macos_ms18_sep_office.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048952.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048953.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048954.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048955.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048956.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048957.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048958.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048959.nasl - Type: ACT_GATHER_INFO |
2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_win2008.nasl - Type: ACT_GATHER_INFO |
2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_aug_4034668.nasl - Type: ACT_GATHER_INFO |
2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_jul_4025338.nasl - Type: ACT_GATHER_INFO |
2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4042895.nasl - Type: ACT_GATHER_INFO |
2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_sep_4038781.nasl - Type: ACT_GATHER_INFO |
2017-10-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_win2008.nasl - Type: ACT_GATHER_INFO |
2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041676.nasl - Type: ACT_GATHER_INFO |
2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041681.nasl - Type: ACT_GATHER_INFO |
2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041689.nasl - Type: ACT_GATHER_INFO |
2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041690.nasl - Type: ACT_GATHER_INFO |
2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041691.nasl - Type: ACT_GATHER_INFO |
2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041693.nasl - Type: ACT_GATHER_INFO |
2017-09-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_sep_4038777.nasl - Type: ACT_GATHER_INFO |
2017-09-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_sep_4038782.nasl - Type: ACT_GATHER_INFO |
2017-09-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_sep_4038783.nasl - Type: ACT_GATHER_INFO |
2017-09-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_sep_4038788.nasl - Type: ACT_GATHER_INFO |