| Max CVSS | 10.0 | Min CVSS | 1.5 | Total Count | 2059 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-8619 | 7.6 |
Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corrupt
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8618 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Internet Explorer in the way affected Microsoft scrip
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8617 | 7.6 |
Microsoft Edge in Windows 10 1703 Microsoft Edge allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8610 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Cor
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8609 | 7.6 |
Microsoft Internet Explorer in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8608 | 7.6 |
Microsoft browsers in Microsoft Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the c
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8607 | 7.6 |
Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the conte
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8606 | 7.6 |
Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the conte
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8605 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Mi
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8604 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsof
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8603 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsof
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8601 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Mi
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8598 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Mi
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8596 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8595 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Mi
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8594 | 7.6 |
Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the current user when Internet Explorer improperly accesses objects in memory, aka "Internet Expl
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8589 | 10.0 |
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windo
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8588 | 7.6 |
Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the w
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8584 | 7.9 |
Windows 10 1607 and Windows Server 2016 allow an attacker to execute code remotely via a specially crafted WiFi packet aka "HoloLens Remote Code Execution Vulnerability."
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8570 | 9.3 |
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8565 | 9.3 |
Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObje
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8502 | 9.3 |
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8501.
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8501 | 9.3 |
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8502.
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8463 | 9.3 |
Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way i
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-0243 | 9.3 |
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8570.
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
| CVE-2017-8558 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10
|
29-06-2017 - 09:29 | 29-06-2017 - 09:29 | |
| CVE-2014-6354 | 7.6 |
Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 allows remote attackers to execute arbitrary code.
|
27-06-2017 - 16:29 | 27-06-2017 - 16:29 | |
| CVE-2017-8549 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engin
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8548 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engin
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8543 | 10.0 |
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8528 | 9.3 |
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows a remote c
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8527 | 9.3 |
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it han
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8524 | 7.6 |
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8522 | 7.6 |
Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when th
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8521 | 7.6 |
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". Thi
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8520 | 7.6 |
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". Thi
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8519 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to execute arbitrary code in the context of the current user when Internet Explorer imprope
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8517 | 7.6 |
Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8513 | 9.3 |
A remote code execution vulnerability exists in Microsoft PowerPoint when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability".
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8512 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8511 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8512, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8510 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8511, CVE-2017-8512, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8509 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8507 | 9.3 |
A remote code execution vulnerability exists in the way Microsoft Office software parses specially crafted email messages, aka "Microsoft Office Memory Corruption Vulnerability".
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8506 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8499 | 7.6 |
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". Thi
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8497 | 7.6 |
Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8496 | 7.6 |
Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8464 | 9.3 |
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers t
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-0294 | 9.3 |
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute remote code when Windows fails to pro
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-0292 | 9.3 |
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-0291 | 9.3 |
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-0283 | 9.3 |
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Wor
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-0260 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
| CVE-2017-8541 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, a
|
26-05-2017 - 16:29 | 26-05-2017 - 16:29 | |
| CVE-2017-8540 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, a
|
26-05-2017 - 16:29 | 26-05-2017 - 16:29 | |
| CVE-2017-8538 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, a
|
26-05-2017 - 16:29 | 26-05-2017 - 16:29 | |
| CVE-2017-0223 | 7.5 |
A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252.
|
15-05-2017 - 13:29 | 15-05-2017 - 13:29 | |
| CVE-2017-0281 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016,
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0279 | 6.8 |
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0278 | 6.8 |
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0277 | 6.8 |
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0272 | 9.3 |
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0266 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0265 | 9.3 |
Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0264 | 9.3 |
Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0262 | 9.3 |
Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-201
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0261 | 9.3 |
Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-201
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0254 | 9.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Servic
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0240 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0238 | 7.6 |
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript scripting engines handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0236 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0235 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0234 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0230 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0229 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0228 | 7.6 |
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229,
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0227 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0226 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0222.
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0224 | 7.6 |
A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0222 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0226.
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0221 | 7.6 |
A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240.
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
| CVE-2017-0290 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, a
|
11-05-2017 - 21:29 | 09-05-2017 - 02:29 | |
| CVE-2017-0199 | 9.3 |
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted do
|
20-04-2017 - 14:23 | 12-04-2017 - 10:59 | |
| CVE-2017-0197 | 9.3 |
Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability."
|
20-04-2017 - 14:11 | 12-04-2017 - 10:59 | |
| CVE-2017-0202 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, a.k.a. "
|
20-04-2017 - 13:47 | 12-04-2017 - 10:59 | |
| CVE-2017-0201 | 7.6 |
A remote code execution vulnerability exists in Internet Explorer in the way that the JScript and VBScript engines render when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary c
|
20-04-2017 - 13:44 | 12-04-2017 - 10:59 | |
| CVE-2017-0205 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "M
|
20-04-2017 - 13:44 | 12-04-2017 - 10:59 | |
| CVE-2017-0200 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "M
|
20-04-2017 - 13:09 | 12-04-2017 - 10:59 | |
| CVE-2017-0181 | 7.4 |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10 or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote C
|
18-04-2017 - 12:38 | 12-04-2017 - 10:59 | |
| CVE-2017-0180 | 7.4 |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This
|
18-04-2017 - 12:35 | 12-04-2017 - 10:59 | |
| CVE-2017-0160 | 7.2 |
Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."
|
18-04-2017 - 10:07 | 12-04-2017 - 10:59 | |
| CVE-2017-0158 | 7.6 |
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption
|
18-04-2017 - 10:06 | 12-04-2017 - 10:59 | |
| CVE-2017-0106 | 9.3 |
Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Offi
|
18-04-2017 - 10:03 | 12-04-2017 - 10:59 | |
| CVE-2017-0162 | 7.4 |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest o
|
17-04-2017 - 15:15 | 12-04-2017 - 10:59 | |
| CVE-2017-0093 | 7.6 |
A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arb
|
17-04-2017 - 15:01 | 12-04-2017 - 10:59 | |
| CVE-2017-0163 | 7.4 |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This
|
17-04-2017 - 14:55 | 12-04-2017 - 10:59 | |
| CVE-2017-0007 | 2.1 |
Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability."
|
04-04-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0037 | 7.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via ve
|
03-04-2017 - 21:59 | 26-02-2017 - 18:59 | |
| CVE-2017-0100 | 4.4 |
A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a craft
|
31-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0005 | 6.9 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
30-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0038 | 4.3 |
gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers
|
27-03-2017 - 21:59 | 20-02-2017 - 11:59 | |
| CVE-2017-0072 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
27-03-2017 - 10:31 | 16-03-2017 - 20:59 | |
| CVE-2017-0063 | 4.3 |
The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2; Windows Server 2008 SP2 and R2; and Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows
|
24-03-2017 - 06:55 | 16-03-2017 - 20:59 | |
| CVE-2017-0025 | 7.2 |
The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain pr
|
24-03-2017 - 06:47 | 16-03-2017 - 20:59 | |
| CVE-2016-0188 | 9.3 |
The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka "Internet Explorer Security Feature Bypass."
|
23-03-2017 - 21:59 | 10-05-2016 - 21:59 | |
| CVE-2016-0164 | 7.6 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
23-03-2017 - 21:59 | 12-04-2016 - 19:59 | |
| CVE-2016-0162 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."
|
23-03-2017 - 21:59 | 12-04-2016 - 19:59 | |
| CVE-2016-0084 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
23-03-2017 - 21:59 | 10-02-2016 - 06:59 | |
| CVE-2016-0080 | 4.3 |
Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass."
|
23-03-2017 - 21:59 | 10-02-2016 - 06:59 | |
| CVE-2016-0049 | 2.1 |
Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypas
|
23-03-2017 - 21:59 | 10-02-2016 - 06:59 | |
| CVE-2017-0053 | 9.3 |
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via
|
23-03-2017 - 13:17 | 16-03-2017 - 20:59 | |
| CVE-2017-0006 | 9.3 |
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Mic
|
23-03-2017 - 13:16 | 16-03-2017 - 20:59 | |
| CVE-2017-0052 | 9.3 |
Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Mic
|
23-03-2017 - 12:51 | 16-03-2017 - 20:59 | |
| CVE-2017-0030 | 9.3 |
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of
|
23-03-2017 - 12:48 | 16-03-2017 - 20:59 | |
| CVE-2017-0027 | 2.6 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office d
|
23-03-2017 - 12:48 | 16-03-2017 - 20:59 | |
| CVE-2017-0020 | 9.3 |
Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corrup
|
23-03-2017 - 12:47 | 16-03-2017 - 20:59 | |
| CVE-2017-0105 | 4.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
23-03-2017 - 12:46 | 16-03-2017 - 20:59 | |
| CVE-2017-0001 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
23-03-2017 - 12:42 | 16-03-2017 - 20:59 | |
| CVE-2017-0014 | 7.6 |
The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
23-03-2017 - 12:42 | 16-03-2017 - 20:59 | |
| CVE-2017-0084 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arb
|
23-03-2017 - 12:37 | 16-03-2017 - 20:59 | |
| CVE-2017-0154 | 5.8 |
Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it into another via a crafted application, aka, "Internet
|
23-03-2017 - 12:34 | 16-03-2017 - 20:59 | |
| CVE-2017-0109 | 7.4 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host
|
22-03-2017 - 18:18 | 16-03-2017 - 20:59 | |
| CVE-2017-0096 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to obtain sensitive information from h
|
22-03-2017 - 18:17 | 16-03-2017 - 20:59 | |
| CVE-2017-0075 | 7.4 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host
|
22-03-2017 - 18:15 | 16-03-2017 - 20:59 | |
| CVE-2017-0108 | 9.3 |
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allo
|
21-03-2017 - 13:55 | 16-03-2017 - 20:59 | |
| CVE-2017-0061 | 2.6 |
The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2, Windows Server 2008 SP2 and R2, and Windows 7 SP1 allows remote attackers to bypass ASLR and execute code in combination with another vulnerability through a
|
21-03-2017 - 13:44 | 16-03-2017 - 20:59 | |
| CVE-2017-0021 | 7.7 |
Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is differ
|
21-03-2017 - 13:40 | 16-03-2017 - 20:59 | |
| CVE-2017-0047 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
21-03-2017 - 13:34 | 16-03-2017 - 20:59 | |
| CVE-2017-0039 | 9.3 |
Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."
|
21-03-2017 - 13:33 | 16-03-2017 - 20:59 | |
| CVE-2017-0095 | 7.9 |
Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This vu
|
21-03-2017 - 11:51 | 16-03-2017 - 20:59 | |
| CVE-2017-0129 | 5.0 |
Microsoft Lync for Mac 2011 fails to properly validate certificates, allowing remote attackers to alter server-client communications, aka "Microsoft Lync for Mac Certificate Validation Vulnerability."
|
21-03-2017 - 11:49 | 16-03-2017 - 20:59 | |
| CVE-2017-0062 | 1.9 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
21-03-2017 - 11:32 | 16-03-2017 - 20:59 | |
| CVE-2017-0060 | 1.9 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
21-03-2017 - 11:32 | 16-03-2017 - 20:59 | |
| CVE-2017-0073 | 4.3 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
20-03-2017 - 17:18 | 16-03-2017 - 20:59 | |
| CVE-2017-0098 | 2.9 |
Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka "Hyper-V Denial of Service Vulnerability." This vulnerabilit
|
20-03-2017 - 17:01 | 16-03-2017 - 20:59 | |
| CVE-2017-0076 | 2.9 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
20-03-2017 - 16:56 | 16-03-2017 - 20:59 | |
| CVE-2017-0099 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to
|
20-03-2017 - 15:24 | 16-03-2017 - 20:59 | |
| CVE-2017-0074 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
20-03-2017 - 15:24 | 16-03-2017 - 20:59 | |
| CVE-2017-0097 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
20-03-2017 - 15:23 | 16-03-2017 - 20:59 | |
| CVE-2017-0057 | 4.3 |
DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convinc
|
20-03-2017 - 15:22 | 16-03-2017 - 20:59 | |
| CVE-2017-0029 | 4.3 |
Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."
|
20-03-2017 - 10:58 | 16-03-2017 - 20:59 | |
| CVE-2017-0104 | 9.3 |
The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerabilit
|
20-03-2017 - 10:54 | 16-03-2017 - 20:59 | |
| CVE-2017-0031 | 9.3 |
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corrupti
|
20-03-2017 - 10:52 | 16-03-2017 - 20:59 | |
| CVE-2017-0107 | 4.3 |
Microsoft SharePoint Server fails to sanitize crafted web requests, allowing remote attackers to run cross-script in local security context, aka "Microsoft SharePoint XSS Vulnerability."
|
20-03-2017 - 10:52 | 16-03-2017 - 20:59 | |
| CVE-2017-0019 | 9.3 |
Microsoft Word 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those describe
|
20-03-2017 - 10:51 | 16-03-2017 - 20:59 | |
| CVE-2017-0066 | 4.0 |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and
|
20-03-2017 - 10:49 | 16-03-2017 - 20:59 | |
| CVE-2017-0147 | 4.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
20-03-2017 - 10:34 | 16-03-2017 - 20:59 | |
| CVE-2017-0018 | 7.6 |
Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different f
|
20-03-2017 - 09:48 | 16-03-2017 - 20:59 | |
| CVE-2017-0015 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:46 | 16-03-2017 - 20:59 | |
| CVE-2017-0132 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:45 | 16-03-2017 - 20:59 | |
| CVE-2017-0137 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:45 | 16-03-2017 - 20:59 | |
| CVE-2017-0071 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:30 | 16-03-2017 - 20:59 | |
| CVE-2017-0035 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:30 | 16-03-2017 - 20:59 | |
| CVE-2017-0138 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:29 | 16-03-2017 - 20:59 | |
| CVE-2017-0134 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:29 | 16-03-2017 - 20:59 | |
| CVE-2017-0151 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:28 | 16-03-2017 - 20:59 | |
| CVE-2017-0136 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:27 | 16-03-2017 - 20:59 | |
| CVE-2017-0094 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:26 | 16-03-2017 - 20:59 | |
| CVE-2017-0133 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:26 | 16-03-2017 - 20:59 | |
| CVE-2017-0141 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:25 | 16-03-2017 - 20:59 | |
| CVE-2017-0067 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:25 | 16-03-2017 - 20:59 | |
| CVE-2017-0131 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:24 | 16-03-2017 - 20:59 | |
| CVE-2017-0010 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:23 | 16-03-2017 - 20:59 | |
| CVE-2017-0032 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:22 | 16-03-2017 - 20:59 | |
| CVE-2017-0150 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:21 | 16-03-2017 - 20:59 | |
| CVE-2017-0070 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:21 | 16-03-2017 - 20:59 | |
| CVE-2017-0130 | 7.6 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This v
|
20-03-2017 - 09:18 | 16-03-2017 - 20:59 | |
| CVE-2017-0008 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those descr
|
19-03-2017 - 21:05 | 16-03-2017 - 20:59 | |
| CVE-2017-0051 | 2.9 |
Microsoft Windows 10 1607 and Windows Server 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Hyper-V Network Switch Denial of Service Vulnerability." This vulnerability is diff
|
19-03-2017 - 21:05 | 16-03-2017 - 20:59 | |
| CVE-2017-0033 | 4.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0
|
19-03-2017 - 20:56 | 16-03-2017 - 20:59 | |
| CVE-2017-0011 | 4.3 |
Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0
|
19-03-2017 - 20:54 | 16-03-2017 - 20:59 | |
| CVE-2017-0017 | 4.3 |
The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability." This vulner
|
19-03-2017 - 20:49 | 16-03-2017 - 20:59 | |
| CVE-2017-0009 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described
|
19-03-2017 - 20:47 | 16-03-2017 - 20:59 | |
| CVE-2017-0065 | 4.3 |
Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CV
|
19-03-2017 - 20:46 | 16-03-2017 - 20:59 | |
| CVE-2017-0149 | 7.6 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is differen
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0148 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0146 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0145 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0144 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0143 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0117 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0116 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0115 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0114 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0113 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0112 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0111 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0092 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0091 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0090 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0089 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0088 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0087 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0086 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0085 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0083 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0069 | 4.3 |
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0068 | 4.3 |
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0059 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those descr
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0049 | 4.3 |
The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different fro
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0040 | 7.6 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This v
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0034 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0023 | 7.6 |
The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerabilit
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0012 | 4.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
| CVE-2017-0003 | 9.3 |
Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
15-03-2017 - 21:59 | 10-01-2017 - 16:59 | |
| CVE-2016-7289 | 9.3 |
Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
15-03-2017 - 21:59 | 20-12-2016 - 01:59 | |
| CVE-2014-4113 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users
|
13-03-2017 - 21:59 | 15-10-2014 - 06:55 | |
| CVE-2016-3210 | 9.3 |
The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
01-03-2017 - 21:59 | 15-06-2016 - 21:59 | |
| CVE-2016-0189 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
23-02-2017 - 21:59 | 10-05-2016 - 21:59 | |
| CVE-2012-0158 | 9.3 |
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005
|
23-02-2017 - 21:59 | 10-04-2012 - 17:55 | |
| CVE-2016-0148 | 7.2 |
Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, which allows local users to gain privileges via a crafted application, aka ".NET Framework Remote Code Execution Vulnerability."
|
19-02-2017 - 01:15 | 12-04-2016 - 19:59 | |
| CVE-2016-7293 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue in a "generally available" software product. Notes: none.
|
16-02-2017 - 11:59 | 16-02-2017 - 11:59 | ||
| CVE-2016-7288 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
10-02-2017 - 21:59 | 20-12-2016 - 01:59 | |
| CVE-2016-7236 | 9.3 |
Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
10-02-2017 - 21:59 | 10-11-2016 - 01:59 | |
| CVE-2016-7234 | 9.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Excel for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Ser
|
10-02-2017 - 21:59 | 10-11-2016 - 01:59 | |
| CVE-2016-7233 | 4.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obt
|
10-02-2017 - 21:59 | 10-11-2016 - 01:59 | |
| CVE-2016-7232 | 9.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
10-02-2017 - 21:59 | 10-11-2016 - 01:59 | |
| CVE-2015-1761 | 6.5 |
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka "S
|
01-02-2017 - 21:59 | 14-07-2015 - 19:59 | |
| CVE-2016-3212 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, aka "Internet Explorer XSS Filter Vulne
|
30-01-2017 - 21:59 | 15-06-2016 - 21:59 | |
| CVE-2016-7201 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
19-01-2017 - 21:59 | 10-11-2016 - 01:59 | |
| CVE-2016-7200 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
19-01-2017 - 21:59 | 10-11-2016 - 01:59 | |
| CVE-2016-7256 | 9.3 |
atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows rem
|
17-01-2017 - 21:59 | 10-11-2016 - 02:00 | |
| CVE-2014-6351 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
11-01-2017 - 15:10 | 11-11-2014 - 17:55 | |
| CVE-2014-6350 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349.
|
11-01-2017 - 15:09 | 11-11-2014 - 17:55 | |
| CVE-2014-6349 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6350.
|
11-01-2017 - 14:40 | 11-11-2014 - 17:55 | |
| CVE-2014-6348 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
11-01-2017 - 14:40 | 11-11-2014 - 17:55 | |
| CVE-2016-0182 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal (aka .jnt) file, aka "Windows Journal Memory Corruption V
|
06-01-2017 - 22:00 | 10-05-2016 - 21:59 | |
| CVE-2014-6353 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6347 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6346 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6345 | 4.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6344 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6343 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6342 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6341 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6340 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6339 | 5.0 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6337 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6335 | 9.3 |
Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Invalid Pointer Remote Code
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6334 | 9.3 |
Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Bad Index Remote Code Execu
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6333 | 9.3 |
Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Double Delete Remote Code Execution Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6332 | 9.3 |
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute ar
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6323 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to obtain sensitive clipboard information via a crafted web site, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-6321 | 10.0 |
Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary cod
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
| CVE-2014-4111 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4110 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4109 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4108 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4107 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4106 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4105 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4104 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4103 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4102 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4101 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4100 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4099 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4098 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4097 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4096 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4095 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4094 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4093 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4092 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4091 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4090 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4089 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4088 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4087 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4086 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4085 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4084 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4083 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4082 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4081 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4080 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4079 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4067 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
| CVE-2014-4065 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4063 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
| CVE-2014-4060 | 6.8 |
Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document th
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
| CVE-2014-4059 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
| CVE-2014-4058 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
| CVE-2014-4057 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
| CVE-2014-4056 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
| CVE-2014-4055 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
| CVE-2014-4052 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
| CVE-2014-4051 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
| CVE-2014-4050 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
| CVE-2014-2827 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2826 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2825 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2824 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2823 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2822 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2821 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2820 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2819 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2818 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2817 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2815 | 9.3 |
Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2811 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2810 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2808 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2799 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 09-09-2014 - 21:55 | |
| CVE-2014-2796 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2784 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-2774 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
| CVE-2014-0325 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that triggers improper processing of CElement objects, aka "Intern
|
06-01-2017 - 21:59 | 03-07-2014 - 10:55 | |
| CVE-2014-0282 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 11-06-2014 - 00:56 | |
| CVE-2013-7331 | 5.8 |
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstra
|
06-01-2017 - 21:59 | 26-02-2014 - 09:55 | |
| CVE-2013-5045 | 6.2 |
Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerabi
|
06-01-2017 - 21:59 | 10-12-2013 - 19:55 | |
| CVE-2015-1624 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
05-01-2017 - 15:39 | 11-03-2015 - 06:59 | |
| CVE-2015-1625 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
05-01-2017 - 15:39 | 11-03-2015 - 06:59 | |
| CVE-2015-1626 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
05-01-2017 - 15:35 | 11-03-2015 - 06:59 | |
| CVE-2015-1652 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
05-01-2017 - 15:31 | 14-04-2015 - 16:59 | |
| CVE-2015-1658 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
05-01-2017 - 15:27 | 13-05-2015 - 06:59 | |
| CVE-2015-1659 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
05-01-2017 - 15:27 | 14-04-2015 - 16:59 | |
| CVE-2015-1665 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
05-01-2017 - 15:27 | 14-04-2015 - 16:59 | |
| CVE-2015-1661 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
05-01-2017 - 15:27 | 14-04-2015 - 16:59 | |
| CVE-2015-1668 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
05-01-2017 - 15:19 | 14-04-2015 - 16:59 | |
| CVE-2015-1670 | 4.3 |
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote attackers to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType F
|
05-01-2017 - 15:17 | 13-05-2015 - 06:59 | |
| CVE-2015-1623 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
05-01-2017 - 15:09 | 11-03-2015 - 06:59 | |
| CVE-2015-6130 | 9.3 |
Integer underflow in Uniscribe in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows remote attackers to execute arbitrary code via a crafted font, aka "Windows Integer Underflow Vulnerability."
|
03-01-2017 - 14:03 | 09-12-2015 - 06:59 | |
| CVE-2015-1750 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
03-01-2017 - 13:02 | 09-06-2015 - 21:59 | |
| CVE-2015-1718 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1717 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1714 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1713 | 6.8 |
Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1712 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1711 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1710 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1709 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1708 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1706 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1705 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1704 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1703.
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1703 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1704.
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1700 | 6.0 |
Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "Microsoft SharePoint Page C
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1694 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1692 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows user-assisted remote attackers to read the clipboard contents via crafted web script, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1691 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1689 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1688 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1686 | 4.3 |
The Microsoft (1) VBScript 5.6 through 5.8 and (2) JScript 5.6 through 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1685 | 4.3 |
Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1684 | 4.3 |
VBScript.dll in the Microsoft VBScript 5.6 through 5.8 engine, as used in Internet Explorer 8 through 11 and other products, allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript ASLR Bypass."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1683 | 9.3 |
Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1682 | 9.3 |
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2013 RT SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office for Mac 2011,
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1671 | 9.3 |
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverligh
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
| CVE-2015-1635 | 10.0 |
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerabilit
|
02-01-2017 - 21:59 | 14-04-2015 - 16:59 | |
| CVE-2015-0096 | 9.3 |
Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to
|
02-01-2017 - 21:59 | 11-03-2015 - 06:59 | |
| CVE-2015-0092 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
02-01-2017 - 21:59 | 11-03-2015 - 06:59 | |
| CVE-2015-0014 | 10.0 |
Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary
|
02-01-2017 - 21:59 | 13-01-2015 - 17:59 | |
| CVE-2012-0002 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which a
|
02-01-2017 - 21:59 | 13-03-2012 - 17:55 | |
| CVE-2015-1770 | 9.3 |
Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1766 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1765 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site.
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1760 | 9.3 |
Microsoft Office Compatibility Pack SP3, Office 2010 SP2, Office 2013 SP1, and Office 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1759 | 9.3 |
Microsoft Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1755 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1754 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1753 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1752 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1751 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1748 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743.
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1747 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1745 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1744 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1743 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748.
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1742 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1741 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1740 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1739 | 6.8 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1737 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1736 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1735 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1732 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1731 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1730 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-1687 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2015-0050 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
30-12-2016 - 21:59 | 10-02-2015 - 22:00 | |
| CVE-2015-0040 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
30-12-2016 - 21:59 | 10-02-2015 - 22:00 | |
| CVE-2014-4138 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
30-12-2016 - 21:59 | 15-10-2014 - 06:55 | |
| CVE-2014-1785 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
30-12-2016 - 21:59 | 11-06-2014 - 00:56 | |
| CVE-2013-5763 | 1.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance. NOTE: the original disclosure
|
30-12-2016 - 21:59 | 12-12-2013 - 15:55 | |
| CVE-2013-3143 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
30-12-2016 - 21:59 | 09-07-2013 - 23:46 | |
| CVE-2013-3120 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
30-12-2016 - 21:59 | 11-06-2013 - 23:30 | |
| CVE-2013-3111 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 11-06-2013 - 23:29 | |
| CVE-2013-1309 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
30-12-2016 - 21:59 | 14-05-2013 - 23:36 | |
| CVE-2013-1306 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnera
|
30-12-2016 - 21:59 | 14-05-2013 - 23:36 | |
| CVE-2013-0090 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."
|
30-12-2016 - 21:59 | 12-03-2013 - 20:55 | |
| CVE-2013-0019 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerabi
|
30-12-2016 - 21:59 | 13-02-2013 - 07:04 | |
| CVE-2016-0199 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
29-12-2016 - 09:42 | 15-06-2016 - 21:59 | |
| CVE-2016-0063 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
29-12-2016 - 09:42 | 10-02-2016 - 06:59 | |
| CVE-2015-6168 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6153.
|
29-12-2016 - 08:19 | 09-12-2015 - 06:59 | |
| CVE-2016-7287 | 7.6 |
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability
|
27-12-2016 - 21:59 | 20-12-2016 - 01:59 | |
| CVE-2016-7286 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
27-12-2016 - 21:59 | 20-12-2016 - 01:59 | |
| CVE-2016-7275 | 7.2 |
Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."
|
27-12-2016 - 09:45 | 20-12-2016 - 01:59 | |
| CVE-2016-7297 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
27-12-2016 - 09:45 | 20-12-2016 - 01:59 | |
| CVE-2016-7272 | 9.3 |
The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers t
|
27-12-2016 - 09:44 | 20-12-2016 - 01:59 | |
| CVE-2016-7268 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive in
|
27-12-2016 - 09:44 | 20-12-2016 - 01:59 | |
| CVE-2016-7277 | 9.3 |
Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
27-12-2016 - 09:44 | 20-12-2016 - 01:59 | |
| CVE-2016-7280 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7206
|
27-12-2016 - 09:44 | 20-12-2016 - 01:59 | |
| CVE-2016-7276 | 5.8 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted docum
|
27-12-2016 - 09:43 | 20-12-2016 - 01:59 | |
| CVE-2016-7290 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
27-12-2016 - 09:43 | 20-12-2016 - 01:59 | |
| CVE-2016-7291 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
27-12-2016 - 09:43 | 20-12-2016 - 01:59 | |
| CVE-2016-7281 | 2.6 |
The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."
|
27-12-2016 - 09:42 | 20-12-2016 - 01:59 | |
| CVE-2016-7282 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerabilit
|
27-12-2016 - 09:40 | 20-12-2016 - 01:59 | |
| CVE-2016-7296 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
27-12-2016 - 09:36 | 20-12-2016 - 01:59 | |
| CVE-2016-7300 | 4.6 |
Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability."
|
27-12-2016 - 09:35 | 20-12-2016 - 01:59 | |
| CVE-2016-7298 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memo
|
27-12-2016 - 09:34 | 20-12-2016 - 01:59 | |
| CVE-2016-7273 | 9.3 |
The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability."
|
27-12-2016 - 09:14 | 20-12-2016 - 01:59 | |
| CVE-2016-7279 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
27-12-2016 - 09:14 | 20-12-2016 - 01:59 | |
| CVE-2016-3385 | 9.3 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
|
23-12-2016 - 21:59 | 13-10-2016 - 22:59 | |
| CVE-2016-3359 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
23-12-2016 - 21:59 | 14-09-2016 - 06:59 | |
| CVE-2016-3358 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Exce
|
23-12-2016 - 21:59 | 14-09-2016 - 06:59 | |
| CVE-2016-3247 | 5.1 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
23-12-2016 - 21:59 | 14-09-2016 - 06:59 | |
| CVE-2016-3222 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
23-12-2016 - 21:59 | 15-06-2016 - 21:59 | |
| CVE-2015-2502 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," as exploited in the wild in August 2015.
|
23-12-2016 - 21:59 | 19-08-2015 - 06:59 | |
| CVE-2015-2474 | 9.0 |
Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka "Server Message Block Memory Corruption Vulnerability."
|
23-12-2016 - 21:59 | 14-08-2015 - 20:59 | |
| CVE-2015-2423 | 4.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2
|
23-12-2016 - 21:59 | 14-08-2015 - 20:59 | |
| CVE-2016-7264 | 5.8 |
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a craft
|
23-12-2016 - 16:02 | 20-12-2016 - 01:59 | |
| CVE-2016-7263 | 9.3 |
Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
23-12-2016 - 16:02 | 20-12-2016 - 01:59 | |
| CVE-2016-7262 | 6.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a c
|
23-12-2016 - 16:01 | 20-12-2016 - 01:59 | |
| CVE-2016-7257 | 4.3 |
The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka
|
23-12-2016 - 16:01 | 20-12-2016 - 01:59 | |
| CVE-2016-7265 | 5.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attacker
|
23-12-2016 - 16:01 | 20-12-2016 - 01:59 | |
| CVE-2016-7266 | 6.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel 2016 for Mac mishandle a registry check, which allows user-assisted remote attackers to execute arbitrary
|
23-12-2016 - 16:01 | 20-12-2016 - 01:59 | |
| CVE-2016-7241 | 7.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
23-12-2016 - 16:00 | 10-11-2016 - 01:59 | |
| CVE-2016-7210 | 4.3 |
atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sens
|
23-12-2016 - 15:59 | 10-11-2016 - 01:59 | |
| CVE-2016-7206 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7280
|
23-12-2016 - 15:59 | 20-12-2016 - 01:59 | |
| CVE-2016-7202 | 7.6 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
23-12-2016 - 15:59 | 10-11-2016 - 01:59 | |
| CVE-2016-7181 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
23-12-2016 - 15:58 | 20-12-2016 - 01:59 | |
| CVE-2016-7267 | 4.3 |
Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses file formats, which makes it easier for remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability."
|
23-12-2016 - 15:51 | 20-12-2016 - 01:59 | |
| CVE-2016-7284 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
21-12-2016 - 22:00 | 20-12-2016 - 01:59 | |
| CVE-2016-7283 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
21-12-2016 - 22:00 | 20-12-2016 - 01:59 | |
| CVE-2016-7278 | 2.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosure Vulnerability."
|
21-12-2016 - 22:00 | 20-12-2016 - 01:59 | |
| CVE-2016-7274 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arb
|
21-12-2016 - 22:00 | 20-12-2016 - 01:59 | |
| CVE-2015-2546 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2542 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2530 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2529 | 2.1 |
The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2527 | 7.2 |
The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which a
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2523 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft O
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2522 | 3.5 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content, aka "Microsoft SharePoint XSS Spoofing Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2521 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2520 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerabili
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2519 | 9.3 |
Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2518 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2517 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2516 | 4.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2514 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2513 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2512 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges v
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2511 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2510 | 9.3 |
Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remot
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2509 | 9.3 |
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Media Center link (mcl) file, aka "Windows Media Center RCE Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2508 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2507 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges v
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2506 | 9.3 |
atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2494 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2486 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2485 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
| CVE-2015-2443 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
21-12-2016 - 21:59 | 14-08-2015 - 06:59 | |
| CVE-2015-2435 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 201
|
21-12-2016 - 21:59 | 14-08-2015 - 20:59 | |
| CVE-2015-2558 | 9.3 |
Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007
|
12-12-2016 - 13:30 | 13-10-2015 - 21:59 | |
| CVE-2015-2557 | 9.3 |
Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-12-2016 - 13:30 | 13-10-2015 - 21:59 | |
| CVE-2015-2555 | 9.3 |
Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 and 2013 SP1 allows remote attackers to execute arbitrar
|
12-12-2016 - 13:26 | 13-10-2015 - 21:59 | |
| CVE-2015-2548 | 9.3 |
Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerab
|
12-12-2016 - 13:22 | 13-10-2015 - 21:59 | |
| CVE-2015-2515 | 9.3 |
Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers
|
12-12-2016 - 13:21 | 13-10-2015 - 21:59 | |
| CVE-2015-2482 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
|
12-12-2016 - 13:20 | 13-10-2015 - 21:59 | |
| CVE-2015-2408 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-12-2016 - 09:52 | 14-07-2015 - 17:59 | |
| CVE-2015-1697 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
09-12-2016 - 14:58 | 13-05-2015 - 06:59 | |
| CVE-2015-1696 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
09-12-2016 - 14:58 | 13-05-2015 - 06:59 | |
| CVE-2015-1642 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
09-12-2016 - 14:58 | 14-08-2015 - 20:59 | |
| CVE-2015-1698 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
09-12-2016 - 14:56 | 13-05-2015 - 06:59 | |
| CVE-2014-4132 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
09-12-2016 - 13:25 | 15-10-2014 - 06:55 | |
| CVE-2014-4126 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
09-12-2016 - 13:25 | 15-10-2014 - 06:55 | |
| CVE-2014-4128 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
09-12-2016 - 13:24 | 15-10-2014 - 06:55 | |
| CVE-2014-6363 | 9.3 |
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScri
|
09-12-2016 - 13:20 | 10-12-2014 - 19:59 | |
| CVE-2015-0023 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
09-12-2016 - 13:18 | 10-02-2015 - 22:00 | |
| CVE-2015-1728 | 9.3 |
Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability."
|
08-12-2016 - 15:50 | 09-06-2015 - 21:59 | |
| CVE-2015-6047 | 6.8 |
The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the AppContainer protection mechanism and gain privileges via a DelegateExecute launch of an arbitrary application, as demonstrated by a transit
|
08-12-2016 - 15:50 | 13-10-2015 - 21:59 | |
| CVE-2015-6046 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
08-12-2016 - 15:49 | 13-10-2015 - 21:59 | |
| CVE-2015-6055 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Fi
|
08-12-2016 - 15:49 | 13-10-2015 - 21:59 | |
| CVE-2015-6056 | 9.3 |
The (1) JScript and (2) VBScript engines in Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
08-12-2016 - 15:47 | 13-10-2015 - 21:59 | |
| CVE-2015-6052 | 4.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript
|
08-12-2016 - 15:46 | 13-10-2015 - 21:59 | |
| CVE-2015-6042 | 9.3 |
Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memo
|
08-12-2016 - 13:50 | 13-10-2015 - 21:59 | |
| CVE-2015-6044 | 6.8 |
Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
08-12-2016 - 13:50 | 13-10-2015 - 21:59 | |
| CVE-2015-6053 | 5.0 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via crafted parameters in an ArrayBuffer.slice call, aka "Internet Explorer Information Disclosure Vulnerability."
|
08-12-2016 - 11:57 | 13-10-2015 - 21:59 | |
| CVE-2015-6048 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
08-12-2016 - 11:57 | 13-10-2015 - 21:59 | |
| CVE-2015-6049 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
08-12-2016 - 11:56 | 13-10-2015 - 21:59 | |
| CVE-2015-6050 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
08-12-2016 - 11:56 | 13-10-2015 - 21:59 | |
| CVE-2015-6051 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
08-12-2016 - 11:56 | 13-10-2015 - 21:59 | |
| CVE-2015-6059 | 4.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scriptin
|
07-12-2016 - 22:11 | 13-10-2015 - 21:59 | |
| CVE-2014-1799 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 22:05 | 11-06-2014 - 00:56 | |
| CVE-2014-0277 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
07-12-2016 - 22:04 | 11-02-2014 - 23:50 | |
| CVE-2016-0035 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office doc
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0034 | 9.3 |
Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka "Silverlight Runtime R
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0020 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "MAPI DLL Loading Elevation of Privilege Vulnerability."
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0019 | 9.3 |
The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka "Windows R
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0018 | 6.9 |
Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0016 | 6.9 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain pri
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0015 | 9.3 |
DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file,
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0014 | 6.9 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain pri
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0012 | 4.3 |
Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1,
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0011 | 3.5 |
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft Share
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0010 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0009 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka "Win32k Remote Code Execution Vulnerability."
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0008 | 4.3 |
The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protectio
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0005 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0003 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Microsoft Edge Memory Corruption Vulnerability."
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2016-0002 | 7.6 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
| CVE-2015-6160 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:19 | 09-12-2015 - 06:59 | |
| CVE-2015-6159 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
07-12-2016 - 13:19 | 09-12-2015 - 06:59 | |
| CVE-2015-6158 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
07-12-2016 - 13:19 | 09-12-2015 - 06:59 | |
| CVE-2015-6157 | 4.3 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6155 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6151 | 9.3 |
Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6150 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6149 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6148 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6147 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6143 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6142 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6141 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6136 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6135 | 5.0 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scriptin
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6134 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6131 | 9.3 |
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted .mcl file, aka "Media Center Library Parsing RCE Vulnerability."
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6127 | 4.3 |
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability."
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6117 | 4.3 |
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft Share
|
07-12-2016 - 13:18 | 13-01-2016 - 00:59 | |
| CVE-2015-6113 | 3.6 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesys
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6109 | 2.1 |
The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Wi
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6104 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers t
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6103 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers t
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6102 | 2.1 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protec
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6101 | 7.2 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a c
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6100 | 7.2 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a c
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6097 | 9.3 |
Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted Journal (.jnt) file, aka "Windows Journal Heap Overflo
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6094 | 9.3 |
Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Mic
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6093 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6092 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6091 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6089 | 9.3 |
The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corr
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6088 | 4.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6087 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6086 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6085 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6084 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6083 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
| CVE-2015-6082 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6081 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6080 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6079 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6078 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6077 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6076 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6075 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6074 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6073 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
| CVE-2015-6072 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:17 | 11-11-2015 - 07:59 | |
| CVE-2015-6071 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:17 | 11-11-2015 - 07:59 | |
| CVE-2015-6070 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
| CVE-2015-6069 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
| CVE-2015-6068 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
| CVE-2015-6066 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
| CVE-2015-6065 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
| CVE-2015-6064 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vu
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
| CVE-2015-6045 | 9.3 |
Use-after-free vulnerability in the CElement object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript that improperly interacts w
|
07-12-2016 - 13:17 | 12-11-2015 - 22:59 | |
| CVE-2015-6038 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 all
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
| CVE-2015-2503 | 9.3 |
Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 S
|
07-12-2016 - 13:10 | 11-11-2015 - 06:59 | |
| CVE-2015-2427 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
07-12-2016 - 13:10 | 11-11-2015 - 06:59 | |
| CVE-2015-1767 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:09 | 14-07-2015 - 17:59 | |
| CVE-2016-0077 | 4.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
|
05-12-2016 - 22:05 | 10-02-2016 - 06:59 | |
| CVE-2016-0072 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0071 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0069 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0068.
|
05-12-2016 - 22:04 | 18-02-2016 - 17:59 | |
| CVE-2016-0068 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0069.
|
05-12-2016 - 22:04 | 18-02-2016 - 17:59 | |
| CVE-2016-0067 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0064 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0062 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0061 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0060 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0059 | 4.3 |
The Hyperlink Object Library in Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted URL in a (1) e-mail message or (2) Office document, aka "Internet Explorer Information
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0058 | 9.3 |
Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted PDF document that triggers API calls, aka "Microsoft PDF Library Buffer Overf
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0056 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corrup
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0055 | 9.3 |
Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0054 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint S
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0053 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and SharePoint S
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0052 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0046 | 9.3 |
Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Reader file, aka "Microsoft Windows Reader Vulnerability."
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0044 | 5.0 |
Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows remote attackers to cause a denial of service (SyncShareSvc service outage) via crafted "change batch" data, aka "Windows DLL Loading Denial of Service Vulnera
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0042 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafte
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0041 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0040 | 7.2 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0039 | 4.3 |
Cross-site scripting (XSS) vulnerability in SharePoint Server in Microsoft SharePoint Foundation 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0038 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal file
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0022 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web
|
05-12-2016 - 22:04 | 10-02-2016 - 06:59 | |
| CVE-2016-0167 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
02-12-2016 - 22:16 | 12-04-2016 - 19:59 | |
| CVE-2016-0166 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
02-12-2016 - 22:16 | 12-04-2016 - 19:59 | |
| CVE-2016-0165 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
02-12-2016 - 22:16 | 12-04-2016 - 19:59 | |
| CVE-2016-0161 | 4.3 |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158.
|
02-12-2016 - 22:16 | 12-04-2016 - 19:59 | |
| CVE-2016-0160 | 7.2 |
Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
|
02-12-2016 - 22:16 | 12-04-2016 - 19:59 | |
| CVE-2016-0159 | 7.6 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
02-12-2016 - 22:16 | 12-04-2016 - 19:59 | |
| CVE-2016-0158 | 4.3 |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161.
|
02-12-2016 - 22:16 | 12-04-2016 - 19:59 | |
| CVE-2016-0157 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-
|
02-12-2016 - 22:16 | 12-04-2016 - 19:59 | |
| CVE-2016-0156 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-
|
02-12-2016 - 22:16 | 12-04-2016 - 19:59 | |
| CVE-2016-0155 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0156 and CVE-2016-
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0154 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0147 | 9.3 |
Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web site, aka "MSXML 3.0 Remote Code Execution Vulnerability."
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0145 | 9.3 |
The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold and 1511; Office 2007 SP3 and 2010 SP2; Word Viewer; .NET Framework 3.0
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0143 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0139 | 9.3 |
Microsoft Excel 2010 SP2, Word for Mac 2011, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0136 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, ak
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0134 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0130 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0129 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0127 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Offi
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0125 | 2.6 |
Microsoft Edge mishandles the Referer policy, which allows remote attackers to obtain sensitive browser-history and request information via a crafted HTTPS web site, aka "Microsoft Edge Information Disclosure Vulnerability."
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0124 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0123 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0122 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0121 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0120 | 7.1 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to cause a denial of
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0118 | 9.3 |
The PDF library in Microsoft Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability."
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0117 | 9.3 |
The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability."
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0116 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0123, CVE-2016-012
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0114 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0113 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0112 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0111 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0110 | 7.6 |
Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0109 | 7.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0108 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0107 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0106 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0105 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0104 | 7.6 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0103 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0102 | 7.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0101 | 9.3 |
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Rem
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0100 | 7.2 |
Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0098 | 9.3 |
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execu
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0092 | 9.3 |
OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, ak
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0091 | 6.8 |
OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, ak
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0090 | 2.1 |
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 allows guest OS users to obtain sensitive information from host OS memory via a crafted application, aka "Hyper-V Information Disclosure Vulnerability."
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0089 | 2.1 |
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to obtain sensitive information from host OS memory via a crafted application, aka "Hyper-V Information Disclosure Vulnerability."
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0088 | 7.2 |
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability."
|
02-12-2016 - 22:15 | 12-04-2016 - 19:59 | |
| CVE-2016-0057 | 7.2 |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not properly sign an unspecified binary file, which allows local users to gain privileges via a Trojan horse file with a crafted signature, aka "Microsoft Office Security Feature Bypass Vul
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0021 | 9.3 |
Microsoft InfoPath 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
02-12-2016 - 22:15 | 09-03-2016 - 06:59 | |
| CVE-2016-0198 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted O
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0195 | 9.3 |
The Imaging Component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0194 | 2.6 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass file permissions and obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0193 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0192 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0191 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0187 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "S
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0186 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0185 | 9.3 |
Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka "Windows Media Center Remote Code Execution Vulnerability."
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0184 | 9.3 |
Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbit
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0183 | 9.3 |
The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Microsoft O
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0178 | 9.0 |
The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles free operations, which allows remote attackers
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0170 | 9.3 |
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document
|
30-11-2016 - 22:02 | 10-05-2016 - 21:59 | |
| CVE-2016-0169 | 4.3 |
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted do
|
30-11-2016 - 22:01 | 10-05-2016 - 21:59 | |
| CVE-2016-0168 | 4.3 |
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted do
|
30-11-2016 - 22:01 | 10-05-2016 - 21:59 | |
| CVE-2016-0152 | 7.2 |
Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote Code Execution Vulnerability."
|
30-11-2016 - 22:01 | 10-05-2016 - 21:59 | |
| CVE-2016-0140 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption V
|
30-11-2016 - 22:01 | 10-05-2016 - 21:59 | |
| CVE-2016-0126 | 9.3 |
Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-11-2016 - 22:01 | 10-05-2016 - 21:59 | |
| CVE-2016-3235 | 9.3 |
Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Lo
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3234 | 4.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3233 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3228 | 9.0 |
Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3227 | 10.0 |
Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Server Use After Free Vulnerability."
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3215 | 4.3 |
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability,"
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3214 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3213 | 9.3 |
The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explor
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3211 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3207 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3206 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3205 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3203 | 9.3 |
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability."
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3202 | 7.6 |
The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a c
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3201 | 4.3 |
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulner
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3199 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-3198 | 4.3 |
Microsoft Edge allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted document, aka "Microsoft Edge Security Feature Bypass."
|
29-11-2016 - 22:05 | 15-06-2016 - 21:59 | |
| CVE-2016-0200 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
29-11-2016 - 22:02 | 15-06-2016 - 21:59 | |
| CVE-2016-0025 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automa
|
29-11-2016 - 22:02 | 15-06-2016 - 21:59 | |
| CVE-2015-1756 | 9.3 |
Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows user-assisted rem
|
29-11-2016 - 21:59 | 09-06-2015 - 21:59 | |
| CVE-2016-7248 | 9.3 |
Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Video Control Remote Code Exe
|
28-11-2016 - 15:38 | 10-11-2016 - 02:00 | |
| CVE-2016-7245 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, and Office 2016 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7244 | 4.3 |
Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7243 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7242 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7240 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7239 | 2.6 |
The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser In
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7235 | 9.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vuln
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7231 | 9.3 |
Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7230 | 9.3 |
Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7229 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office doc
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7228 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Mi
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7227 | 2.6 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7222 | 7.2 |
Task Scheduler in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to gain privileges via a crafted UNC pathname in a task, aka "Task Scheduler Elevation of Privilege Vulnerability."
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7221 | 7.2 |
Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles DLL loading
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7217 | 9.3 |
Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Media Foundation Memor
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7213 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Mi
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7212 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code vi
|
28-11-2016 - 15:38 | 10-11-2016 - 01:59 | |
| CVE-2016-7209 | 2.6 |
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."
|
28-11-2016 - 15:37 | 10-11-2016 - 01:59 | |
| CVE-2016-7208 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
28-11-2016 - 15:37 | 10-11-2016 - 01:59 | |
| CVE-2016-7205 | 9.3 |
Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a c
|
28-11-2016 - 15:37 | 10-11-2016 - 01:59 | |
| CVE-2016-7204 | 2.6 |
Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."
|
28-11-2016 - 15:37 | 10-11-2016 - 01:59 | |
| CVE-2016-7203 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
28-11-2016 - 15:37 | 10-11-2016 - 01:59 | |
| CVE-2016-7199 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
28-11-2016 - 15:37 | 10-11-2016 - 01:59 | |
| CVE-2016-7198 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
28-11-2016 - 15:37 | 10-11-2016 - 01:59 | |
| CVE-2016-7196 | 7.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
28-11-2016 - 15:37 | 10-11-2016 - 01:59 | |
| CVE-2016-7195 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
28-11-2016 - 15:37 | 10-11-2016 - 01:59 | |
| CVE-2016-7194 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
28-11-2016 - 15:37 | 13-10-2016 - 22:59 | |
| CVE-2016-7193 | 9.3 |
Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services o
|
28-11-2016 - 15:37 | 13-10-2016 - 22:59 | |
| CVE-2016-7190 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
28-11-2016 - 15:37 | 13-10-2016 - 22:59 | |
| CVE-2016-7189 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."
|
28-11-2016 - 15:37 | 13-10-2016 - 22:59 | |
| CVE-2016-7182 | 10.0 |
The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Sk
|
28-11-2016 - 15:37 | 13-10-2016 - 22:59 | |
| CVE-2016-3396 | 9.3 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3393 | 9.3 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers t
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3392 | 2.6 |
The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents, which allows remote attackers to bypass intended access restrictions via a crafted web site, aka "Microsoft Browser Security Feature Bypass Vulnerability
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3391 | 2.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability."
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3390 | 7.6 |
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3389 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3388 | 2.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3387 | 6.8 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3386 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3384 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3383 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3382 | 9.3 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript en
|
28-11-2016 - 15:09 | 13-10-2016 - 22:59 | |
| CVE-2016-3379 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2 allows remote attackers to inject arbitrary web script or HTML via a meeting-invitation request, aka "Microsoft Exchange Elevation of Privilege Vulne
|
28-11-2016 - 15:09 | 14-09-2016 - 06:59 | |
| CVE-2016-3378 | 5.8 |
Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and condu
|
28-11-2016 - 15:09 | 14-09-2016 - 06:59 | |
| CVE-2016-3377 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
28-11-2016 - 15:09 | 14-09-2016 - 06:59 | |
| CVE-2016-3375 | 7.6 |
The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10
|
28-11-2016 - 15:09 | 14-09-2016 - 06:59 | |
| CVE-2016-3369 | 7.8 |
Microsoft Windows 10 Gold and 1511 allows attackers to cause a denial of service via unspecified vectors, aka "Windows Denial of Service Vulnerability."
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3368 | 9.0 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3367 | 9.3 |
StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not properly allocate memory for string-insert and string-append operations, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Silverlight M
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3366 | 4.3 |
Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, and Outlook 2016 for Mac do not properly implement RFC 2046, which allows remote attackers to bypass virus or spam detection via crafted MIME data in a
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3365 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Service
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3364 | 9.3 |
Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3363 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3362 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Service
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3361 | 9.3 |
Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3360 | 9.3 |
Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, PowerPoint 2013 RT SP1, PowerPoint 2016 for Mac, Office Compatibility Pack SP3, PowerPoint Viewer, SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Serv
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3357 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Serv
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3356 | 9.3 |
The Graphics Device Interface (GDI) in Microsoft Windows 10 1607 allows remote attackers to execute arbitrary code via a crafted document, aka "GDI Remote Code Execution Vulnerability."
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3355 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3354 | 4.3 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to bypass the
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3353 | 5.1 |
Microsoft Internet Explorer 9 through 11 mishandles .url files from the Internet zone, which allows remote attackers to bypass intended access restrictions via a crafted file, aka "Internet Explorer Security Feature Bypass."
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3352 | 4.3 |
Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via a brute-force attack on NTLM password hashes, aka
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3351 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3350 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3349 | 7.2 |
The kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3348 | 9.3 |
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a cr
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3346 | 7.2 |
Microsoft Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain Administrator access via a crafted DLL, aka "Windows Permissions Enforcement Elevation of Privilege Vulnerability."
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3345 | 9.0 |
The SMBv1 server in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code vi
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3331 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
28-11-2016 - 15:08 | 13-10-2016 - 22:59 | |
| CVE-2016-3330 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3294.
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3329 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability."
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3327 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3326.
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3326 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3327.
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3325 | 2.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3324 | 6.8 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
28-11-2016 - 15:08 | 14-09-2016 - 06:59 | |
| CVE-2016-3322 | 7.6 |
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3289.
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3321 | 1.9 |
Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Inte
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3319 | 9.3 |
The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3318 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted file, aka "Graphics Component Memory Corruption Vulnerability."
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3317 | 9.3 |
Microsoft Office 2010 SP2, Word 2007 SP3, Word 2010 SP2, Word for Mac 2011, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3316 | 9.3 |
Microsoft Word 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3315 | 4.3 |
Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3313 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
|
28-11-2016 - 15:08 | 09-08-2016 - 17:59 | |
| CVE-2016-3304 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2013 SP1, Lync 2010, Lync 2010 Attendee, and Live Meeting 2007 Co
|
28-11-2016 - 15:07 | 09-08-2016 - 17:59 | |
| CVE-2016-3303 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2013 SP1, Lync 2010, Lync 2010 Attendee, and Live Meeting 2007 Co
|
28-11-2016 - 15:07 | 09-08-2016 - 17:59 | |
| CVE-2016-3301 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer;
|
28-11-2016 - 15:07 | 09-08-2016 - 17:59 | |
| CVE-2016-3298 | 2.6 |
Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Inte
|
28-11-2016 - 15:07 | 13-10-2016 - 22:59 | |
| CVE-2016-3297 | 6.8 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
28-11-2016 - 15:07 | 14-09-2016 - 06:59 | |
| CVE-2016-3296 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
|
28-11-2016 - 15:07 | 09-08-2016 - 17:59 | |
| CVE-2016-3295 | 5.1 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
28-11-2016 - 15:07 | 14-09-2016 - 06:59 | |
| CVE-2016-3294 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3330.
|
28-11-2016 - 15:07 | 14-09-2016 - 06:59 | |
| CVE-2016-3293 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability."
|
28-11-2016 - 15:07 | 09-08-2016 - 17:59 | |
| CVE-2016-3292 | 5.1 |
Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
28-11-2016 - 15:07 | 14-09-2016 - 06:59 | |
| CVE-2016-3291 | 2.6 |
Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
28-11-2016 - 15:07 | 14-09-2016 - 06:59 | |
| CVE-2016-3290 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3288.
|
28-11-2016 - 15:07 | 09-08-2016 - 17:59 | |
| CVE-2016-3289 | 7.6 |
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322.
|
28-11-2016 - 15:07 | 09-08-2016 - 17:59 | |
| CVE-2016-3288 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3290.
|
28-11-2016 - 15:07 | 09-08-2016 - 17:59 | |
| CVE-2016-3284 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office doc
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3283 | 9.3 |
Microsoft Word Viewer allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3282 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automa
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3281 | 9.3 |
Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitra
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3280 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office docum
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3279 | 4.3 |
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePo
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3278 | 9.3 |
Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3277 | 2.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3276 | 2.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3274 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3273 | 2.6 |
The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclos
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3271 | 4.3 |
The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3270 | 10.0 |
The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privi
|
28-11-2016 - 15:07 | 13-10-2016 - 22:59 | |
| CVE-2016-3269 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3267 | 4.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
28-11-2016 - 15:07 | 13-10-2016 - 22:59 | |
| CVE-2016-3265 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3264 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3263 | 5.0 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
28-11-2016 - 15:07 | 13-10-2016 - 22:59 | |
| CVE-2016-3262 | 5.0 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
28-11-2016 - 15:07 | 13-10-2016 - 22:59 | |
| CVE-2016-3261 | 2.6 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3260 | 9.3 |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corrupt
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3259 | 9.3 |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memo
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3248 | 9.3 |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memo
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3246 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
28-11-2016 - 15:07 | 12-07-2016 - 21:59 | |
| CVE-2016-3245 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass Vulnerability."
|
28-11-2016 - 15:06 | 12-07-2016 - 21:59 | |
| CVE-2016-3244 | 4.3 |
Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass."
|
28-11-2016 - 15:06 | 12-07-2016 - 21:59 | |
| CVE-2016-3243 | 7.6 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
28-11-2016 - 15:06 | 12-07-2016 - 21:59 | |
| CVE-2016-3242 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
28-11-2016 - 15:06 | 12-07-2016 - 21:59 | |
| CVE-2016-3241 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
28-11-2016 - 15:06 | 12-07-2016 - 21:59 | |
| CVE-2016-3240 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
28-11-2016 - 15:06 | 12-07-2016 - 21:59 | |
| CVE-2016-3239 | 7.2 |
The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via vectors
|
28-11-2016 - 15:06 | 12-07-2016 - 21:59 | |
| CVE-2016-3238 | 9.3 |
The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle attackers to execute arbi
|
28-11-2016 - 15:06 | 12-07-2016 - 21:59 | |
| CVE-2016-3209 | 5.0 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
28-11-2016 - 15:06 | 13-10-2016 - 22:59 | |
| CVE-2016-3204 | 9.3 |
The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted we
|
28-11-2016 - 15:06 | 12-07-2016 - 21:59 | |
| CVE-2016-0179 | 9.3 |
Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Shell Remote Code Execution Vulnerability."
|
28-11-2016 - 14:52 | 10-05-2016 - 21:59 | |
| CVE-2016-0142 | 9.3 |
Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Video Control Remote Code Execution
|
28-11-2016 - 14:51 | 13-10-2016 - 22:59 | |
| CVE-2016-0141 | 4.3 |
The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft
|
28-11-2016 - 14:51 | 14-09-2016 - 06:59 | |
| CVE-2016-0138 | 4.0 |
Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitiv
|
28-11-2016 - 14:51 | 14-09-2016 - 06:59 | |
| CVE-2016-0137 | 4.3 |
The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."
|
28-11-2016 - 14:51 | 14-09-2016 - 06:59 | |
| CVE-2015-6128 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
|
28-11-2016 - 14:38 | 09-12-2015 - 06:59 | |
| CVE-2015-2464 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee,
|
28-11-2016 - 14:20 | 14-08-2015 - 20:59 | |
| CVE-2015-2463 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee,
|
28-11-2016 - 14:20 | 14-08-2015 - 20:59 | |
| CVE-2015-2462 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, and .NET Framework 3.
|
28-11-2016 - 14:20 | 14-08-2015 - 20:59 | |
| CVE-2015-2461 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote atta
|
28-11-2016 - 14:20 | 14-08-2015 - 20:59 | |
| CVE-2015-2456 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 201
|
28-11-2016 - 14:19 | 14-08-2015 - 20:59 | |
| CVE-2015-2455 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 201
|
28-11-2016 - 14:19 | 14-08-2015 - 20:59 | |
| CVE-2015-2452 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2441.
|
28-11-2016 - 14:19 | 14-08-2015 - 06:59 | |
| CVE-2015-2451 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2450.
|
28-11-2016 - 14:19 | 14-08-2015 - 06:59 | |
| CVE-2015-2450 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2451.
|
28-11-2016 - 14:19 | 14-08-2015 - 06:59 | |
| CVE-2015-2448 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
28-11-2016 - 14:19 | 14-08-2015 - 06:59 | |
| CVE-2015-2444 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2442.
|
28-11-2016 - 14:19 | 14-08-2015 - 06:59 | |
| CVE-2015-2433 | 2.1 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism
|
28-11-2016 - 14:19 | 14-08-2015 - 20:59 | |
| CVE-2015-2426 | 9.3 |
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows rem
|
28-11-2016 - 14:19 | 20-07-2015 - 14:59 | |
| CVE-2015-2412 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability."
|
28-11-2016 - 14:19 | 14-07-2015 - 17:59 | |
| CVE-2015-2402 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
28-11-2016 - 14:19 | 14-07-2015 - 17:59 | |
| CVE-2015-0093 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
28-11-2016 - 14:15 | 11-03-2015 - 06:59 | |
| CVE-2015-0091 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
28-11-2016 - 14:15 | 11-03-2015 - 06:59 | |
| CVE-2015-0090 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
28-11-2016 - 14:15 | 11-03-2015 - 06:59 | |
| CVE-2015-0089 | 5.0 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensi
|
28-11-2016 - 14:15 | 11-03-2015 - 06:59 | |
| CVE-2015-0088 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
28-11-2016 - 14:15 | 11-03-2015 - 06:59 | |
| CVE-2015-0087 | 5.0 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensi
|
28-11-2016 - 14:15 | 11-03-2015 - 06:59 | |
| CVE-2015-0074 | 4.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly allocate memory, whic
|
28-11-2016 - 14:15 | 11-03-2015 - 06:59 | |
| CVE-2013-3893 | 9.3 |
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL t
|
28-11-2016 - 14:09 | 18-09-2013 - 06:08 | |
| CVE-2010-3190 | 9.3 |
Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; and Visual C++ 2005 SP1, 2008 SP1, and 2010 allows local users to gain privilege
|
28-11-2016 - 14:07 | 31-08-2010 - 16:00 | |
| CVE-2012-3110 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:01 | 17-07-2012 - 19:55 | |
| CVE-2012-3109 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-
|
21-11-2016 - 22:01 | 17-07-2012 - 19:55 | |
| CVE-2012-3108 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2012-3107 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2012-3106 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2012-1773 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2012-1772 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2012-1771 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2012-1770 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2012-1769 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2012-1768 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2012-1767 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2012-1766 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
21-11-2016 - 22:00 | 17-07-2012 - 19:55 | |
| CVE-2013-0810 | 9.3 |
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulner
|
16-11-2016 - 14:34 | 11-09-2013 - 10:03 | |
| CVE-2008-2540 | 9.3 |
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downlo
|
08-11-2016 - 13:06 | 03-06-2008 - 11:32 | |
| CVE-2013-3870 | 9.3 |
Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."
|
08-11-2016 - 10:04 | 11-09-2013 - 10:03 | |
| CVE-2013-0029 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability."
|
04-11-2016 - 07:49 | 13-02-2013 - 07:04 | |
| CVE-2013-0030 | 9.3 |
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."
|
04-11-2016 - 07:48 | 13-02-2013 - 07:04 | |
| CVE-2013-0026 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer InsertElement Use After Free Vulnerability."
|
03-11-2016 - 15:27 | 13-02-2013 - 07:04 | |
| CVE-2013-0024 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
|
03-11-2016 - 15:27 | 13-02-2013 - 07:04 | |
| CVE-2013-0015 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers cross-domain scroll
|
03-11-2016 - 15:24 | 13-02-2013 - 07:04 | |
| CVE-2013-0018 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SetCapture Use After Free Vulnerability.
|
03-11-2016 - 15:24 | 13-02-2013 - 07:04 | |
| CVE-2013-0021 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer vtable Use After Free Vulnerability."
|
03-11-2016 - 15:21 | 13-02-2013 - 07:04 | |
| CVE-2013-0025 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."
|
03-11-2016 - 15:20 | 13-02-2013 - 07:04 | |
| CVE-2013-0027 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CPasteCommand Use After Free Vulnerabil
|
03-11-2016 - 15:19 | 13-02-2013 - 07:04 | |
| CVE-2013-0028 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CObjectElement Use After Free Vulnerabil
|
03-11-2016 - 15:19 | 13-02-2013 - 07:04 | |
| CVE-2013-0023 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CDispNode Use After Free Vulnerability."
|
03-11-2016 - 15:16 | 13-02-2013 - 07:04 | |
| CVE-2013-0011 | 10.0 |
The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted print job, aka "Windows Print Spooler Compone
|
03-11-2016 - 15:12 | 09-01-2013 - 13:09 | |
| CVE-2013-0020 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkup Use After Free Vulnerability."
|
03-11-2016 - 15:12 | 13-02-2013 - 07:04 | |
| CVE-2013-0022 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer LsGetTrailInfo Use After Free Vulnerability."
|
03-11-2016 - 15:12 | 13-02-2013 - 07:04 | |
| CVE-2013-0074 | 9.3 |
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Dou
|
03-11-2016 - 15:04 | 12-03-2013 - 20:55 | |
| CVE-2013-3906 | 9.3 |
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafte
|
01-11-2016 - 13:45 | 06-11-2013 - 10:55 | |
| CVE-2012-0150 | 9.3 |
Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, aka "Msvcrt.dll Buffer Overflow Vulnerabilit
|
24-10-2016 - 12:38 | 14-02-2012 - 17:55 | |
| CVE-2012-0154 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
24-10-2016 - 11:13 | 14-02-2012 - 17:55 | |
| CVE-2012-0155 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability."
|
24-10-2016 - 11:13 | 14-02-2012 - 17:55 | |
| CVE-2012-0136 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
21-10-2016 - 14:30 | 14-02-2012 - 17:55 | |
| CVE-2012-0138 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
21-10-2016 - 14:29 | 14-02-2012 - 17:55 | |
| CVE-2012-0137 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
21-10-2016 - 14:27 | 14-02-2012 - 17:55 | |
| CVE-2013-3189 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
20-10-2016 - 12:38 | 14-08-2013 - 07:10 | |
| CVE-2013-3188 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
20-10-2016 - 12:38 | 14-08-2013 - 07:10 | |
| CVE-2013-3172 | 4.9 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to cause a denial of service (system ha
|
20-10-2016 - 12:38 | 09-07-2013 - 23:46 | |
| CVE-2013-3190 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
20-10-2016 - 12:37 | 14-08-2013 - 07:10 | |
| CVE-2013-3174 | 9.3 |
DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file
|
20-10-2016 - 12:34 | 09-07-2013 - 23:46 | |
| CVE-2013-3173 | 7.2 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local u
|
20-10-2016 - 12:33 | 09-07-2013 - 23:46 | |
| CVE-2013-3171 | 9.3 |
The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser a
|
20-10-2016 - 12:33 | 09-07-2013 - 23:46 | |
| CVE-2013-3179 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
|
20-10-2016 - 12:33 | 11-09-2013 - 10:03 | |
| CVE-2013-3167 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle objects in memory, which allows local users to gain
|
20-10-2016 - 12:33 | 09-07-2013 - 23:46 | |
| CVE-2013-3166 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scro
|
20-10-2016 - 12:33 | 09-07-2013 - 23:46 | |
| CVE-2013-3181 | 9.3 |
usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerabili
|
20-10-2016 - 12:33 | 14-08-2013 - 07:10 | |
| CVE-2013-3184 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
20-10-2016 - 12:01 | 14-08-2013 - 07:10 | |
| CVE-2013-3163 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
20-10-2016 - 12:01 | 09-07-2013 - 23:46 | |
| CVE-2013-3164 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
20-10-2016 - 12:01 | 09-07-2013 - 23:46 | |
| CVE-2013-3162 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
20-10-2016 - 12:00 | 09-07-2013 - 23:46 | |
| CVE-2013-3180 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST XSS Vulnerability."
|
20-10-2016 - 11:40 | 11-09-2013 - 10:03 | |
| CVE-2013-3178 | 9.3 |
Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted Silverlight application, aka "Null Pointer V
|
20-10-2016 - 11:39 | 09-07-2013 - 23:46 | |
| CVE-2013-3187 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
20-10-2016 - 11:09 | 14-08-2013 - 07:10 | |
| CVE-2013-3191 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
20-10-2016 - 11:02 | 14-08-2013 - 07:10 | |
| CVE-2013-3194 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
20-10-2016 - 11:00 | 14-08-2013 - 07:10 | |
| CVE-2013-3193 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
20-10-2016 - 10:59 | 14-08-2013 - 07:10 | |
| CVE-2013-3161 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
19-10-2016 - 15:10 | 09-07-2013 - 23:46 | |
| CVE-2013-3160 | 5.0 |
Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XM
|
19-10-2016 - 15:10 | 11-09-2013 - 10:03 | |
| CVE-2013-3133 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafte
|
19-10-2016 - 15:08 | 09-07-2013 - 23:46 | |
| CVE-2013-3134 | 9.3 |
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 on 64-bit platforms does not properly allocate arrays of structures, which allows remote attackers to execute arbitrary code via a crafted .NET Framework ap
|
19-10-2016 - 15:08 | 09-07-2013 - 23:46 | |
| CVE-2013-3139 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
19-10-2016 - 15:05 | 11-06-2013 - 23:30 | |
| CVE-2013-3142 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
19-10-2016 - 15:02 | 11-06-2013 - 23:30 | |
| CVE-2013-3141 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
19-10-2016 - 14:56 | 11-06-2013 - 23:30 | |
| CVE-2013-3144 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
19-10-2016 - 14:55 | 09-07-2013 - 23:46 | |
| CVE-2013-3145 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
19-10-2016 - 14:54 | 09-07-2013 - 23:46 | |
| CVE-2013-3146 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
19-10-2016 - 14:54 | 09-07-2013 - 23:46 | |
| CVE-2013-3147 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
19-10-2016 - 14:47 | 09-07-2013 - 23:46 | |
| CVE-2013-3148 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
19-10-2016 - 14:30 | 09-07-2013 - 23:46 | |
| CVE-2013-3149 | 9.3 |
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
19-10-2016 - 14:20 | 09-07-2013 - 23:46 | |
| CVE-2013-3150 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
19-10-2016 - 14:17 | 09-07-2013 - 23:46 | |
| CVE-2013-3151 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
19-10-2016 - 14:11 | 09-07-2013 - 23:46 | |
| CVE-2013-3152 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
19-10-2016 - 14:10 | 09-07-2013 - 23:46 | |
| CVE-2013-3153 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
19-10-2016 - 14:03 | 09-07-2013 - 23:46 | |
| CVE-2013-3158 | 9.3 |
Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
19-10-2016 - 13:59 | 11-09-2013 - 10:03 | |
| CVE-2013-1347 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
|
19-10-2016 - 13:55 | 05-05-2013 - 07:07 | |
| CVE-2013-3115 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
19-10-2016 - 13:52 | 09-07-2013 - 23:46 | |
| CVE-2013-3124 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
19-10-2016 - 13:52 | 11-06-2013 - 23:30 | |
| CVE-2013-2551 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSe
|
19-10-2016 - 13:46 | 11-03-2013 - 06:55 | |
| CVE-2013-3125 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
19-10-2016 - 13:45 | 11-06-2013 - 23:30 | |
| CVE-2013-3126 | 9.3 |
Microsoft Internet Explorer 9 and 10, when script debugging is enabled, does not properly handle objects in memory during the processing of script, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Internet Explorer
|
19-10-2016 - 13:44 | 11-06-2013 - 23:30 | |
| CVE-2013-3127 | 9.3 |
The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafte
|
19-10-2016 - 13:44 | 09-07-2013 - 23:46 | |
| CVE-2013-3131 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does not properly prevent changes to data in multidimensional arrays of structures, which allows remote attackers to execute arbitrary code via (1) a craf
|
19-10-2016 - 13:44 | 09-07-2013 - 23:46 | |
| CVE-2013-3132 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBA
|
19-10-2016 - 13:44 | 09-07-2013 - 23:46 | |
| CVE-2013-3123 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
19-10-2016 - 13:43 | 11-06-2013 - 23:30 | |
| CVE-2013-3122 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
19-10-2016 - 13:43 | 11-06-2013 - 23:30 | |
| CVE-2013-3121 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
19-10-2016 - 13:43 | 11-06-2013 - 23:30 | |
| CVE-2013-3119 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
19-10-2016 - 13:07 | 11-06-2013 - 23:29 | |
| CVE-2013-3140 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted CMarkup object, aka "Internet Explorer Use After Free Vulnerability."
|
19-10-2016 - 13:05 | 16-12-2013 - 10:14 | |
| CVE-2013-3129 | 9.3 |
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Serv
|
19-10-2016 - 12:48 | 09-07-2013 - 23:46 | |
| CVE-2013-3118 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
19-10-2016 - 12:43 | 11-06-2013 - 23:29 | |
| CVE-2013-3117 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
19-10-2016 - 12:29 | 11-06-2013 - 23:29 | |
| CVE-2013-3116 | 9.3 |
Microsoft Internet Explorer 7 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
19-10-2016 - 12:29 | 11-06-2013 - 23:29 | |
| CVE-2012-2528 | 9.3 |
Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote atta
|
13-10-2016 - 14:52 | 09-10-2012 - 17:55 | |
| CVE-2012-2520 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1, Groove Server 2010 SP1, Windows SharePoint Services 3.0
|
13-10-2016 - 14:50 | 09-10-2012 - 17:55 | |
| CVE-2013-3205 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
03-10-2016 - 13:50 | 11-09-2013 - 10:03 | |
| CVE-2013-3206 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
03-10-2016 - 13:50 | 11-09-2013 - 10:03 | |
| CVE-2013-3207 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
03-10-2016 - 13:49 | 11-09-2013 - 10:03 | |
| CVE-2013-3208 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
03-10-2016 - 13:47 | 11-09-2013 - 10:03 | |
| CVE-2013-3209 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
03-10-2016 - 13:46 | 11-09-2013 - 10:03 | |
| CVE-2013-3845 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
03-10-2016 - 13:46 | 11-09-2013 - 10:03 | |
| CVE-2013-3847 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary c
|
03-10-2016 - 13:45 | 11-09-2013 - 10:03 | |
| CVE-2013-3848 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary c
|
03-10-2016 - 13:44 | 11-09-2013 - 10:03 | |
| CVE-2013-3199 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
03-10-2016 - 13:03 | 14-08-2013 - 07:10 | |
| CVE-2013-3201 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
03-10-2016 - 13:01 | 11-09-2013 - 10:03 | |
| CVE-2013-3202 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
03-10-2016 - 12:54 | 11-09-2013 - 10:03 | |
| CVE-2013-3203 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
03-10-2016 - 12:45 | 11-09-2013 - 10:03 | |
| CVE-2013-3204 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
03-10-2016 - 12:43 | 11-09-2013 - 10:03 | |
| CVE-2013-1317 | 9.3 |
Integer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper allocation-size calculation, aka "Publisher Integer Overflow Vulnerability."
|
30-09-2016 - 08:33 | 14-05-2013 - 23:36 | |
| CVE-2013-1316 | 9.3 |
Microsoft Publisher 2003 SP3 does not properly validate the size of an unspecified array, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Negative Value Allocation Vulnerability."
|
30-09-2016 - 08:32 | 14-05-2013 - 23:36 | |
| CVE-2013-1311 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
|
29-09-2016 - 16:18 | 14-05-2013 - 23:36 | |
| CVE-2013-1310 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
|
29-09-2016 - 16:17 | 14-05-2013 - 23:36 | |
| CVE-2013-1308 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
29-09-2016 - 16:09 | 14-05-2013 - 23:36 | |
| CVE-2013-1312 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
|
29-09-2016 - 15:45 | 14-05-2013 - 23:36 | |
| CVE-2013-1307 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v
|
29-09-2016 - 15:44 | 14-05-2013 - 23:36 | |
| CVE-2013-0811 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v
|
29-09-2016 - 15:28 | 14-05-2013 - 23:36 | |
| CVE-2013-1297 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."
|
29-09-2016 - 15:22 | 14-05-2013 - 23:36 | |
| CVE-2013-1302 | 9.3 |
Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lyn
|
29-09-2016 - 14:55 | 14-05-2013 - 23:36 | |
| CVE-2012-0020 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
23-09-2016 - 12:33 | 14-02-2012 - 17:55 | |
| CVE-2012-0019 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
23-09-2016 - 12:32 | 14-02-2012 - 17:55 | |
| CVE-2012-0015 | 9.3 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET applicati
|
23-09-2016 - 12:27 | 14-02-2012 - 17:55 | |
| CVE-2012-0011 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
|
23-09-2016 - 12:27 | 14-02-2012 - 17:55 | |
| CVE-2012-0012 | 4.3 |
Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure
|
23-09-2016 - 12:25 | 14-02-2012 - 17:55 | |
| CVE-2012-0010 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information D
|
23-09-2016 - 12:22 | 14-02-2012 - 17:55 | |
| CVE-2012-0014 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser
|
23-09-2016 - 12:12 | 14-02-2012 - 17:55 | |
| CVE-2013-3114 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
23-09-2016 - 11:55 | 11-06-2013 - 23:29 | |
| CVE-2013-3113 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
23-09-2016 - 11:55 | 11-06-2013 - 23:29 | |
| CVE-2013-3112 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
23-09-2016 - 11:55 | 11-06-2013 - 23:29 | |
| CVE-2013-3110 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
23-09-2016 - 11:54 | 11-06-2013 - 23:29 | |
| CVE-2012-2530 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
22-09-2016 - 13:14 | 13-11-2012 - 19:55 | |
| CVE-2012-2526 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP3 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to a deleted object, ak
|
22-09-2016 - 13:13 | 14-08-2012 - 21:55 | |
| CVE-2012-2524 | 9.3 |
Microsoft Office 2007 SP2 and SP3 and 2010 SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Computer Graphics Metafile (CGM) file, aka "CGM File Format Memory Corruption Vulnerabilit
|
22-09-2016 - 13:12 | 14-08-2012 - 21:55 | |
| CVE-2012-2523 | 9.3 |
Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka "JavaScript Integer Ov
|
22-09-2016 - 13:12 | 14-08-2012 - 21:55 | |
| CVE-2012-2522 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this table's deletion, aka "Virtual Function Table Corru
|
22-09-2016 - 13:10 | 14-08-2012 - 21:55 | |
| CVE-2012-2521 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL Object Access Remote Code Execution Vulnerability."
|
22-09-2016 - 13:07 | 14-08-2012 - 21:55 | |
| CVE-2014-0260 | 9.3 |
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers
|
20-09-2016 - 14:14 | 15-01-2014 - 11:13 | |
| CVE-2014-0259 | 9.3 |
Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."
|
20-09-2016 - 14:14 | 15-01-2014 - 11:13 | |
| CVE-2014-0258 | 9.3 |
Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerab
|
20-09-2016 - 13:00 | 15-01-2014 - 11:13 | |
| CVE-2016-3381 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption
|
14-09-2016 - 15:01 |