cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2012-5362,https://securityvulnerability.io/vulnerability/CVE-2012-5362,,"The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669.",Microsoft,"Windows 7,Windows Vista,Windows Xp,Windows Server 2003",7.5,HIGH,0.00203999993391335,false,false,false,false,,false,false,2020-02-20T14:22:34.000Z,0
CVE-2012-5364,https://securityvulnerability.io/vulnerability/CVE-2012-5364,,The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.,Microsoft,"Windows 7,Windows Vista,Windows Xp,Windows Server 2003",7.5,HIGH,0.00203999993391335,false,false,false,false,,false,false,2020-02-20T14:16:52.000Z,0
CVE-2019-1489,https://securityvulnerability.io/vulnerability/CVE-2019-1489,,"An information disclosure vulnerability exists when the Windows Remote Desktop Protocol (RDP) fails to properly handle objects in memory, aka 'Remote Desktop Protocol Information Disclosure Vulnerability'.",Microsoft,Microsoft Windows Xp Service Pack 3,7.5,HIGH,0.012040000408887863,false,false,false,false,,false,false,2019-12-10T21:41:07.000Z,0
CVE-2017-0176,https://securityvulnerability.io/vulnerability/CVE-2017-0176,,"A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled.",Microsoft,"Microsoft Windows Server 2003 Sp1, Sp2 Windows Xp - Sp3",8.1,HIGH,0.7160800099372864,false,false,false,false,,false,false,2017-06-22T14:00:00.000Z,0
CVE-2014-4971,https://securityvulnerability.io/vulnerability/CVE-2014-4971,,"Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.",Microsoft,Windows Xp,,,0.0013099999632686377,false,false,false,false,,false,false,2014-07-26T15:00:00.000Z,0
CVE-2014-0315,https://securityvulnerability.io/vulnerability/CVE-2014-0315,,"Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka ""Windows File Handling Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2008,Windows Server 2012,Windows Rt,Windows 8.1,Windows 7,Windows Rt 8.1,Windows Vista,Windows 8,Windows Server 2003",,,0.9122200012207031,false,false,false,false,,false,false,2014-04-08T23:55:00.000Z,0
CVE-2014-0300,https://securityvulnerability.io/vulnerability/CVE-2014-0300,,"win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka ""Win32k Elevation of Privilege Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2008,Windows Server 2012,Windows Rt,Windows 8.1,Windows 7,Windows Rt 8.1,Windows Vista,Windows 8,Windows Server 2003",,,0.0004299999854993075,false,false,false,false,,false,false,2014-03-12T01:00:00.000Z,0
CVE-2014-0301,https://securityvulnerability.io/vulnerability/CVE-2014-0301,,"Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via a crafted JPEG image, aka ""DirectShow Memory Corruption Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2008,Windows Server 2012,Windows 8.1,Windows 7,Windows Vista,Windows 8,Windows Server 2003",,,0.15910999476909637,false,false,false,false,,false,false,2014-03-12T01:00:00.000Z,0
CVE-2014-0317,https://securityvulnerability.io/vulnerability/CVE-2014-0317,,"The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka ""SAMR Security Feature Bypass Vulnerability.""",Microsoft,"Windows Server 2008,Windows Xp,Windows Server 2003,Windows Vista,Windows Server 2012",,,0.023409999907016754,false,false,false,false,,false,false,2014-03-12T01:00:00.000Z,0
CVE-2014-0323,https://securityvulnerability.io/vulnerability/CVE-2014-0323,,"win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (system hang) via a crafted application, aka ""Win32k Information Disclosure Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2008,Windows Server 2012,Windows Rt,Windows 8.1,Windows 7,Windows Rt 8.1,Windows Vista,Windows 8,Windows Server 2003",,,0.00044999999227002263,false,false,false,false,,false,false,2014-03-12T01:00:00.000Z,0
CVE-2014-0266,https://securityvulnerability.io/vulnerability/CVE-2014-0266,,"The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to bypass the Same Origin Policy via a web page that is visited in Internet Explorer, aka ""MSXML Information Disclosure Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2008,Windows Server 2012,Windows Rt,Windows 8.1,Windows 7,Windows Rt 8.1,Windows Vista,Windows 8,Windows Server 2003",,,0.7895399928092957,false,false,false,false,,false,false,2014-02-12T02:00:00.000Z,0
CVE-2013-5058,https://securityvulnerability.io/vulnerability/CVE-2013-5058,,"Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges via a crafted application, aka ""Win32k Integer Overflow Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2008,Windows Server 2012,Windows Rt,Windows 8.1,Windows 7,Windows Rt 8.1,Windows Vista,Windows 8,Windows Server 2003",,,0.0006600000197067857,false,false,false,false,,false,false,2013-12-11T00:00:00.000Z,0
CVE-2013-3899,https://securityvulnerability.io/vulnerability/CVE-2013-3899,,"win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate addresses, which allows local users to gain privileges via a crafted application, aka ""Win32k Memory Corruption Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2003",,,0.0004299999854993075,false,false,false,false,,false,false,2013-12-11T00:00:00.000Z,0
CVE-2013-3878,https://securityvulnerability.io/vulnerability/CVE-2013-3878,,"Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges by operating an LRPC server that sends a crafted LPC port message, aka ""LRPC Client Buffer Overrun Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2003",,,0.0004299999854993075,false,false,false,false,,false,false,2013-12-11T00:00:00.000Z,0
CVE-2013-5056,https://securityvulnerability.io/vulnerability/CVE-2013-5056,,"Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that is visited with Internet Explorer, aka ""Use-After-Free Vulnerability in Microsoft Scripting Runtime Object Library.""",Microsoft,"Windows Server 2008,Windows Server 2012,Windows Rt,Windows 8.1,Windows Xp,Windows 7,Windows Rt 8.1,Windows Vista,Windows 8,Windows Server 2003",,,0.7985699772834778,false,false,false,false,,false,false,2013-12-11T00:00:00.000Z,0
CVE-2013-5065,https://securityvulnerability.io/vulnerability/CVE-2013-5065,,"NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013.",Microsoft,"Windows Xp,Windows 2003 Server",7.8,HIGH,0.28554001450538635,true,false,false,true,true,false,false,2013-11-28T00:55:00.000Z,0
CVE-2013-3876,https://securityvulnerability.io/vulnerability/CVE-2013-3876,,"DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly verify server X.509 certificates, which allows man-in-the-middle attackers to spoof servers and read encrypted domain credentials via a crafted certificate.",Microsoft,"Windows Xp,Windows Server 2008,Windows Server 2012,Windows Rt,Windows 8.1,Windows Vista,Windows 7,Windows Rt 8.1,Windows 8,Windows Server 2003",,,0.0022799998987466097,false,false,false,false,,false,false,2013-11-18T03:55:00.000Z,0
CVE-2013-3887,https://securityvulnerability.io/vulnerability/CVE-2013-3887,,"The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows local users to obtain sensitive information from kernel memory by leveraging improper copy operations, aka ""Ancillary Function Driver Information Disclosure Vulnerability.""",Microsoft,"Windows Server 2008,Windows Xp,Windows Server 2003,Windows Vista,Windows 7,Windows 8,Windows Server 2012",,,0.0006799999973736703,false,false,false,false,,false,false,2013-11-13T00:00:00.000Z,0
CVE-2013-3940,https://securityvulnerability.io/vulnerability/CVE-2013-3940,,"Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image in a Windows Write (.wri) document, which is not properly handled in WordPad, aka ""Graphics Device Interface Integer Overflow Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2008,Windows Server 2012,Windows Rt,Windows 8.1,Windows 7,Windows Rt 8.1,Windows Vista,Windows 8,Windows Server 2003",,,0.7783499956130981,false,false,false,false,,false,false,2013-11-13T00:00:00.000Z,0
CVE-2013-3869,https://securityvulnerability.io/vulnerability/CVE-2013-3869,,"Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to cause a denial of service (daemon hang) via a web-service request containing a crafted X.509 certificate that is not properly handled during validation, aka ""Digital Signatures Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2008,Windows Server 2012,Windows Rt,Windows 8.1,Windows 7,Windows Rt 8.1,Windows Vista,Windows 8,Windows Server 2003",,,0.20927999913692474,false,false,false,false,,false,false,2013-11-13T00:00:00.000Z,0
CVE-2013-3918,https://securityvulnerability.io/vulnerability/CVE-2013-3918,,"The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted web page that is accessed by Internet Explorer, as exploited in the wild in November 2013, aka ""InformationCardSigninHelper Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2008,Windows Server 2012,Windows Rt,Windows 7,Windows 8.1,Windows Rt 8.1,Windows Vista,Windows 8,Windows Server 2003",,,0.964169979095459,false,false,false,false,,false,false,2013-11-12T01:00:00.000Z,0
CVE-2013-3195,https://securityvulnerability.io/vulnerability/CVE-2013-3195,,"The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted value in an argument to an ASP.NET web application, aka ""Comctl32 Integer Overflow Vulnerability.""",Microsoft,"Windows Server 2008,Windows Rt,Windows Xp,Windows 8,Windows 7,Windows Server 2003,Windows Vista,Windows Server 2012",,,0.707099974155426,false,false,false,false,,false,false,2013-10-09T14:44:00.000Z,0
CVE-2013-3879,https://securityvulnerability.io/vulnerability/CVE-2013-3879,,"Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka ""Win32k Use After Free Vulnerability.""",Microsoft,"Windows Server 2008,Windows Rt,Windows Xp,Windows 8,Windows 7,Windows Server 2003,Windows Vista,Windows Server 2012",,,0.0008999999845400453,false,false,false,false,,false,false,2013-10-09T14:44:00.000Z,0
CVE-2013-3128,https://securityvulnerability.io/vulnerability/CVE-2013-3128,,"The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitrary code via a crafted OpenType font (OTF) file, aka ""OpenType Font Parsing Vulnerability.""",Microsoft,"Windows Xp,Windows Server 2008,Windows 7,Windows Rt,Windows 8,Windows Vista,Windows Server 2012,Windows Server 2003",,,0.4826200008392334,false,false,false,false,,false,false,2013-10-09T14:44:00.000Z,0
CVE-2013-3200,https://securityvulnerability.io/vulnerability/CVE-2013-3200,,"The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka ""Windows USB Descriptor Vulnerability.""",Microsoft,"Windows Server 2008,Windows Rt,Windows Xp,Windows 8,Windows 7,Windows Server 2003,Windows Vista,Windows Server 2012",,,0.003640000009909272,false,false,false,false,,false,false,2013-10-09T14:44:00.000Z,0