| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mismanages process tokens, which allows local users to gain privileges via a crafted application, aka "Windows CSRSS Security Feature Bypass Vulnerability." |
| The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability." |
| The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability." |
| The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2511, CVE-2015-2517, and CVE-2015-2518. |
| Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," as exploited in the wild in August 2015. |
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability |
| Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability |
| Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability |
| Windows User Interface Application Core Remote Code Execution Vulnerability |
| Windows Search Service Elevation of Privilege Vulnerability |
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| Windows NTFS Information Disclosure Vulnerability |
| Windows HMAC Key Derivation Elevation of Privilege Vulnerability |
| Microsoft Remote Registry Service Remote Code Execution Vulnerability |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| ASP.NET Security Feature Bypass Vulnerability |
| Windows Installer Elevation of Privilege Vulnerability |
| Windows Scripting Engine Memory Corruption Vulnerability |
| Microsoft Remote Registry Service Remote Code Execution Vulnerability |
