Search
Total
3952 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-0019 | 1 Microsoft | 1 Windows 10 | 2018-10-30 | 9.3 HIGH | 8.1 HIGH |
| The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka "Windows Remote Desktop Protocol Security Bypass Vulnerability." | |||||
| CVE-2016-0009 | 1 Microsoft | 4 Windows 10, Windows 7, Windows Server 2008 and 1 more | 2018-10-30 | 9.3 HIGH | 8.8 HIGH |
| Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka "Win32k Remote Code Execution Vulnerability." | |||||
| CVE-2018-8239 | 1 Microsoft | 3 Windows 10, Windows Server 1803, Windows Server 2016 | 2018-10-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | |||||
| CVE-2018-8218 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2018-10-30 | 6.8 MEDIUM | 7.7 HIGH |
| A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows 10, Windows 10 Servers. | |||||
| CVE-2017-0299 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2018-10-30 | 1.9 LOW | 5.0 MEDIUM |
| The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE-2017-8483, CVE-2017-8482, CVE-2017-8481, CVE-2017-8480, CVE-2017-8478, CVE-2017-8479, CVE-2017-8476, CVE-2017-8474, CVE-2017-8469, CVE-2017-8462, CVE-2017-0300, and CVE-2017-0297. | |||||
| CVE-2015-6175 | 1 Microsoft | 1 Windows 10 | 2018-10-30 | 7.2 HIGH | N/A |
| The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability." | |||||
| CVE-2018-12826 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Mac Os X, Chrome Os and 7 more | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12827 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Mac Os X, Chrome Os and 7 more | 2018-10-30 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12824 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Flash Player Desktop Runtime, Mac Os X and 8 more | 2018-10-29 | 4.3 MEDIUM | 5.9 MEDIUM |
| Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-0023 | 1 Microsoft | 5 Edge, Windows 10, Windows 8.1 and 2 more | 2018-10-17 | 7.6 HIGH | 7.5 HIGH |
| The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability." | |||||
| CVE-2016-7890 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy. | |||||
| CVE-2016-7892 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7881 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7880 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7869 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7868 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7867 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7870 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7879 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7878 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7876 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Clipboard class related to data handling functionality. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7877 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7875 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7874 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7873 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the PSDK class related to ad policy functionality method. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7872 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7871 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player For Linux, Mac Os X and 5 more | 2018-10-12 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7274 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 9.3 HIGH | 8.8 HIGH |
| Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability." | |||||
| CVE-2016-7273 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2018-10-12 | 9.3 HIGH | 8.8 HIGH |
| The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability." | |||||
| CVE-2016-7272 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 9.3 HIGH | 8.8 HIGH |
| The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability." | |||||
| CVE-2016-7271 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2018-10-12 | 4.6 MEDIUM | 7.8 HIGH |
| The Secure Kernel Mode implementation in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to bypass the virtual trust level (VTL) protection mechanism via a crafted application, aka "Secure Kernel Mode Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7260 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 7.2 HIGH | 7.8 HIGH |
| The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7259 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 7.2 HIGH | 7.8 HIGH |
| The Graphics Component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7258 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2018-10-12 | 2.1 LOW | 5.5 MEDIUM |
| The kernel in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 mishandles page-fault system calls, which allows local users to obtain sensitive information from arbitrary processes via a crafted application, aka "Windows Kernel Memory Address Information Disclosure Vulnerability." | |||||
| CVE-2016-7256 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 9.3 HIGH | 8.8 HIGH |
| atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Open Type Font Remote Code Execution Vulnerability." | |||||
| CVE-2016-7255 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 7.2 HIGH | 7.8 HIGH |
| The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7248 | 1 Microsoft | 5 Windows 10, Windows 7, Windows 8.1 and 2 more | 2018-10-12 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Video Control Remote Code Execution Vulnerability." | |||||
| CVE-2016-7247 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2018-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow physically proximate attackers to bypass the Secure Boot protection mechanism via a crafted boot policy, aka "Secure Boot Component Vulnerability." | |||||
| CVE-2016-7246 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2018-10-12 | 7.2 HIGH | 7.8 HIGH |
| The kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7238 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 7.2 HIGH | 7.8 HIGH |
| Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandle caching for NTLM password-change requests, which allows local users to gain privileges via a crafted application, aka "Windows NTLM Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7237 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote authenticated users to cause a denial of service (system hang) via a crafted request, aka "Local Security Authority Subsystem Service Denial of Service Vulnerability." | |||||
| CVE-2016-7226 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2018-10-12 | 3.6 LOW | 6.1 MEDIUM |
| Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7225 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2018-10-12 | 3.6 LOW | 6.1 MEDIUM |
| Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7224 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2018-10-12 | 3.6 LOW | 6.1 MEDIUM |
| Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7223 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2018-10-12 | 3.6 LOW | 6.1 MEDIUM |
| Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7222 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2018-10-12 | 7.2 HIGH | 7.8 HIGH |
| Task Scheduler in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to gain privileges via a crafted UNC pathname in a task, aka "Task Scheduler Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7221 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 7.2 HIGH | 7.8 HIGH |
| Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles DLL loading, which allows local users to gain privileges via unspecified vectors, aka "Windows IME Elevation of Privilege Vulnerability." | |||||
| CVE-2016-7220 | 1 Microsoft | 1 Windows 10 | 2018-10-12 | 2.1 LOW | 3.3 LOW |
| Virtual Secure Mode in Microsoft Windows 10 allows local users to obtain sensitive information via a crafted application, aka "Virtual Secure Mode Information Disclosure Vulnerability." | |||||
| CVE-2016-7219 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 2.1 LOW | 5.5 MEDIUM |
| The Crypto driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, aka "Windows Crypto Driver Information Disclosure Vulnerability." | |||||
| CVE-2016-7218 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2018-10-12 | 1.9 LOW | 4.7 MEDIUM |
| Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, aka "Windows Bowser.sys Information Disclosure Vulnerability." | |||||