Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2015-04-14 |
| Product | Windows 8.1 | Last view | 2021-10-13 |
| Version | - | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | x64 | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_8.1 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2021-10-13 | CVE-2021-40465 | Windows Text Shaping Remote Code Execution Vulnerability |
| 6.5 | 2021-10-13 | CVE-2021-40463 | Windows NAT Denial of Service Vulnerability |
| 6.5 | 2021-10-13 | CVE-2021-40460 | Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability |
| 5.5 | 2021-10-13 | CVE-2021-40455 | Windows Installer Spoofing Vulnerability |
| 5.5 | 2021-10-13 | CVE-2021-40454 | Rich Text Edit Control Information Disclosure Vulnerability |
| 7.8 | 2021-10-13 | CVE-2021-40449 | Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357. |
| 7.8 | 2021-10-13 | CVE-2021-40443 | Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40466, CVE-2021-40467. |
| 5.5 | 2021-10-13 | CVE-2021-38663 | Windows exFAT File System Information Disclosure Vulnerability |
| 5.5 | 2021-10-13 | CVE-2021-38662 | Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41343. |
| 6.5 | 2021-10-13 | CVE-2021-36970 | Windows Print Spooler Spoofing Vulnerability |
| 7.5 | 2021-10-13 | CVE-2021-36953 | Windows TCP/IP Denial of Service Vulnerability |
| 7.8 | 2021-10-13 | CVE-2021-26441 | Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345. |
| 9.9 | 2021-05-11 | CVE-2021-28476 | Hyper-V Remote Code Execution Vulnerability |
| 6.5 | 2021-04-13 | CVE-2021-28444 | Windows Hyper-V Security Feature Bypass Vulnerability |
| 7.5 | 2021-03-11 | CVE-2021-26879 | Windows NAT Denial of Service Vulnerability |
| 5.5 | 2021-02-25 | CVE-2021-24076 | Microsoft Windows VMSwitch Information Disclosure Vulnerability |
| 7.8 | 2021-01-12 | CVE-2021-1704 | Windows Hyper-V Elevation of Privilege Vulnerability |
| 7.7 | 2021-01-12 | CVE-2021-1692 | Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-1691. |
| 5.5 | 2020-09-11 | CVE-2020-16854 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1033, CVE-2020-1589, CVE-2020-1592. |
| 7.8 | 2020-09-11 | CVE-2020-1598 | An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. |
| 5.3 | 2020-09-11 | CVE-2020-1596 | A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka 'TLS Information Disclosure Vulnerability'. |
| 8.8 | 2020-09-11 | CVE-2020-1593 | A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects, aka 'Windows Media Audio Decoder Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1508. |
| 5.5 | 2020-09-11 | CVE-2020-1589 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1033, CVE-2020-1592, CVE-2020-16854. |
| 7.8 | 2020-09-11 | CVE-2020-1559 | An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations, aka 'Windows Storage Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0886. |
| 7.8 | 2020-09-11 | CVE-2020-0998 | An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 52% (20) | CWE-20 | Improper Input Validation |
| 15% (6) | CWE-269 | Improper Privilege Management |
| 10% (4) | CWE-200 | Information Exposure |
| 2% (1) | CWE-787 | Out-of-bounds Write |
| 2% (1) | CWE-434 | Unrestricted Upload of File with Dangerous Type |
| 2% (1) | CWE-346 | Origin Validation Error |
| 2% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
| 2% (1) | CWE-312 | Cleartext Storage of Sensitive Information |
| 2% (1) | CWE-295 | Certificate Issues |
| 2% (1) | CWE-284 | Access Control (Authorization) Issues |
| 2% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-B-0111 | Microsoft Hyper-V Security Bypass Vulnerability (MS15-105) Severity: Category II - VMSKEY: V0061371 |
| 2015-B-0049 | Microsoft Windows Hyper-V Denial of Service Vulnerability (MS15-042) Severity: Category II - VMSKEY: V0059909 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-10-08 | Microsoft Windows kernel driver escalation of privilege attempt RuleID : 55188 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-08 | Microsoft Windows kernel driver escalation of privilege attempt RuleID : 55187 - Type : OS-WINDOWS - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54533 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54532 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54531 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54530 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54529 - Type : FILE-OTHER - Revision : 1 |
| 2020-08-13 | Microsoft Windows Address Book Contact file integer overflow attempt RuleID : 54528 - Type : FILE-OTHER - Revision : 1 |
| 2020-06-11 | Microsoft Windows Win32k privilege escalation attempt RuleID : 53933 - Type : OS-WINDOWS - Revision : 1 |
| 2020-06-11 | Microsoft Windows Win32k privilege escalation attempt RuleID : 53932 - Type : OS-WINDOWS - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-06-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_jun_win2008.nasl - Type: ACT_GATHER_INFO |
| 2017-06-13 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_jun_4022715.nasl - Type: ACT_GATHER_INFO |
| 2017-06-13 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_jun_4022719.nasl - Type: ACT_GATHER_INFO |
| 2017-06-13 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_jun_4022724.nasl - Type: ACT_GATHER_INFO |
| 2017-06-13 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_jun_4022726.nasl - Type: ACT_GATHER_INFO |
| 2015-09-08 | Name: The remote Windows host is affected by a security bypass vulnerability. File: smb_nt_ms15-105.nasl - Type: ACT_GATHER_INFO |
| 2015-04-14 | Name: The remote Windows host is affected by a denial of service vulnerability. File: smb_nt_ms15-042.nasl - Type: ACT_GATHER_INFO |
