Max CVSS | 10.0 | Min CVSS | 1.5 | Total Count | 2437 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-0586 | 10.0 |
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.
|
08-01-2019 - 16:29 | 08-01-2019 - 16:29 | |
CVE-2019-0585 | 9.3 |
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, O
|
08-01-2019 - 16:29 | 08-01-2019 - 16:29 | |
CVE-2019-0584 | 9.3 |
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Win
|
08-01-2019 - 16:29 | 08-01-2019 - 16:29 | |
CVE-2019-0581 | 9.3 |
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Win
|
08-01-2019 - 16:29 | 08-01-2019 - 16:29 | |
CVE-2019-0579 | 9.3 |
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Win
|
08-01-2019 - 16:29 | 08-01-2019 - 16:29 | |
CVE-2018-8569 | 6.8 |
A remote code execution vulnerability exists in the Yammer desktop application due to the loading of arbitrary content, aka "Yammer Desktop Application Remote Code Execution Vulnerability." This affects Yammer Desktop App.
|
23-10-2018 - 13:29 | 23-10-2018 - 13:29 | |
CVE-2018-8513 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8511 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8510 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8509 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8473.
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8505 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8504 | 9.3 |
A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 3
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8494 | 9.3 |
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8460 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8491.
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8432 | 9.3 |
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Microsoft Office W
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8423 | 9.3 |
A remote code execution vulnerability exists in the Microsoft JET Database Engine, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows S
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8413 | 9.3 |
A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8265 | 9.3 |
A remote code execution vulnerability exists in the way Microsoft Exchange software parses specially crafted email messages, aka "Microsoft Exchange Remote Code Execution Vulnerability." This affects Microsoft Exchange Server.
|
10-10-2018 - 09:29 | 10-10-2018 - 09:29 | |
CVE-2018-8414 | 9.3 |
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8403 | 7.6 |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8397 | 9.3 |
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka "GDI+ Remote Code Execution Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8390 | 7.6 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-20
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8389 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8387 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8377.
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8385 | 7.6 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11,
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8384 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from C
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8381 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8380 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8379 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8377 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8387.
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8376 | 9.3 |
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft PowerPoint.
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8375 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, M
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8373 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8372 | 7.6 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8371 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8359 | 7.6 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8353, CVE-201
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8355 | 7.6 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8353 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8350 | 9.3 |
A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8349 | 9.3 |
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Wind
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8346 | 9.3 |
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed, aka "LNK Remote Code Execution Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8345 | 7.6 |
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed, aka "LNK Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windo
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8344 | 9.3 |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8316 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 11, Internet Explorer
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8302 | 10.0 |
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8273 | 10.0 |
A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server.
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8266 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
15-08-2018 - 13:29 | 15-08-2018 - 13:29 | |
CVE-2018-8327 | 10.0 |
A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code Execution Vulnerability." This affects PowerShell Editor, PowerShell Extension.
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8312 | 9.3 |
A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects in memory, aka "Microsoft Access Remote Code Execution Vulnerability." This affects Microsoft Access, Microsoft Office.
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8311 | 6.8 |
A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka "Remote Code Execution Vulnerability in Skype For Business and Lync." This affects Skype, Microso
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8306 | 5.2 |
A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka "Microsoft Wireless Display Adapter Command Injection Vulnerability." This
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8301 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-20
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8300 | 6.8 |
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka "Microsoft SharePoint Remote Code Execution Vulnerability." This affects Microsoft SharePoint.
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8298 | 7.6 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-201
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8296 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CV
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8294 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8291 | 7.6 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8290 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8288 | 7.6 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8287 | 7.6 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Inter
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8286 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8284 | 9.3 |
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Micros
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8283 | 7.6 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-201
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8281 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft PowerPo
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8280 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8279 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8275 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8274 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8262, CVE-20
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8262 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8274, CVE-20
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8260 | 6.8 |
A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka ".NET Framework Remote Code Execution Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2.
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8242 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8172 | 9.3 |
A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio,
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8125 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8262, CVE-2018-8274, CVE-20
|
10-07-2018 - 20:29 | 10-07-2018 - 20:29 | |
CVE-2018-8267 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8251 | 7.6 |
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8249 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0978.
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8248 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office.
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8245 | 6.8 |
A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsof
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8243 | 7.6 |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8267.
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8236 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8111.
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8231 | 9.3 |
A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8229 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8227 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8225 | 9.3 |
A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Wind
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8213 | 7.2 |
A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8210 | 7.2 |
A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8175 | 7.1 |
An denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory, aka "WEBDAV Denial of Service Vulnerability." This affects Windows 10 Servers, Windows 10.
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8111 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8236.
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8110 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8111, CVE-2018-8236.
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-0978 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE
|
14-06-2018 - 08:29 | 14-06-2018 - 08:29 | |
CVE-2018-8176 | 9.3 |
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly validate XML content, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office.
|
23-05-2018 - 09:29 | 23-05-2018 - 09:29 | |
CVE-2018-8179 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8178 | 7.6 |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8177 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from C
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8174 | 7.6 |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Ser
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8162 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8161 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsoft Office, M
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8158 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique f
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8157 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique f
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8154 | 10.0 |
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server. This CVE ID is
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8148 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8147 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8139 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8137 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8136 | 9.3 |
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 201
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8133 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8130 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8128 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8122 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CV
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8114 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CV
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-1022 | 7.6 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-0961 | 7.4 |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-0959 | 7.4 |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Win
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-0955 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-0954 | 7.6 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11,
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-0953 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-0951 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-09
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-0946 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-0945 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-0943 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-0824 | 5.1 |
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Wind
|
09-05-2018 - 15:29 | 09-05-2018 - 15:29 | |
CVE-2018-8115 | 9.3 |
A remote code execution vulnerability exists when the Windows Host Compute Service Shim (hcsshim) library fails to properly validate input while importing a container image, aka "Windows Host Compute Service Shim Remote Code Execution Vulnerability."
|
02-05-2018 - 15:29 | 02-05-2018 - 15:29 | |
CVE-2018-8118 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11, Internet Explorer 10.
|
19-04-2018 - 12:29 | 19-04-2018 - 12:29 | |
CVE-2018-1030 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique f
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1029 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, M
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1028 | 9.3 |
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft S
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1027 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel, Microsoft Office. This CVE
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1026 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique f
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1023 | 7.6 |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1020 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1019 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1018 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0870, CVE-2018-
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1016 | 9.3 |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1015 | 9.3 |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1013 | 9.3 |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1012 | 9.3 |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1011 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1010 | 9.3 |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1004 | 9.3 |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Window
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1003 | 9.3 |
A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-1001 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0997 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0870, CVE-2018-
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0996 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0995 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0994 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0993 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0991 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CV
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0990 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0988 | 7.6 |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0980 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0979 | 7.6 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0920 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0870 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0991, CVE-2018-
|
11-04-2018 - 21:29 | 11-04-2018 - 21:29 | |
CVE-2018-0986 | 9.3 |
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." Th
|
04-04-2018 - 13:29 | 04-04-2018 - 13:29 | |
CVE-2018-0937 | 7.6 |
ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872,
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0936 | 7.6 |
ChakraCore and Microsoft Windows 10 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0935 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the sc
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0934 | 7.6 |
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". T
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0933 | 7.6 |
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". T
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0931 | 7.6 |
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". T
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0930 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0925 | 7.6 |
ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0893, and CVE-201
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0922 | 9.3 |
Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Compatibility Pack SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft Office Word Vi
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0903 | 6.8 |
Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Access Remote Code Execution Vuln
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0893 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0889 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0886 | 7.6 |
The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Window
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0883 | 7.6 |
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution v
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0876 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0874 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0873 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulne
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0872 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption
|
14-03-2018 - 13:29 | 14-03-2018 - 13:29 | |
CVE-2018-0908 | 4.3 |
Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM 2016 server, aka "Microsoft Identity Manager XSS El
|
26-02-2018 - 17:29 | 26-02-2018 - 17:29 | |
CVE-2018-0866 | 9.3 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the sc
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0861 | 9.3 |
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0860 | 7.6 |
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0859 | 7.6 |
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0858 | 9.3 |
ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-08
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0857 | 7.6 |
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0856 | 7.6 |
Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0852 | 9.3 |
Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Outlook handles objects in mem
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0851 | 9.3 |
Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Offi
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0841 | 9.3 |
Microsoft Office 2016 Click-to-Run allows a remote code execution vulnerability due to how objects are handled in memory, aka "Office Remote Code Execution Vulnerability"
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0840 | 9.3 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0838 | 7.6 |
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0837 | 7.6 |
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0836 | 7.6 |
Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0835 | 7.6 |
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0834 | 9.3 |
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2018-0825 | 7.6 |
StructuredQuery in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution
|
14-02-2018 - 21:29 | 14-02-2018 - 21:29 | |
CVE-2014-8985 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
08-02-2018 - 18:29 | 08-02-2018 - 18:29 | |
CVE-2014-4145 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
08-02-2018 - 18:29 | 08-02-2018 - 18:29 | |
CVE-2014-4112 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
08-02-2018 - 18:29 | 08-02-2018 - 18:29 | |
CVE-2014-4066 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
08-02-2018 - 18:29 | 08-02-2018 - 18:29 | |
CVE-2018-0862 | 9.3 |
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Re
|
22-01-2018 - 18:29 | 22-01-2018 - 18:29 | |
CVE-2018-0849 | 9.3 |
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Re
|
22-01-2018 - 18:29 | 22-01-2018 - 18:29 | |
CVE-2018-0848 | 9.3 |
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Re
|
22-01-2018 - 18:29 | 22-01-2018 - 18:29 | |
CVE-2018-0845 | 9.3 |
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Re
|
22-01-2018 - 18:29 | 22-01-2018 - 18:29 | |
CVE-2018-0812 | 9.3 |
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Me
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0807 | 9.3 |
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Re
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0806 | 9.3 |
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Re
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0805 | 9.3 |
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Re
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0804 | 9.3 |
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Re
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0802 | 9.3 |
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulner
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0801 | 9.3 |
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution V
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0798 | 9.3 |
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulne
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0797 | 9.3 |
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0796 | 9.3 |
Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Excel Remote Code Execution Vu
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0795 | 9.3 |
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability".
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0794 | 9.3 |
Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vuln
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0793 | 9.3 |
Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from CVE-2
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0792 | 9.3 |
Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0794.
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0791 | 9.3 |
Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This
|
09-01-2018 - 20:29 | 09-01-2018 - 20:29 | |
CVE-2018-0781 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memor
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0778 | 7.6 |
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is uniqu
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0777 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memor
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0776 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memor
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0775 | 7.6 |
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is uniqu
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0774 | 7.6 |
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is uniqu
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0773 | 7.6 |
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is uniqu
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0772 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 all
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0770 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memor
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0769 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memor
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0768 | 7.6 |
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is uniqu
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0762 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 all
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2018-0758 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memor
|
04-01-2018 - 09:29 | 04-01-2018 - 09:29 | |
CVE-2017-11935 | 9.3 |
Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11930 | 7.6 |
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11918 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Me
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11916 | 7.6 |
ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11914 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory C
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11913 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11912 | 7.6 |
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11911 | 7.6 |
ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corrupt
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11910 | 7.6 |
ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory C
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11909 | 7.6 |
ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corrupt
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11908 | 7.6 |
ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique f
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11907 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11905 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Eng
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11903 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11901 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11895 | 7.6 |
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11894 | 7.6 |
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and and Internet Explorer adn Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Win
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11893 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Eng
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11890 | 7.6 |
Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the cu
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11889 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripti
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11888 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Mem
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11886 | 7.6 |
Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the cu
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11885 | 8.5 |
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a remote code execution vulnerability due to
|
12-12-2017 - 16:29 | 12-12-2017 - 16:29 | |
CVE-2017-11940 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft
|
08-12-2017 - 09:29 | 08-12-2017 - 09:29 | |
CVE-2017-11937 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft
|
07-12-2017 - 12:29 | 07-12-2017 - 12:29 | |
CVE-2017-11884 | 9.3 |
Microsoft Excel 2016 Click-to-Run (C2R) allows an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CV
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11882 | 9.3 |
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objec
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11878 | 9.3 |
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, and Microsoft Excel Viewe
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11873 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, a
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11871 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corr
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11870 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corr
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11869 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11866 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in mem
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11862 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11861 | 7.6 |
Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11858 | 7.6 |
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Serv
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11856 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11855 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an atta
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11854 | 9.3 |
Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11846 | 7.5 |
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Serv
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11845 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11843 | 7.6 |
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11841 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in mem
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11840 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in mem
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11839 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to take control of an affected system, due to how the scripting engine handles objects in memory, aka "Scripting Engine
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11838 | 7.6 |
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11837 | 7.6 |
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11836 | 7.6 |
ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to take control of an affected system, due to how the scripting engine handles objects in mem
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11827 | 9.3 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows
|
14-11-2017 - 22:29 | 14-11-2017 - 22:29 | |
CVE-2017-11767 | 10.0 |
ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
|
02-11-2017 - 15:29 | 02-11-2017 - 15:29 | |
CVE-2017-8727 | 7.6 |
Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-8718 | 9.3 |
The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to take control of an affected s
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-8717 | 9.3 |
The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to take control of an affected s
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11826 | 9.3 |
Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote cod
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11825 | 9.3 |
Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Mic
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11822 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11821 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerabili
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11819 | 7.6 |
Microsoft Windows 7 SP1 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft browsers handle objects in memory, aka "Windows Shell Remote Code Execution Vulnerability".
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11813 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11812 | 9.3 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11811 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scr
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11810 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11809 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scr
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11808 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scr
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11807 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerabili
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11806 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerabili
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11805 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerabili
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11804 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scr
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11802 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scr
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11801 | 7.6 |
ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11800 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11799 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scr
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11798 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine M
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11797 | 7.6 |
ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11796 | 7.6 |
ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11793 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11792 | 7.6 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerabilit
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11780 | 6.8 |
The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a remote code ex
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11779 | 9.3 |
The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to p
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11771 | 10.0 |
The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code e
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11769 | 9.3 |
The Microsoft Windows TRIE component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles loading dll files, aka "TRIE Remote Code Execution Vulnerability".
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11763 | 6.8 |
The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code executi
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-11762 | 6.8 |
The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code executi
|
13-10-2017 - 09:29 | 13-10-2017 - 09:29 | |
CVE-2017-8759 | 9.3 |
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8757 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way Microsoft Edge handles objects in memory, aka "Microsoft Edge Remot
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8756 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Scripting Engi
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8755 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the scripting engine handles objects in memory in Microsoft Edge, ak
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8753 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory,
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8752 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8751 | 7.6 |
Microsoft Edge in Microsoft Windows 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability". This CVE ID
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8750 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8749 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in t
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8748 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8747 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the conte
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8744 | 9.3 |
A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, and Microsoft Excel 2016 when they
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8743 | 9.3 |
A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability"
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8742 | 9.3 |
A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Micr
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8741 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8740 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vu
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8738 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8737 | 7.6 |
Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8734 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8731 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge Memory Corruption
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8729 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vu
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8728 | 7.6 |
Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8725 | 9.3 |
A remote code execution vulnerability exists in Microsoft Publisher 2007 Service Pack 3 and Microsoft Publisher 2010 Service Pack 2 when they fail to properly handle objects in memory, aka "Microsoft Office Publisher Remote Code Execution".
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8714 | 6.9 |
The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from an authenticated user on a g
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8699 | 7.6 |
Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to run arbitrary code in the context o
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8696 | 7.6 |
Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 200
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8692 | 9.3 |
The Windows Uniscribe component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote code execution vulnerability when it fails to properly handle obje
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8686 | 7.5 |
The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive, due to a memory corruption vuln
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8682 | 9.3 |
Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, Windows Server 2016, Microsoft Office Word Viewer, Microsoft Office
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8660 | 9.3 |
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaScript engines render content when handling ob
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8649 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaScript engines render content when handling objects
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8632 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Micr
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8631 | 9.3 |
A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Off
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8630 | 9.3 |
Microsoft Office 2016 allows a remote code execution vulnerability when it fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8631, CVE-2017-8632, and CVE-2017-8744.
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8567 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel for Mac 2011 when it fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution".
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-11766 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft Edge accesses objects in memory, aka "Microsoft Edge
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-11764 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Script
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-0161 | 6.8 |
The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code exe
|
12-09-2017 - 21:29 | 12-09-2017 - 21:29 | |
CVE-2017-8658 | 10.0 |
A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
|
10-08-2017 - 21:29 | 10-08-2017 - 21:29 | |
CVE-2017-8518 | 7.6 |
Microsoft Edge allows a remote code execution vulnerability due to the way it accesses objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
|
10-08-2017 - 14:29 | 10-08-2017 - 14:29 | |
CVE-2017-8691 | 9.3 |
Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow an attacker to execute code remotely on a target system when the Windows font library fails to properly handle specially crafted embedded fonts, aka "Express Compressed Fonts Remote Code Exe
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8674 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8672 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling obj
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8671 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling obj
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8670 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects i
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8669 | 7.6 |
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context o
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8664 | 7.2 |
Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from a privileged us
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8661 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way affected Microsoft scripting engines render when handling objects in memory, aka
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8657 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling obj
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8656 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects i
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8655 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handli
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8653 | 7.6 |
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in t
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8651 | 7.6 |
Internet Explorer in Microsoft Windows Server 2008 SP2 and Windows Server 2012 allows an attacker to execute arbitrary code in the context of the current user due to Internet Explorer improperly accessing objects in memory, aka "Internet Explorer Mem
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8647 | 7.6 |
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Co
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8646 | 7.6 |
Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in me
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8645 | 7.6 |
Microsoft Edge in Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in me
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8641 | 7.6 |
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the conte
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8640 | 7.6 |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8639 | 7.6 |
Microsoft Edge in Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory,
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8638 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8636 | 7.6 |
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the conte
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8635 | 7.6 |
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the conte
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8634 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8620 | 9.3 |
Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it imp
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8591 | 7.2 |
Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an remote code execution vulnerability when it fails to properly handle objects i
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-0293 | 7.6 |
Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly hand
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-0250 | 9.3 |
Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability
|
08-08-2017 - 17:29 | 08-08-2017 - 17:29 | |
CVE-2017-8663 | 9.3 |
Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a remote code execution vulnerability due to the way Microsoft Outlook parses specially crafted email message
|
01-08-2017 - 16:29 | 01-08-2017 - 16:29 | |
CVE-2017-8619 | 7.6 |
Microsoft Edge on Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corrupt
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8618 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Internet Explorer in the way affected Microsoft scrip
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8617 | 7.6 |
Microsoft Edge in Windows 10 1703 Microsoft Edge allows a remote code execution vulnerability in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8610 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Cor
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8609 | 7.6 |
Microsoft Internet Explorer in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8608 | 7.6 |
Microsoft browsers in Microsoft Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the c
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8607 | 7.6 |
Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the conte
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8606 | 7.6 |
Microsoft browsers in Microsoft Windows 7, Windows Server 2008 and R2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the conte
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8605 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Mi
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8604 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsof
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8603 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsof
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8601 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Mi
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8598 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Mi
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8596 | 7.6 |
Microsoft Edge in Microsoft Windows 10 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Microsoft Edge
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8595 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engine fails to render when handling objects in memory in Mi
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8594 | 7.6 |
Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the current user when Internet Explorer improperly accesses objects in memory, aka "Internet Expl
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8589 | 10.0 |
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windo
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8588 | 7.6 |
Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the w
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8584 | 7.9 |
Windows 10 1607 and Windows Server 2016 allow an attacker to execute code remotely via a specially crafted WiFi packet aka "HoloLens Remote Code Execution Vulnerability."
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8570 | 9.3 |
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8565 | 9.3 |
Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObje
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8502 | 9.3 |
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8501.
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8501 | 9.3 |
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8502.
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8463 | 9.3 |
Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way i
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-0243 | 9.3 |
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8570.
|
11-07-2017 - 17:29 | 11-07-2017 - 17:29 | |
CVE-2017-8558 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10
|
29-06-2017 - 09:29 | 29-06-2017 - 09:29 | |
CVE-2014-6354 | 7.6 |
Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 allows remote attackers to execute arbitrary code.
|
27-06-2017 - 16:29 | 27-06-2017 - 16:29 | |
CVE-2017-8549 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engin
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8548 | 7.6 |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engin
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8543 | 10.0 |
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8528 | 9.3 |
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows a remote c
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8527 | 9.3 |
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it han
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8524 | 7.6 |
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8522 | 7.6 |
Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when th
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8521 | 7.6 |
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". Thi
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8520 | 7.6 |
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". Thi
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8519 | 7.6 |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to execute arbitrary code in the context of the current user when Internet Explorer imprope
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8517 | 7.6 |
Microsoft browsers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8513 | 9.3 |
A remote code execution vulnerability exists in Microsoft PowerPoint when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability".
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8512 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8511 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8512, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8510 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8511, CVE-2017-8512, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8509 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8507 | 9.3 |
A remote code execution vulnerability exists in the way Microsoft Office software parses specially crafted email messages, aka "Microsoft Office Memory Corruption Vulnerability".
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8506 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8499 | 7.6 |
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". Thi
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8497 | 7.6 |
Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8496 | 7.6 |
Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability".
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-8464 | 9.3 |
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers t
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-0294 | 9.3 |
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute remote code when Windows fails to pro
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-0292 | 9.3 |
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-0291 | 9.3 |
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-0283 | 9.3 |
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Wor
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-0260 | 9.3 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, C
|
14-06-2017 - 21:29 | 14-06-2017 - 21:29 | |
CVE-2017-9417 | 7.5 |
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.
|
04-06-2017 - 17:29 | 04-06-2017 - 17:29 | |
CVE-2017-8541 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, a
|
26-05-2017 - 16:29 | 26-05-2017 - 16:29 | |
CVE-2017-8540 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, a
|
26-05-2017 - 16:29 | 26-05-2017 - 16:29 | |
CVE-2017-8538 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, a
|
26-05-2017 - 16:29 | 26-05-2017 - 16:29 | |
CVE-2017-0223 | 7.5 |
A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252.
|
15-05-2017 - 13:29 | 15-05-2017 - 13:29 | |
CVE-2017-0281 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016,
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0279 | 6.8 |
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0278 | 6.8 |
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0277 | 6.8 |
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0272 | 9.3 |
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0266 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability."
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0265 | 9.3 |
Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0264 | 9.3 |
Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0254 and CVE-2017
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0262 | 9.3 |
Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-201
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0261 | 9.3 |
Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-201
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0254 | 9.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Servic
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0240 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0238 | 7.6 |
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript scripting engines handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0236 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0235 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0234 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0230 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0229 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0228 | 7.6 |
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229,
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0227 | 7.6 |
A remote code execution vulnerability exists in Microsoft Edge in the way affected Microsoft scripting engines render when handling objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0221 and
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0226 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0222.
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0224 | 7.6 |
A remote code execution vulnerability exists in the way JavaScript engines render when handling objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0228, CVE-2017-0229, CVE-
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0222 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0226.
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0221 | 7.6 |
A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240.
|
12-05-2017 - 10:29 | 12-05-2017 - 10:29 | |
CVE-2017-0290 | 9.3 |
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, a
|
11-05-2017 - 21:29 | 09-05-2017 - 02:29 | |
CVE-2017-0199 | 9.3 |
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted do
|
20-04-2017 - 14:23 | 12-04-2017 - 10:59 | |
CVE-2017-0197 | 9.3 |
Microsoft OneNote 2007 SP3 and Microsoft OneNote 2010 SP2 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office DLL Loading Vulnerability."
|
20-04-2017 - 14:11 | 12-04-2017 - 10:59 | |
CVE-2017-0202 | 7.6 |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user, a.k.a. "
|
20-04-2017 - 13:47 | 12-04-2017 - 10:59 | |
CVE-2017-0201 | 7.6 |
A remote code execution vulnerability exists in Internet Explorer in the way that the JScript and VBScript engines render when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary c
|
20-04-2017 - 13:44 | 12-04-2017 - 10:59 | |
CVE-2017-0205 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "M
|
20-04-2017 - 13:44 | 12-04-2017 - 10:59 | |
CVE-2017-0200 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user, aka "M
|
20-04-2017 - 13:09 | 12-04-2017 - 10:59 | |
CVE-2017-0181 | 7.4 |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10 or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote C
|
18-04-2017 - 12:38 | 12-04-2017 - 10:59 | |
CVE-2017-0180 | 7.4 |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This
|
18-04-2017 - 12:35 | 12-04-2017 - 10:59 | |
CVE-2017-0160 | 7.2 |
Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."
|
18-04-2017 - 10:07 | 12-04-2017 - 10:59 | |
CVE-2017-0158 | 7.6 |
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption
|
18-04-2017 - 10:06 | 12-04-2017 - 10:59 | |
CVE-2017-0106 | 9.3 |
Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Offi
|
18-04-2017 - 10:03 | 12-04-2017 - 10:59 | |
CVE-2017-0162 | 7.4 |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest o
|
17-04-2017 - 15:15 | 12-04-2017 - 10:59 | |
CVE-2017-0093 | 7.6 |
A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arb
|
17-04-2017 - 15:01 | 12-04-2017 - 10:59 | |
CVE-2017-0163 | 7.4 |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This
|
17-04-2017 - 14:55 | 12-04-2017 - 10:59 | |
CVE-2017-0007 | 2.1 |
Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability."
|
04-04-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0037 | 7.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via ve
|
03-04-2017 - 21:59 | 26-02-2017 - 18:59 | |
CVE-2017-0100 | 4.4 |
A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a craft
|
31-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0005 | 6.9 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
30-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0038 | 4.3 |
gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers
|
27-03-2017 - 21:59 | 20-02-2017 - 11:59 | |
CVE-2017-0072 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
27-03-2017 - 10:31 | 16-03-2017 - 20:59 | |
CVE-2017-0063 | 4.3 |
The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2; Windows Server 2008 SP2 and R2; and Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows
|
24-03-2017 - 06:55 | 16-03-2017 - 20:59 | |
CVE-2017-0025 | 7.2 |
The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain pr
|
24-03-2017 - 06:47 | 16-03-2017 - 20:59 | |
CVE-2016-0188 | 9.3 |
The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka "Internet Explorer Security Feature Bypass."
|
23-03-2017 - 21:59 | 10-05-2016 - 21:59 | |
CVE-2016-0164 | 7.6 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
23-03-2017 - 21:59 | 12-04-2016 - 19:59 | |
CVE-2016-0162 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."
|
23-03-2017 - 21:59 | 12-04-2016 - 19:59 | |
CVE-2016-0084 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
23-03-2017 - 21:59 | 10-02-2016 - 06:59 | |
CVE-2016-0080 | 4.3 |
Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass."
|
23-03-2017 - 21:59 | 10-02-2016 - 06:59 | |
CVE-2016-0049 | 2.1 |
Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypas
|
23-03-2017 - 21:59 | 10-02-2016 - 06:59 | |
CVE-2017-0053 | 9.3 |
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via
|
23-03-2017 - 13:17 | 16-03-2017 - 20:59 | |
CVE-2017-0006 | 9.3 |
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Mic
|
23-03-2017 - 13:16 | 16-03-2017 - 20:59 | |
CVE-2017-0052 | 9.3 |
Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Mic
|
23-03-2017 - 12:51 | 16-03-2017 - 20:59 | |
CVE-2017-0030 | 9.3 |
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of
|
23-03-2017 - 12:48 | 16-03-2017 - 20:59 | |
CVE-2017-0027 | 2.6 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office d
|
23-03-2017 - 12:48 | 16-03-2017 - 20:59 | |
CVE-2017-0020 | 9.3 |
Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corrup
|
23-03-2017 - 12:47 | 16-03-2017 - 20:59 | |
CVE-2017-0105 | 4.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
23-03-2017 - 12:46 | 16-03-2017 - 20:59 | |
CVE-2017-0001 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
23-03-2017 - 12:42 | 16-03-2017 - 20:59 | |
CVE-2017-0014 | 7.6 |
The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
23-03-2017 - 12:42 | 16-03-2017 - 20:59 | |
CVE-2017-0084 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arb
|
23-03-2017 - 12:37 | 16-03-2017 - 20:59 | |
CVE-2017-0154 | 5.8 |
Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it into another via a crafted application, aka, "Internet
|
23-03-2017 - 12:34 | 16-03-2017 - 20:59 | |
CVE-2017-0109 | 7.4 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host
|
22-03-2017 - 18:18 | 16-03-2017 - 20:59 | |
CVE-2017-0096 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to obtain sensitive information from h
|
22-03-2017 - 18:17 | 16-03-2017 - 20:59 | |
CVE-2017-0075 | 7.4 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host
|
22-03-2017 - 18:15 | 16-03-2017 - 20:59 | |
CVE-2017-0108 | 9.3 |
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allo
|
21-03-2017 - 13:55 | 16-03-2017 - 20:59 | |
CVE-2017-0061 | 2.6 |
The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2, Windows Server 2008 SP2 and R2, and Windows 7 SP1 allows remote attackers to bypass ASLR and execute code in combination with another vulnerability through a
|
21-03-2017 - 13:44 | 16-03-2017 - 20:59 | |
CVE-2017-0021 | 7.7 |
Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is differ
|
21-03-2017 - 13:40 | 16-03-2017 - 20:59 | |
CVE-2017-0047 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
21-03-2017 - 13:34 | 16-03-2017 - 20:59 | |
CVE-2017-0039 | 9.3 |
Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."
|
21-03-2017 - 13:33 | 16-03-2017 - 20:59 | |
CVE-2017-0095 | 7.9 |
Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This vu
|
21-03-2017 - 11:51 | 16-03-2017 - 20:59 | |
CVE-2017-0129 | 5.0 |
Microsoft Lync for Mac 2011 fails to properly validate certificates, allowing remote attackers to alter server-client communications, aka "Microsoft Lync for Mac Certificate Validation Vulnerability."
|
21-03-2017 - 11:49 | 16-03-2017 - 20:59 | |
CVE-2017-0062 | 1.9 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
21-03-2017 - 11:32 | 16-03-2017 - 20:59 | |
CVE-2017-0060 | 1.9 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
21-03-2017 - 11:32 | 16-03-2017 - 20:59 | |
CVE-2017-0073 | 4.3 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
20-03-2017 - 17:18 | 16-03-2017 - 20:59 | |
CVE-2017-0098 | 2.9 |
Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka "Hyper-V Denial of Service Vulnerability." This vulnerabilit
|
20-03-2017 - 17:01 | 16-03-2017 - 20:59 | |
CVE-2017-0076 | 2.9 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
20-03-2017 - 16:56 | 16-03-2017 - 20:59 | |
CVE-2017-0099 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to
|
20-03-2017 - 15:24 | 16-03-2017 - 20:59 | |
CVE-2017-0074 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
20-03-2017 - 15:24 | 16-03-2017 - 20:59 | |
CVE-2017-0097 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
20-03-2017 - 15:23 | 16-03-2017 - 20:59 | |
CVE-2017-0057 | 4.3 |
DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convinc
|
20-03-2017 - 15:22 | 16-03-2017 - 20:59 | |
CVE-2017-0029 | 4.3 |
Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."
|
20-03-2017 - 10:58 | 16-03-2017 - 20:59 | |
CVE-2017-0104 | 9.3 |
The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerabilit
|
20-03-2017 - 10:54 | 16-03-2017 - 20:59 | |
CVE-2017-0031 | 9.3 |
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corrupti
|
20-03-2017 - 10:52 | 16-03-2017 - 20:59 | |
CVE-2017-0107 | 4.3 |
Microsoft SharePoint Server fails to sanitize crafted web requests, allowing remote attackers to run cross-script in local security context, aka "Microsoft SharePoint XSS Vulnerability."
|
20-03-2017 - 10:52 | 16-03-2017 - 20:59 | |
CVE-2017-0019 | 9.3 |
Microsoft Word 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those describe
|
20-03-2017 - 10:51 | 16-03-2017 - 20:59 | |
CVE-2017-0066 | 4.0 |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and
|
20-03-2017 - 10:49 | 16-03-2017 - 20:59 | |
CVE-2017-0147 | 4.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
20-03-2017 - 10:34 | 16-03-2017 - 20:59 | |
CVE-2017-0018 | 7.6 |
Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different f
|
20-03-2017 - 09:48 | 16-03-2017 - 20:59 | |
CVE-2017-0015 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:46 | 16-03-2017 - 20:59 | |
CVE-2017-0132 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:45 | 16-03-2017 - 20:59 | |
CVE-2017-0137 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:45 | 16-03-2017 - 20:59 | |
CVE-2017-0071 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:30 | 16-03-2017 - 20:59 | |
CVE-2017-0035 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:30 | 16-03-2017 - 20:59 | |
CVE-2017-0138 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:29 | 16-03-2017 - 20:59 | |
CVE-2017-0134 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:29 | 16-03-2017 - 20:59 | |
CVE-2017-0151 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:28 | 16-03-2017 - 20:59 | |
CVE-2017-0136 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:27 | 16-03-2017 - 20:59 | |
CVE-2017-0094 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:26 | 16-03-2017 - 20:59 | |
CVE-2017-0133 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:26 | 16-03-2017 - 20:59 | |
CVE-2017-0141 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:25 | 16-03-2017 - 20:59 | |
CVE-2017-0067 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:25 | 16-03-2017 - 20:59 | |
CVE-2017-0131 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:24 | 16-03-2017 - 20:59 | |
CVE-2017-0010 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:23 | 16-03-2017 - 20:59 | |
CVE-2017-0032 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:22 | 16-03-2017 - 20:59 | |
CVE-2017-0150 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:21 | 16-03-2017 - 20:59 | |
CVE-2017-0070 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
20-03-2017 - 09:21 | 16-03-2017 - 20:59 | |
CVE-2017-0130 | 7.6 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This v
|
20-03-2017 - 09:18 | 16-03-2017 - 20:59 | |
CVE-2017-0008 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those descr
|
19-03-2017 - 21:05 | 16-03-2017 - 20:59 | |
CVE-2017-0051 | 2.9 |
Microsoft Windows 10 1607 and Windows Server 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Hyper-V Network Switch Denial of Service Vulnerability." This vulnerability is diff
|
19-03-2017 - 21:05 | 16-03-2017 - 20:59 | |
CVE-2017-0033 | 4.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0
|
19-03-2017 - 20:56 | 16-03-2017 - 20:59 | |
CVE-2017-0011 | 4.3 |
Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0
|
19-03-2017 - 20:54 | 16-03-2017 - 20:59 | |
CVE-2017-0017 | 4.3 |
The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability." This vulner
|
19-03-2017 - 20:49 | 16-03-2017 - 20:59 | |
CVE-2017-0009 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described
|
19-03-2017 - 20:47 | 16-03-2017 - 20:59 | |
CVE-2017-0065 | 4.3 |
Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CV
|
19-03-2017 - 20:46 | 16-03-2017 - 20:59 | |
CVE-2017-0149 | 7.6 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is differen
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0148 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0146 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0145 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0144 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0143 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0117 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0116 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0115 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0114 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0113 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0112 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0111 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0092 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0091 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0090 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0089 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0088 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0087 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0086 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0085 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0083 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0069 | 4.3 |
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0068 | 4.3 |
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0059 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those descr
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0049 | 4.3 |
The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different fro
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0040 | 7.6 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This v
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0034 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0023 | 7.6 |
The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerabilit
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0012 | 4.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0
|
17-03-2017 - 21:59 | 16-03-2017 - 20:59 | |
CVE-2017-0003 | 9.3 |
Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
15-03-2017 - 21:59 | 10-01-2017 - 16:59 | |
CVE-2016-7289 | 9.3 |
Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
15-03-2017 - 21:59 | 20-12-2016 - 01:59 | |
CVE-2014-4113 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users
|
13-03-2017 - 21:59 | 15-10-2014 - 06:55 | |
CVE-2016-3210 | 9.3 |
The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
01-03-2017 - 21:59 | 15-06-2016 - 21:59 | |
CVE-2016-0189 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
23-02-2017 - 21:59 | 10-05-2016 - 21:59 | |
CVE-2012-0158 | 9.3 |
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005
|
23-02-2017 - 21:59 | 10-04-2012 - 17:55 | |
CVE-2016-0148 | 7.2 |
Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, which allows local users to gain privileges via a crafted application, aka ".NET Framework Remote Code Execution Vulnerability."
|
19-02-2017 - 01:15 | 12-04-2016 - 19:59 | |
CVE-2016-7293 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue in a "generally available" software product. Notes: none.
|
16-02-2017 - 11:59 | 16-02-2017 - 11:59 | ||
CVE-2016-7288 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
10-02-2017 - 21:59 | 20-12-2016 - 01:59 | |
CVE-2016-7236 | 9.3 |
Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
10-02-2017 - 21:59 | 10-11-2016 - 01:59 | |
CVE-2016-7234 | 9.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Excel for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Ser
|
10-02-2017 - 21:59 | 10-11-2016 - 01:59 | |
CVE-2016-7233 | 4.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obt
|
10-02-2017 - 21:59 | 10-11-2016 - 01:59 | |
CVE-2016-7232 | 9.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
10-02-2017 - 21:59 | 10-11-2016 - 01:59 | |
CVE-2015-1761 | 6.5 |
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka "S
|
01-02-2017 - 21:59 | 14-07-2015 - 19:59 | |
CVE-2016-3212 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, aka "Internet Explorer XSS Filter Vulne
|
30-01-2017 - 21:59 | 15-06-2016 - 21:59 | |
CVE-2016-7201 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
19-01-2017 - 21:59 | 10-11-2016 - 01:59 | |
CVE-2016-7200 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
19-01-2017 - 21:59 | 10-11-2016 - 01:59 | |
CVE-2016-7256 | 9.3 |
atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows rem
|
17-01-2017 - 21:59 | 10-11-2016 - 02:00 | |
CVE-2014-6351 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
11-01-2017 - 15:10 | 11-11-2014 - 17:55 | |
CVE-2014-6350 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349.
|
11-01-2017 - 15:09 | 11-11-2014 - 17:55 | |
CVE-2014-6349 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6350.
|
11-01-2017 - 14:40 | 11-11-2014 - 17:55 | |
CVE-2014-6348 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
11-01-2017 - 14:40 | 11-11-2014 - 17:55 | |
CVE-2016-0182 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal (aka .jnt) file, aka "Windows Journal Memory Corruption V
|
06-01-2017 - 22:00 | 10-05-2016 - 21:59 | |
CVE-2014-6353 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6347 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6346 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6345 | 4.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6344 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6343 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6342 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6341 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6340 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6339 | 5.0 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6337 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6335 | 9.3 |
Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Invalid Pointer Remote Code
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6334 | 9.3 |
Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Bad Index Remote Code Execu
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6333 | 9.3 |
Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Double Delete Remote Code Execution Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6332 | 9.3 |
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute ar
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6323 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to obtain sensitive clipboard information via a crafted web site, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-6321 | 10.0 |
Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary cod
|
06-01-2017 - 22:00 | 11-11-2014 - 17:55 | |
CVE-2014-4111 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4110 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4109 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4108 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4107 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4106 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4105 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4104 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4103 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4102 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4101 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4100 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4099 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4098 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4097 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4096 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4095 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4094 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4093 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4092 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4091 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4090 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4089 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4088 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4087 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4086 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4085 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4084 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4083 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4082 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4081 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4080 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4079 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4067 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
CVE-2014-4065 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4063 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
CVE-2014-4060 | 6.8 |
Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document th
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
CVE-2014-4059 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 09-09-2014 - 21:55 | |
CVE-2014-4058 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
CVE-2014-4057 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
CVE-2014-4056 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
CVE-2014-4055 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
CVE-2014-4052 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
CVE-2014-4051 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
CVE-2014-4050 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 22:00 | 12-08-2014 - 17:55 | |
CVE-2014-2827 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2826 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2825 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2824 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2823 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2822 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2821 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2820 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2819 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2818 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2817 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2815 | 9.3 |
Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2811 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2810 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2808 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2799 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 09-09-2014 - 21:55 | |
CVE-2014-2796 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2784 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-2774 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 12-08-2014 - 17:55 | |
CVE-2014-0325 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that triggers improper processing of CElement objects, aka "Intern
|
06-01-2017 - 21:59 | 03-07-2014 - 10:55 | |
CVE-2014-0282 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
06-01-2017 - 21:59 | 11-06-2014 - 00:56 | |
CVE-2013-7331 | 5.8 |
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstra
|
06-01-2017 - 21:59 | 26-02-2014 - 09:55 | |
CVE-2013-5045 | 6.2 |
Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerabi
|
06-01-2017 - 21:59 | 10-12-2013 - 19:55 | |
CVE-2015-1624 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
05-01-2017 - 15:39 | 11-03-2015 - 06:59 | |
CVE-2015-1625 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
05-01-2017 - 15:39 | 11-03-2015 - 06:59 | |
CVE-2015-1626 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
05-01-2017 - 15:35 | 11-03-2015 - 06:59 | |
CVE-2015-1652 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
05-01-2017 - 15:31 | 14-04-2015 - 16:59 | |
CVE-2015-1658 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
05-01-2017 - 15:27 | 13-05-2015 - 06:59 | |
CVE-2015-1659 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
05-01-2017 - 15:27 | 14-04-2015 - 16:59 | |
CVE-2015-1665 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
05-01-2017 - 15:27 | 14-04-2015 - 16:59 | |
CVE-2015-1661 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
05-01-2017 - 15:27 | 14-04-2015 - 16:59 | |
CVE-2015-1668 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
05-01-2017 - 15:19 | 14-04-2015 - 16:59 | |
CVE-2015-1670 | 4.3 |
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote attackers to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType F
|
05-01-2017 - 15:17 | 13-05-2015 - 06:59 | |
CVE-2015-1623 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
05-01-2017 - 15:09 | 11-03-2015 - 06:59 | |
CVE-2015-6130 | 9.3 |
Integer underflow in Uniscribe in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows remote attackers to execute arbitrary code via a crafted font, aka "Windows Integer Underflow Vulnerability."
|
03-01-2017 - 14:03 | 09-12-2015 - 06:59 | |
CVE-2015-1750 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
03-01-2017 - 13:02 | 09-06-2015 - 21:59 | |
CVE-2015-1718 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1717 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1714 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1713 | 6.8 |
Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1712 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1711 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1710 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1709 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1708 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1706 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1705 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1704 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1703.
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1703 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1704.
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1700 | 6.0 |
Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "Microsoft SharePoint Page C
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1694 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1692 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows user-assisted remote attackers to read the clipboard contents via crafted web script, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1691 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1689 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1688 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1686 | 4.3 |
The Microsoft (1) VBScript 5.6 through 5.8 and (2) JScript 5.6 through 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1685 | 4.3 |
Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1684 | 4.3 |
VBScript.dll in the Microsoft VBScript 5.6 through 5.8 engine, as used in Internet Explorer 8 through 11 and other products, allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript ASLR Bypass."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1683 | 9.3 |
Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1682 | 9.3 |
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2013 RT SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office for Mac 2011,
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1671 | 9.3 |
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverligh
|
02-01-2017 - 21:59 | 13-05-2015 - 06:59 | |
CVE-2015-1635 | 10.0 |
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerabilit
|
02-01-2017 - 21:59 | 14-04-2015 - 16:59 | |
CVE-2015-0096 | 9.3 |
Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to
|
02-01-2017 - 21:59 | 11-03-2015 - 06:59 | |
CVE-2015-0092 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
02-01-2017 - 21:59 | 11-03-2015 - 06:59 | |
CVE-2015-0014 | 10.0 |
Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary
|
02-01-2017 - 21:59 | 13-01-2015 - 17:59 | |
CVE-2012-0002 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which a
|
02-01-2017 - 21:59 | 13-03-2012 - 17:55 | |
CVE-2015-1770 | 9.3 |
Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1766 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1765 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site.
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1760 | 9.3 |
Microsoft Office Compatibility Pack SP3, Office 2010 SP2, Office 2013 SP1, and Office 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1759 | 9.3 |
Microsoft Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1755 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1754 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1753 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1752 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1751 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1748 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743.
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1747 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1745 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1744 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1743 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748.
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1742 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1741 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1740 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1739 | 6.8 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1737 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1736 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1735 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1732 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1731 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1730 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-1687 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
30-12-2016 - 21:59 | 09-06-2015 - 21:59 | |
CVE-2015-0050 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
30-12-2016 - 21:59 | 10-02-2015 - 22:00 | |
CVE-2015-0040 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
30-12-2016 - 21:59 | 10-02-2015 - 22:00 | |
CVE-2014-4138 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
30-12-2016 - 21:59 | 15-10-2014 - 06:55 | |
CVE-2014-1785 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
30-12-2016 - 21:59 | 11-06-2014 - 00:56 | |
CVE-2013-5763 | 1.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance. NOTE: the original disclosure
|
30-12-2016 - 21:59 | 12-12-2013 - 15:55 | |
CVE-2013-3143 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
30-12-2016 - 21:59 | 09-07-2013 - 23:46 | |
CVE-2013-3120 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
30-12-2016 - 21:59 | 11-06-2013 - 23:30 | |
CVE-2013-3111 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
30-12-2016 - 21:59 | 11-06-2013 - 23:29 | |
CVE-2013-1309 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
30-12-2016 - 21:59 | 14-05-2013 - 23:36 | |
CVE-2013-1306 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnera
|
30-12-2016 - 21:59 | 14-05-2013 - 23:36 | |
CVE-2013-0090 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."
|
30-12-2016 - 21:59 | 12-03-2013 - 20:55 | |
CVE-2013-0019 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerabi
|
30-12-2016 - 21:59 | 13-02-2013 - 07:04 | |
CVE-2016-0199 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
29-12-2016 - 09:42 | 15-06-2016 - 21:59 | |
CVE-2016-0063 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
29-12-2016 - 09:42 | 10-02-2016 - 06:59 | |
CVE-2015-6168 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6153.
|
29-12-2016 - 08:19 | 09-12-2015 - 06:59 | |
CVE-2016-7287 | 7.6 |
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability
|
27-12-2016 - 21:59 | 20-12-2016 - 01:59 | |
CVE-2016-7286 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
27-12-2016 - 21:59 | 20-12-2016 - 01:59 | |
CVE-2016-7275 | 7.2 |
Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."
|
27-12-2016 - 09:45 | 20-12-2016 - 01:59 | |
CVE-2016-7297 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
27-12-2016 - 09:45 | 20-12-2016 - 01:59 | |
CVE-2016-7272 | 9.3 |
The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers t
|
27-12-2016 - 09:44 | 20-12-2016 - 01:59 | |
CVE-2016-7268 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive in
|
27-12-2016 - 09:44 | 20-12-2016 - 01:59 | |
CVE-2016-7277 | 9.3 |
Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
27-12-2016 - 09:44 | 20-12-2016 - 01:59 | |
CVE-2016-7280 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7206
|
27-12-2016 - 09:44 | 20-12-2016 - 01:59 | |
CVE-2016-7276 | 5.8 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted docum
|
27-12-2016 - 09:43 | 20-12-2016 - 01:59 | |
CVE-2016-7290 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
27-12-2016 - 09:43 | 20-12-2016 - 01:59 | |
CVE-2016-7291 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
27-12-2016 - 09:43 | 20-12-2016 - 01:59 | |
CVE-2016-7281 | 2.6 |
The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."
|
27-12-2016 - 09:42 | 20-12-2016 - 01:59 | |
CVE-2016-7282 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerabilit
|
27-12-2016 - 09:40 | 20-12-2016 - 01:59 | |
CVE-2016-7296 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
27-12-2016 - 09:36 | 20-12-2016 - 01:59 | |
CVE-2016-7300 | 4.6 |
Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability."
|
27-12-2016 - 09:35 | 20-12-2016 - 01:59 | |
CVE-2016-7298 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memo
|
27-12-2016 - 09:34 | 20-12-2016 - 01:59 | |
CVE-2016-7273 | 9.3 |
The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability."
|
27-12-2016 - 09:14 | 20-12-2016 - 01:59 | |
CVE-2016-7279 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
27-12-2016 - 09:14 | 20-12-2016 - 01:59 | |
CVE-2016-3385 | 9.3 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
|
23-12-2016 - 21:59 | 13-10-2016 - 22:59 | |
CVE-2016-3359 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
23-12-2016 - 21:59 | 14-09-2016 - 06:59 | |
CVE-2016-3358 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Exce
|
23-12-2016 - 21:59 | 14-09-2016 - 06:59 | |
CVE-2016-3247 | 5.1 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
23-12-2016 - 21:59 | 14-09-2016 - 06:59 | |
CVE-2016-3222 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
23-12-2016 - 21:59 | 15-06-2016 - 21:59 | |
CVE-2015-2502 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," as exploited in the wild in August 2015.
|
23-12-2016 - 21:59 | 19-08-2015 - 06:59 | |
CVE-2015-2474 | 9.0 |
Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka "Server Message Block Memory Corruption Vulnerability."
|
23-12-2016 - 21:59 | 14-08-2015 - 20:59 | |
CVE-2015-2423 | 4.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2
|
23-12-2016 - 21:59 | 14-08-2015 - 20:59 | |
CVE-2016-7264 | 5.8 |
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a craft
|
23-12-2016 - 16:02 | 20-12-2016 - 01:59 | |
CVE-2016-7263 | 9.3 |
Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
23-12-2016 - 16:02 | 20-12-2016 - 01:59 | |
CVE-2016-7262 | 6.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a c
|
23-12-2016 - 16:01 | 20-12-2016 - 01:59 | |
CVE-2016-7257 | 4.3 |
The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka
|
23-12-2016 - 16:01 | 20-12-2016 - 01:59 | |
CVE-2016-7265 | 5.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attacker
|
23-12-2016 - 16:01 | 20-12-2016 - 01:59 | |
CVE-2016-7266 | 6.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel 2016 for Mac mishandle a registry check, which allows user-assisted remote attackers to execute arbitrary
|
23-12-2016 - 16:01 | 20-12-2016 - 01:59 | |
CVE-2016-7241 | 7.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
23-12-2016 - 16:00 | 10-11-2016 - 01:59 | |
CVE-2016-7210 | 4.3 |
atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sens
|
23-12-2016 - 15:59 | 10-11-2016 - 01:59 | |
CVE-2016-7206 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7280
|
23-12-2016 - 15:59 | 20-12-2016 - 01:59 | |
CVE-2016-7202 | 7.6 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
23-12-2016 - 15:59 | 10-11-2016 - 01:59 | |
CVE-2016-7181 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
23-12-2016 - 15:58 | 20-12-2016 - 01:59 | |
CVE-2016-7267 | 4.3 |
Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses file formats, which makes it easier for remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability."
|
23-12-2016 - 15:51 | 20-12-2016 - 01:59 | |
CVE-2016-7284 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
21-12-2016 - 22:00 | 20-12-2016 - 01:59 | |
CVE-2016-7283 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
21-12-2016 - 22:00 | 20-12-2016 - 01:59 | |
CVE-2016-7278 | 2.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosure Vulnerability."
|
21-12-2016 - 22:00 | 20-12-2016 - 01:59 | |
CVE-2016-7274 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arb
|
21-12-2016 - 22:00 | 20-12-2016 - 01:59 | |
CVE-2015-2546 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2542 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2530 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2529 | 2.1 |
The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2527 | 7.2 |
The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which a
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2523 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft O
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2522 | 3.5 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content, aka "Microsoft SharePoint XSS Spoofing Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2521 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2520 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerabili
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2519 | 9.3 |
Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2518 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2517 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2516 | 4.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2514 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2513 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2512 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges v
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2511 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2510 | 9.3 |
Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remot
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2509 | 9.3 |
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Media Center link (mcl) file, aka "Windows Media Center RCE Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2508 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability."
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2507 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges v
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2506 | 9.3 |
atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2494 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2486 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2485 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
21-12-2016 - 21:59 | 08-09-2015 - 20:59 | |
CVE-2015-2443 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
21-12-2016 - 21:59 | 14-08-2015 - 06:59 | |
CVE-2015-2435 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 201
|
21-12-2016 - 21:59 | 14-08-2015 - 20:59 | |
CVE-2015-2558 | 9.3 |
Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007
|
12-12-2016 - 13:30 | 13-10-2015 - 21:59 | |
CVE-2015-2557 | 9.3 |
Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-12-2016 - 13:30 | 13-10-2015 - 21:59 | |
CVE-2015-2555 | 9.3 |
Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 and 2013 SP1 allows remote attackers to execute arbitrar
|
12-12-2016 - 13:26 | 13-10-2015 - 21:59 | |
CVE-2015-2548 | 9.3 |
Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerab
|
12-12-2016 - 13:22 | 13-10-2015 - 21:59 | |
CVE-2015-2515 | 9.3 |
Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers
|
12-12-2016 - 13:21 | 13-10-2015 - 21:59 | |
CVE-2015-2482 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
|
12-12-2016 - 13:20 | 13-10-2015 - 21:59 | |
CVE-2015-2408 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-12-2016 - 09:52 | 14-07-2015 - 17:59 | |
CVE-2015-1697 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
09-12-2016 - 14:58 | 13-05-2015 - 06:59 | |
CVE-2015-1696 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
09-12-2016 - 14:58 | 13-05-2015 - 06:59 | |
CVE-2015-1642 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
09-12-2016 - 14:58 | 14-08-2015 - 20:59 | |
CVE-2015-1698 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
09-12-2016 - 14:56 | 13-05-2015 - 06:59 | |
CVE-2014-4132 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
09-12-2016 - 13:25 | 15-10-2014 - 06:55 | |
CVE-2014-4126 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
09-12-2016 - 13:25 | 15-10-2014 - 06:55 | |
CVE-2014-4128 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
09-12-2016 - 13:24 | 15-10-2014 - 06:55 | |
CVE-2014-6363 | 9.3 |
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScri
|
09-12-2016 - 13:20 | 10-12-2014 - 19:59 | |
CVE-2015-0023 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
09-12-2016 - 13:18 | 10-02-2015 - 22:00 | |
CVE-2015-1728 | 9.3 |
Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability."
|
08-12-2016 - 15:50 | 09-06-2015 - 21:59 | |
CVE-2015-6047 | 6.8 |
The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the AppContainer protection mechanism and gain privileges via a DelegateExecute launch of an arbitrary application, as demonstrated by a transit
|
08-12-2016 - 15:50 | 13-10-2015 - 21:59 | |
CVE-2015-6046 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
08-12-2016 - 15:49 | 13-10-2015 - 21:59 | |
CVE-2015-6055 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Fi
|
08-12-2016 - 15:49 | 13-10-2015 - 21:59 | |
CVE-2015-6056 | 9.3 |
The (1) JScript and (2) VBScript engines in Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
08-12-2016 - 15:47 | 13-10-2015 - 21:59 | |
CVE-2015-6052 | 4.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript
|
08-12-2016 - 15:46 | 13-10-2015 - 21:59 | |
CVE-2015-6042 | 9.3 |
Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memo
|
08-12-2016 - 13:50 | 13-10-2015 - 21:59 | |
CVE-2015-6044 | 6.8 |
Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
08-12-2016 - 13:50 | 13-10-2015 - 21:59 | |
CVE-2015-6053 | 5.0 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via crafted parameters in an ArrayBuffer.slice call, aka "Internet Explorer Information Disclosure Vulnerability."
|
08-12-2016 - 11:57 | 13-10-2015 - 21:59 | |
CVE-2015-6048 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
08-12-2016 - 11:57 | 13-10-2015 - 21:59 | |
CVE-2015-6049 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
08-12-2016 - 11:56 | 13-10-2015 - 21:59 | |
CVE-2015-6050 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
08-12-2016 - 11:56 | 13-10-2015 - 21:59 | |
CVE-2015-6051 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
08-12-2016 - 11:56 | 13-10-2015 - 21:59 | |
CVE-2015-6059 | 4.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scriptin
|
07-12-2016 - 22:11 | 13-10-2015 - 21:59 | |
CVE-2014-1799 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 22:05 | 11-06-2014 - 00:56 | |
CVE-2014-0277 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
07-12-2016 - 22:04 | 11-02-2014 - 23:50 | |
CVE-2016-0035 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office doc
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0034 | 9.3 |
Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka "Silverlight Runtime R
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0020 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "MAPI DLL Loading Elevation of Privilege Vulnerability."
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0019 | 9.3 |
The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka "Windows R
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0018 | 6.9 |
Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0016 | 6.9 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain pri
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0015 | 9.3 |
DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file,
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0014 | 6.9 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain pri
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0012 | 4.3 |
Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1,
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0011 | 3.5 |
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft Share
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0010 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0009 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka "Win32k Remote Code Execution Vulnerability."
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0008 | 4.3 |
The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protectio
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0005 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0003 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Microsoft Edge Memory Corruption Vulnerability."
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2016-0002 | 7.6 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption
|
07-12-2016 - 13:30 | 13-01-2016 - 00:59 | |
CVE-2015-6160 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:19 | 09-12-2015 - 06:59 | |
CVE-2015-6159 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
07-12-2016 - 13:19 | 09-12-2015 - 06:59 | |
CVE-2015-6158 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
07-12-2016 - 13:19 | 09-12-2015 - 06:59 | |
CVE-2015-6157 | 4.3 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6155 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6151 | 9.3 |
Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6150 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6149 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6148 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6147 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6143 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6142 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6141 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6136 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6135 | 5.0 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scriptin
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6134 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6131 | 9.3 |
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted .mcl file, aka "Media Center Library Parsing RCE Vulnerability."
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6127 | 4.3 |
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability."
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6117 | 4.3 |
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft Share
|
07-12-2016 - 13:18 | 13-01-2016 - 00:59 | |
CVE-2015-6113 | 3.6 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesys
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6109 | 2.1 |
The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Wi
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6104 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers t
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6103 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers t
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6102 | 2.1 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protec
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6101 | 7.2 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a c
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6100 | 7.2 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a c
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6097 | 9.3 |
Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted Journal (.jnt) file, aka "Windows Journal Heap Overflo
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6094 | 9.3 |
Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Mic
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6093 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6092 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6091 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6089 | 9.3 |
The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corr
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6088 | 4.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6087 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6086 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6085 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6084 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6083 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 09-12-2015 - 06:59 | |
CVE-2015-6082 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6081 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6080 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6079 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6078 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6077 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6076 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6075 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6074 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6073 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
07-12-2016 - 13:18 | 11-11-2015 - 07:59 | |
CVE-2015-6072 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:17 | 11-11-2015 - 07:59 | |
CVE-2015-6071 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:17 | 11-11-2015 - 07:59 | |
CVE-2015-6070 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
CVE-2015-6069 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
CVE-2015-6068 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
CVE-2015-6066 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
CVE-2015-6065 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
CVE-2015-6064 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vu
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
CVE-2015-6045 | 9.3 |
Use-after-free vulnerability in the CElement object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript that improperly interacts w
|
07-12-2016 - 13:17 | 12-11-2015 - 22:59 | |
CVE-2015-6038 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 all
|
07-12-2016 - 13:17 | 11-11-2015 - 06:59 | |
CVE-2015-2503 | 9.3 |
Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 S |