CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows 7 : Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-41371 2021-11-10 2021-11-10
2.1
None Local Low Not required Partial None None
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38631.
2 CVE-2021-41343 2021-10-13 2021-10-19
2.1
None Local Low Not required Partial None None
Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662.
3 CVE-2021-40455 2021-10-13 2021-10-19
2.1
None Local Low Not required None Partial None
Windows Installer Spoofing Vulnerability
4 CVE-2021-38663 2021-10-13 2021-10-19
2.1
None Local Low Not required Partial None None
Windows exFAT File System Information Disclosure Vulnerability
5 CVE-2021-38636 2021-09-15 2021-09-26
2.1
None Local Low Not required Partial None None
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38635.
6 CVE-2021-38635 2021-09-15 2021-09-28
2.1
None Local Low Not required Partial None None
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38636.
7 CVE-2021-38631 2021-11-10 2021-11-12
2.1
None Local Low Not required Partial None None
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41371.
8 CVE-2021-36969 2021-09-15 2021-09-25
2.1
None Local Low Not required Partial None None
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38635, CVE-2021-38636.
9 CVE-2021-34496 2021-07-14 2021-07-19
2.1
None Local Low Not required Partial None None
Windows GDI Information Disclosure Vulnerability
10 CVE-2021-34457 2021-07-16 2021-07-22
2.1
None Local Low Not required Partial None None
Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34454.
11 CVE-2021-34440 2021-07-16 2021-07-22
2.1
None Local Low Not required Partial None None
GDI+ Information Disclosure Vulnerability
12 CVE-2021-33765 2021-07-14 2021-07-16
2.1
None Local Low Not required None Partial None
Windows Installer Spoofing Vulnerability
13 CVE-2021-31188 269 2021-05-11 2021-05-17
2.1
None Local Low Not required Partial None None
Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31170.
14 CVE-2021-31184 200 +Info 2021-05-11 2021-05-17
2.1
None Local Low Not required Partial None None
Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability
15 CVE-2021-28447 Bypass 2021-04-13 2021-09-14
2.1
None Local Low Not required None Partial None
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-27094.
16 CVE-2021-28446 2021-04-13 2021-04-20
2.1
None Local Low Not required Partial None None
Windows Portmapping Information Disclosure Vulnerability
17 CVE-2021-28443 DoS 2021-04-13 2021-04-20
2.1
None Local Low Not required None None Partial
Windows Console Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-28438.
18 CVE-2021-28437 2021-04-13 2021-04-19
2.1
None Local Low Not required Partial None None
Windows Installer Information Disclosure Vulnerability
19 CVE-2021-28318 200 +Info 2021-04-13 2021-04-15
2.1
None Local Low Not required Partial None None
Windows GDI+ Information Disclosure Vulnerability
20 CVE-2021-28317 200 +Info 2021-04-13 2021-04-15
2.1
None Local Low Not required Partial None None
Microsoft Windows Codecs Library Information Disclosure Vulnerability
21 CVE-2021-28316 Bypass 2021-04-13 2021-04-15
2.1
None Local Low Not required Partial None None
Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
22 CVE-2021-28309 200 +Info 2021-04-13 2021-04-15
2.1
None Local Low Not required Partial None None
Windows Kernel Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-27093.
23 CVE-2021-27093 200 +Info 2021-04-13 2021-04-16
2.1
None Local Low Not required Partial None None
Windows Kernel Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28309.
24 CVE-2021-26869 200 +Info 2021-03-11 2021-03-15
2.1
None Local Low Not required Partial None None
Windows ActiveX Installer Service Information Disclosure Vulnerability
25 CVE-2021-26413 2021-04-13 2021-04-20
2.1
None Local Low Not required None Partial None
Windows Installer Spoofing Vulnerability
26 CVE-2021-24107 2021-03-11 2021-03-17
2.1
None Local Low Not required Partial None None
Windows Event Tracing Information Disclosure Vulnerability
27 CVE-2021-1699 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows (modem.sys) Information Disclosure Vulnerability
28 CVE-2021-1676 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
29 CVE-2021-1656 2021-01-12 2021-01-19
2.1
None Local Low Not required Partial None None
TPM Device Driver Information Disclosure Vulnerability
30 CVE-2020-24588 306 2021-05-11 2021-10-28
2.9
None Local Network Medium Not required None Partial None
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
31 CVE-2020-17098 2020-12-10 2021-03-03
2.1
None Local Low Not required Partial None None
Windows GDI+ Information Disclosure Vulnerability
32 CVE-2020-17069 2020-11-11 2020-11-16
2.1
None Local Low Not required Partial None None
Windows NDIS Information Disclosure Vulnerability
33 CVE-2020-17004 2020-11-11 2020-11-18
2.1
None Local Low Not required Partial None None
Windows Graphics Component Information Disclosure Vulnerability
34 CVE-2020-17000 2020-11-11 2020-11-18
2.1
None Local Low Not required Partial None None
Remote Desktop Protocol Client Information Disclosure Vulnerability
35 CVE-2020-16922 347 2020-10-16 2020-10-20
2.1
None Local Low Not required None Partial None
A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows Spoofing Vulnerability'.
36 CVE-2020-16914 200 +Info 2020-10-16 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'.
37 CVE-2020-16897 2020-10-16 2020-10-22
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory, aka 'NetBT Information Disclosure Vulnerability'.
38 CVE-2020-16889 200 +Info 2020-10-16 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory, aka 'Windows KernelStream Information Disclosure Vulnerability'.
39 CVE-2020-1599 2020-11-11 2020-11-24
2.1
None Local Low Not required None Partial None
Windows Spoofing Vulnerability
40 CVE-2020-1596 327 2020-09-11 2020-09-21
2.9
None Local Network Medium Not required Partial None None
A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka 'TLS Information Disclosure Vulnerability'.
41 CVE-2020-1589 200 +Info 2020-09-11 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1033, CVE-2020-1592, CVE-2020-16854.
42 CVE-2020-1485 200 +Info 2020-08-17 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory, aka 'Windows Image Acquisition Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1474.
43 CVE-2020-1474 200 +Info 2020-08-17 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory, aka 'Windows Image Acquisition Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1485.
44 CVE-2020-1464 347 2020-08-17 2020-08-21
2.1
None Local Low Not required None Partial None
A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows Spoofing Vulnerability'.
45 CVE-2020-1419 119 Overflow 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1389, CVE-2020-1426.
46 CVE-2020-1389 200 +Info 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1419, CVE-2020-1426.
47 CVE-2020-1383 200 +Info 2020-08-17 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled, aka 'Windows RRAS Service Information Disclosure Vulnerability'.
48 CVE-2020-1351 200 +Info 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.
49 CVE-2020-1263 200 +Info 2020-06-09 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1261.
50 CVE-2020-1250 200 +Info 2020-09-11 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0941.
Total number of vulnerabilities : 238   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.