Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Server 2012
Subscriptions
Total
3509 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-3173 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2024-11-21 | N/A |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overwrite Vulnerability." | ||||
CVE-2013-3163 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2024-11-21 | 8.8 High |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3151. | ||||
CVE-2013-3129 | 1 Microsoft | 14 .net Framework, Lync, Lync Basic and 11 more | 2024-11-21 | N/A |
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT; GDI+ in Office 2003 SP3, 2007 SP3, and 2010 SP1; GDI+ in Visual Studio .NET 2003 SP1; and GDI+ in Lync 2010, 2010 Attendee, 2013, and Basic 2013 allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability." | ||||
CVE-2013-3128 | 1 Microsoft | 9 .net Framework, Windows 7, Windows 8 and 6 more | 2024-11-21 | N/A |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitrary code via a crafted OpenType font (OTF) file, aka "OpenType Font Parsing Vulnerability." | ||||
CVE-2013-2551 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2024-11-21 | 8.8 High |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309. | ||||
CVE-2013-2251 | 5 Apache, Fujitsu, Microsoft and 2 more | 21 Archiva, Struts, Gp-s and 18 more | 2024-11-21 | 9.8 Critical |
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix. | ||||
CVE-2013-1712 | 2 Microsoft, Mozilla | 7 Windows 7, Windows 8, Windows Server 2008 and 4 more | 2024-11-21 | N/A |
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 allow local users to gain privileges via a Trojan horse DLL in (1) the update directory or (2) the current working directory. | ||||
CVE-2013-1345 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2024-11-21 | N/A |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Vulnerability." | ||||
CVE-2013-1344 | 1 Microsoft | 8 Windows 2003 Server, Windows 7, Windows 8 and 5 more | 2024-11-21 | N/A |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1343, CVE-2013-3864, and CVE-2013-3865. | ||||
CVE-2013-1343 | 1 Microsoft | 8 Windows 2003 Server, Windows 7, Windows 8 and 5 more | 2024-11-21 | N/A |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1342, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. | ||||
CVE-2013-1342 | 1 Microsoft | 8 Windows 2003 Server, Windows 7, Windows 8 and 5 more | 2024-11-21 | N/A |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multiple Fetch Vulnerability," a different vulnerability than CVE-2013-1343, CVE-2013-1344, CVE-2013-3864, and CVE-2013-3865. | ||||
CVE-2013-1340 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2024-11-21 | 8.4 High |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Dereference Vulnerability." | ||||
CVE-2013-1339 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2024-11-21 | N/A |
The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly manage memory during deletion of printer connections, which allows remote authenticated users to execute arbitrary code via a crafted request, aka "Print Spooler Vulnerability." | ||||
CVE-2013-1334 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2024-11-21 | N/A |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Window Handle Vulnerability." | ||||
CVE-2013-1332 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2024-11-21 | N/A |
dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability." | ||||
CVE-2013-1305 | 1 Microsoft | 3 Windows 8, Windows Rt, Windows Server 2012 | 2024-11-21 | N/A |
HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability." | ||||
CVE-2013-1300 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2024-11-21 | N/A |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Allocation Vulnerability." | ||||
CVE-2013-1299 | 1 Microsoft | 4 Modern Mail, Windows 8, Windows Rt and 1 more | 2024-11-21 | N/A |
Microsoft Windows Modern Mail allows remote attackers to spoof link targets via a crafted HTML e-mail message. | ||||
CVE-2013-1294 | 1 Microsoft | 8 Windows 7, Windows 8, Windows Rt and 5 more | 2024-11-21 | N/A |
Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability." | ||||
CVE-2013-1292 | 1 Microsoft | 6 Windows 7, Windows 8, Windows Rt and 3 more | 2024-11-21 | 7.4 High |
Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability." |