Max CVSS | 10.0 | Min CVSS | 1.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-2529 | 9.3 |
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnera
|
21-10-2024 - 17:35 | 14-10-2009 - 10:30 | |
CVE-2009-2502 | 9.3 |
Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3
|
21-10-2024 - 17:35 | 14-10-2009 - 10:30 | |
CVE-2009-3671 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
21-10-2024 - 17:35 | 09-12-2009 - 18:30 | |
CVE-2009-1529 | 9.3 |
Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by calling
|
21-10-2024 - 17:35 | 10-06-2009 - 18:30 | |
CVE-2010-1260 | 9.3 |
The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
21-10-2024 - 17:35 | 08-06-2010 - 22:30 | |
CVE-2009-0551 | 9.3 |
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP docum
|
21-10-2024 - 17:35 | 15-04-2009 - 08:00 | |
CVE-2010-0492 | 9.3 |
Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption,
|
21-10-2024 - 17:35 | 31-03-2010 - 19:30 | |
CVE-2010-0248 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
21-10-2024 - 17:35 | 22-01-2010 - 22:00 | |
CVE-2012-1539 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."
|
21-10-2024 - 17:35 | 14-11-2012 - 00:55 | |
CVE-2011-0346 | 9.3 |
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM i
|
21-10-2024 - 17:35 | 07-01-2011 - 23:00 | |
CVE-2010-3243 | 4.3 |
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to injec
|
17-10-2024 - 21:35 | 13-10-2010 - 19:00 | |
CVE-2011-2013 | 10.0 |
Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by sending a sequence of crafted UDP packets to a clos
|
17-10-2024 - 20:35 | 08-11-2011 - 21:55 | |
CVE-2012-0003 | 9.3 |
Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MI
|
17-10-2024 - 20:35 | 10-01-2012 - 21:55 | |
CVE-2011-0657 | 7.5 |
DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote
|
17-10-2024 - 20:35 | 13-04-2011 - 18:55 | |
CVE-2012-1891 | 9.3 |
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object
|
17-10-2024 - 19:35 | 10-07-2012 - 21:55 | |
CVE-2012-1879 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerabil
|
17-10-2024 - 19:35 | 12-06-2012 - 22:55 | |
CVE-2013-1340 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
17-10-2024 - 19:35 | 10-07-2013 - 03:46 | |
CVE-2013-0022 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer LsGetTrailInfo Use After Free Vulnerability."
|
17-10-2024 - 19:35 | 13-02-2013 - 12:04 | |
CVE-2012-4787 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref
|
17-10-2024 - 19:35 | 12-12-2012 - 00:55 | |
CVE-2011-1271 | 5.1 |
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access rest
|
17-10-2024 - 19:35 | 10-05-2011 - 19:55 | |
CVE-2013-3888 | 7.2 |
dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerab
|
17-10-2024 - 18:35 | 09-10-2013 - 14:53 | |
CVE-2008-4835 | 10.0 |
SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets
|
15-10-2024 - 15:35 | 14-01-2009 - 22:30 | |
CVE-2012-4792 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated
|
14-08-2024 - 15:02 | 30-12-2012 - 18:55 | |
CVE-2017-0143 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
25-07-2024 - 14:00 | 17-03-2017 - 00:59 | |
CVE-2012-0158 | 9.3 |
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005
|
24-07-2024 - 17:07 | 10-04-2012 - 21:55 | |
CVE-2015-1641 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2
|
24-07-2024 - 17:06 | 14-04-2015 - 20:59 | |
CVE-2016-0167 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
24-07-2024 - 17:06 | 12-04-2016 - 23:59 | |
CVE-2016-3235 | 9.3 |
Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Lo
|
24-07-2024 - 17:05 | 16-06-2016 - 01:59 | |
CVE-2014-1776 | 10.0 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as ex
|
24-07-2024 - 16:47 | 27-04-2014 - 10:55 | |
CVE-2017-0145 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
24-07-2024 - 16:22 | 17-03-2017 - 00:59 | |
CVE-2014-6352 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploit
|
24-07-2024 - 16:20 | 22-10-2014 - 14:55 | |
CVE-2013-3906 | 9.3 |
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafte
|
24-07-2024 - 16:19 | 06-11-2013 - 15:55 | |
CVE-2014-1761 | 9.3 |
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Of
|
24-07-2024 - 16:05 | 25-03-2014 - 13:24 | |
CVE-2017-0144 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
24-07-2024 - 16:03 | 17-03-2017 - 00:59 | |
CVE-2011-1889 | 10.0 |
The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulne
|
24-07-2024 - 14:30 | 16-06-2011 - 20:55 | |
CVE-2017-0001 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
24-07-2024 - 14:26 | 17-03-2017 - 00:59 | |
CVE-2017-0146 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
16-07-2024 - 17:55 | 17-03-2017 - 00:59 | |
CVE-2017-0037 | 7.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via ve
|
16-07-2024 - 17:52 | 26-02-2017 - 23:59 | |
CVE-2017-0059 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those descr
|
16-07-2024 - 17:51 | 17-03-2017 - 00:59 | |
CVE-2014-6324 | 9.0 |
The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain user
|
16-07-2024 - 17:48 | 18-11-2014 - 23:59 | |
CVE-2010-3333 | 9.3 |
Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via
|
16-07-2024 - 17:38 | 10-11-2010 - 03:00 | |
CVE-2012-1856 | 9.3 |
The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1
|
16-07-2024 - 17:37 | 15-08-2012 - 01:55 | |
CVE-2013-3897 | 9.3 |
Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that us
|
16-07-2024 - 17:35 | 09-10-2013 - 14:54 | |
CVE-2013-1347 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
|
16-07-2024 - 17:35 | 05-05-2013 - 11:07 | |
CVE-2015-1642 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
16-07-2024 - 17:34 | 15-08-2015 - 00:59 | |
CVE-2016-7262 | 6.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a c
|
16-07-2024 - 17:33 | 20-12-2016 - 06:59 | |
CVE-2017-0148 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
09-07-2024 - 18:28 | 17-03-2017 - 00:59 | |
CVE-2013-3660 | 6.9 |
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does
|
09-07-2024 - 18:25 | 24-05-2013 - 20:55 | |
CVE-2016-0189 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
09-07-2024 - 18:25 | 11-05-2016 - 01:59 | |
CVE-2015-2419 | 9.3 |
JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "JScript9 Memory Corruption Vulnerability."
|
09-07-2024 - 18:24 | 14-07-2015 - 21:59 | |
CVE-2012-2539 | 9.3 |
Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RT
|
09-07-2024 - 18:23 | 12-12-2012 - 00:55 | |
CVE-2013-2551 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSe
|
09-07-2024 - 18:22 | 11-03-2013 - 10:55 | |
CVE-2016-7200 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
09-07-2024 - 18:21 | 10-11-2016 - 06:59 | |
CVE-2016-7201 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
09-07-2024 - 18:21 | 10-11-2016 - 06:59 | |
CVE-2015-2502 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," as exploited in the wild in August 2015.
|
02-07-2024 - 17:42 | 19-08-2015 - 10:59 | |
CVE-2014-4113 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users
|
02-07-2024 - 16:57 | 15-10-2014 - 10:55 | |
CVE-2014-0322 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the
|
02-07-2024 - 16:50 | 14-02-2014 - 16:55 | |
CVE-2017-0147 | 4.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
02-07-2024 - 13:00 | 17-03-2017 - 00:59 | |
CVE-2017-0149 | 7.6 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is differen
|
02-07-2024 - 13:00 | 17-03-2017 - 00:59 | |
CVE-2017-0005 | 6.9 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
02-07-2024 - 12:59 | 17-03-2017 - 00:59 | |
CVE-2016-7256 | 9.3 |
atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows rem
|
02-07-2024 - 12:58 | 10-11-2016 - 07:00 | |
CVE-2016-3298 | 2.6 |
Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Inte
|
02-07-2024 - 12:23 | 14-10-2016 - 02:59 | |
CVE-2016-3351 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
02-07-2024 - 12:23 | 14-09-2016 - 10:59 | |
CVE-2016-3393 | 9.3 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers t
|
02-07-2024 - 12:23 | 14-10-2016 - 02:59 | |
CVE-2016-0162 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."
|
02-07-2024 - 12:20 | 12-04-2016 - 23:59 | |
CVE-2015-0071 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
02-07-2024 - 12:18 | 11-02-2015 - 03:01 | |
CVE-2016-0034 | 9.3 |
Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka "Silverlight Runtime R
|
01-07-2024 - 17:56 | 13-01-2016 - 05:59 | |
CVE-2014-2817 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
28-06-2024 - 17:29 | 12-08-2014 - 21:55 | |
CVE-2015-1671 | 9.3 |
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverligh
|
28-06-2024 - 17:26 | 13-05-2015 - 10:59 | |
CVE-2013-0074 | 9.3 |
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Dou
|
28-06-2024 - 17:26 | 13-03-2013 - 00:55 | |
CVE-2014-4123 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," as exploited in the wild in October 2014, a different vulnerability than CVE-201
|
28-06-2024 - 17:25 | 15-10-2014 - 10:55 | |
CVE-2014-4148 | 9.3 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attac
|
28-06-2024 - 17:24 | 15-10-2014 - 10:55 | |
CVE-2015-2425 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
28-06-2024 - 17:22 | 14-07-2015 - 21:59 | |
CVE-2012-1889 | 9.3 |
Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
|
28-06-2024 - 14:18 | 13-06-2012 - 04:46 | |
CVE-2012-0151 | 9.3 |
The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly valida
|
28-06-2024 - 14:18 | 10-04-2012 - 21:55 | |
CVE-2009-0557 | 9.3 |
Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office
|
28-06-2024 - 14:15 | 10-06-2009 - 18:30 | |
CVE-2009-0563 | 9.3 |
Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Mi
|
28-06-2024 - 14:15 | 10-06-2009 - 18:00 | |
CVE-2010-2568 | 9.3 |
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not prope
|
28-06-2024 - 14:02 | 22-07-2010 - 05:43 | |
CVE-2013-3163 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
28-06-2024 - 13:40 | 10-07-2013 - 03:46 | |
CVE-2016-0165 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
27-06-2024 - 19:16 | 12-04-2016 - 23:59 | |
CVE-2010-0249 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote
|
15-02-2024 - 21:06 | 15-01-2010 - 17:30 | |
CVE-2015-1743 | 5.1 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748.
|
15-02-2024 - 20:11 | 10-06-2015 - 01:59 | |
CVE-2009-0553 | 9.3 |
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that trig
|
14-02-2024 - 01:17 | 15-04-2009 - 08:00 | |
CVE-2009-1532 | 9.3 |
Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via "malfor
|
09-02-2024 - 03:22 | 10-06-2009 - 18:30 | |
CVE-2009-2523 | 10.0 |
The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRe
|
09-02-2024 - 00:24 | 11-11-2009 - 19:30 | |
CVE-2009-0231 | 9.3 |
The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in
|
08-02-2024 - 02:14 | 15-07-2009 - 15:30 | |
CVE-2010-3328 | 9.3 |
Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitiali
|
02-02-2024 - 16:00 | 13-10-2010 - 19:00 | |
CVE-2013-1315 | 9.3 |
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to exec
|
03-10-2023 - 15:37 | 11-09-2013 - 14:03 | |
CVE-2017-0060 | 2.1 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
31-03-2023 - 18:31 | 17-03-2017 - 00:59 | |
CVE-2017-0073 | 4.3 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
31-03-2023 - 18:29 | 17-03-2017 - 00:59 | |
CVE-2016-3201 | 4.3 |
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulner
|
23-02-2023 - 18:36 | 16-06-2016 - 01:59 | |
CVE-2015-6042 | 9.3 |
Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memo
|
13-02-2023 - 18:58 | 14-10-2015 - 01:59 | |
CVE-2015-6051 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
13-02-2023 - 18:58 | 14-10-2015 - 01:59 | |
CVE-2015-6048 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
13-02-2023 - 18:54 | 14-10-2015 - 01:59 | |
CVE-2009-3555 | 5.8 |
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Secu
|
13-02-2023 - 02:20 | 09-11-2009 - 17:30 | |
CVE-2008-4609 | 7.1 |
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vect
|
14-12-2022 - 16:40 | 20-10-2008 - 17:59 | |
CVE-2013-3900 | 7.6 |
The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does
|
02-11-2022 - 15:15 | 11-12-2013 - 00:55 | |
CVE-2011-2001 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual
|
01-03-2022 - 16:39 | 12-10-2011 - 02:52 | |
CVE-2012-0171 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."
|
01-03-2022 - 16:34 | 10-04-2012 - 21:55 | |
CVE-2012-0169 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability."
|
01-03-2022 - 16:33 | 10-04-2012 - 21:55 | |
CVE-2012-0168 | 7.6 |
Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution
|
01-03-2022 - 16:32 | 10-04-2012 - 21:55 | |
CVE-2012-0155 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability."
|
01-03-2022 - 16:30 | 14-02-2012 - 22:55 | |
CVE-2012-0012 | 4.3 |
Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure
|
01-03-2022 - 16:29 | 14-02-2012 - 22:55 | |
CVE-2012-0011 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
|
01-03-2022 - 16:28 | 14-02-2012 - 22:55 | |
CVE-2012-0010 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information D
|
01-03-2022 - 14:58 | 14-02-2012 - 22:55 | |
CVE-2011-2000 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability."
|
28-02-2022 - 20:50 | 12-10-2011 - 02:52 | |
CVE-2011-1999 | 9.3 |
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
|
28-02-2022 - 20:49 | 12-10-2011 - 02:52 | |
CVE-2011-1998 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability."
|
28-02-2022 - 20:26 | 12-10-2011 - 02:52 | |
CVE-2011-1996 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
|
28-02-2022 - 20:25 | 12-10-2011 - 02:52 | |
CVE-2011-1995 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerabili
|
28-02-2022 - 20:23 | 12-10-2011 - 02:52 | |
CVE-2011-1993 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."
|
28-02-2022 - 20:17 | 12-10-2011 - 02:52 | |
CVE-2011-1964 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corru
|
28-02-2022 - 20:01 | 10-08-2011 - 21:55 | |
CVE-2011-1960 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclo
|
28-02-2022 - 20:01 | 10-08-2011 - 21:55 | |
CVE-2011-1963 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vu
|
28-02-2022 - 20:00 | 10-08-2011 - 21:55 | |
CVE-2011-1962 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Sh
|
28-02-2022 - 19:58 | 10-08-2011 - 21:55 | |
CVE-2011-1961 | 9.3 |
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerab
|
28-02-2022 - 19:54 | 10-08-2011 - 21:55 | |
CVE-2011-1257 | 7.6 |
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
|
28-02-2022 - 19:49 | 10-08-2011 - 21:55 | |
CVE-2011-1266 | 9.3 |
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly
|
28-02-2022 - 19:48 | 16-06-2011 - 20:55 | |
CVE-2011-1262 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "HTTP Redirect Memory Corr
|
28-02-2022 - 19:46 | 16-06-2011 - 20:55 | |
CVE-2011-1261 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory C
|
28-02-2022 - 19:44 | 16-06-2011 - 20:55 | |
CVE-2011-1258 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "D
|
28-02-2022 - 19:43 | 16-06-2011 - 20:55 | |
CVE-2011-1256 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory C
|
28-02-2022 - 19:41 | 16-06-2011 - 20:55 | |
CVE-2011-1255 | 9.3 |
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1)
|
28-02-2022 - 19:35 | 16-06-2011 - 20:55 | |
CVE-2011-1254 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corr
|
28-02-2022 - 19:33 | 16-06-2011 - 20:55 | |
CVE-2011-1251 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption
|
28-02-2022 - 19:32 | 16-06-2011 - 20:55 | |
CVE-2011-1250 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling
|
28-02-2022 - 19:30 | 16-06-2011 - 20:55 | |
CVE-2011-1246 | 4.3 |
Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information
|
28-02-2022 - 19:26 | 16-06-2011 - 20:55 | |
CVE-2011-1244 | 5.8 |
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information
|
28-02-2022 - 19:25 | 13-04-2011 - 18:55 | |
CVE-2010-3348 | 4.3 |
Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosur
|
28-02-2022 - 19:23 | 16-12-2010 - 19:33 | |
CVE-2010-3346 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
28-02-2022 - 19:22 | 16-12-2010 - 19:33 | |
CVE-2010-3345 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML
|
28-02-2022 - 19:21 | 16-12-2010 - 19:33 | |
CVE-2010-3343 | 9.3 |
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML
|
28-02-2022 - 19:20 | 16-12-2010 - 19:33 | |
CVE-2010-3342 | 4.3 |
Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosur
|
28-02-2022 - 19:19 | 16-12-2010 - 19:33 | |
CVE-2010-3962 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issu
|
28-02-2022 - 19:15 | 05-11-2010 - 17:00 | |
CVE-2010-2560 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
28-02-2022 - 18:57 | 11-08-2010 - 18:47 | |
CVE-2010-2559 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
28-02-2022 - 17:31 | 11-08-2010 - 18:47 | |
CVE-2010-2558 | 9.3 |
Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to an object in memory, aka "Race Condition Memory Corruption Vulnerabili
|
28-02-2022 - 17:30 | 11-08-2010 - 18:47 | |
CVE-2010-2557 | 9.3 |
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
28-02-2022 - 17:27 | 11-08-2010 - 18:47 | |
CVE-2010-2556 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
28-02-2022 - 17:24 | 11-08-2010 - 18:47 | |
CVE-2013-0021 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer vtable Use After Free Vulnerability."
|
17-09-2021 - 11:15 | 13-02-2013 - 12:04 | |
CVE-2016-3366 | 4.3 |
Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, and Outlook 2016 for Mac do not properly implement RFC 2046, which allows remote attackers to bypass virus or spam detection via crafted MIME data in a
|
30-08-2021 - 14:28 | 14-09-2016 - 10:59 | |
CVE-2010-3971 | 9.3 |
Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code
|
23-07-2021 - 15:12 | 22-12-2010 - 21:00 | |
CVE-2012-1872 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2009-3673 | 9.3 |
Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka
|
23-07-2021 - 15:12 | 09-12-2009 - 18:30 | |
CVE-2010-1261 | 9.3 |
The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
23-07-2021 - 15:12 | 08-06-2010 - 22:30 | |
CVE-2011-1345 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, as demonstrated by Stephen Few
|
23-07-2021 - 15:12 | 10-03-2011 - 20:55 | |
CVE-2009-1917 | 9.3 |
Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly h
|
23-07-2021 - 15:12 | 29-07-2009 - 17:30 | |
CVE-2010-3330 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Cross-Domain Information D
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-3325 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a cra
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-1258 | 4.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "E
|
23-07-2021 - 15:12 | 11-08-2010 - 18:47 | |
CVE-2011-2383 | 4.3 |
Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: U
|
23-07-2021 - 15:12 | 03-06-2011 - 17:55 | |
CVE-2009-1919 | 9.3 |
Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do n
|
23-07-2021 - 15:12 | 29-07-2009 - 17:30 | |
CVE-2010-1259 | 9.3 |
Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption V
|
23-07-2021 - 15:12 | 08-06-2010 - 22:30 | |
CVE-2009-1530 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML doc
|
23-07-2021 - 15:12 | 10-06-2009 - 18:30 | |
CVE-2010-1257 | 4.3 |
Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows re
|
23-07-2021 - 15:12 | 08-06-2010 - 20:30 | |
CVE-2010-3329 | 9.3 |
mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Cor
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-1262 | 9.3 |
Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and
|
23-07-2021 - 15:12 | 08-06-2010 - 22:30 | |
CVE-2010-3324 | 4.3 |
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows rem
|
23-07-2021 - 15:12 | 17-09-2010 - 18:00 | |
CVE-2009-4074 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of
|
23-07-2021 - 15:12 | 25-11-2009 - 18:30 | |
CVE-2009-1918 | 10.0 |
Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do n
|
23-07-2021 - 15:12 | 29-07-2009 - 17:30 | |
CVE-2010-3331 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-3327 | 4.3 |
The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not remove the Anchor element during pasting and editing, which might allow remote attackers to obtain sensitive deleted information by visiting a web page, a
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-0027 | 9.3 |
The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attac
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2012-1877 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1858 | 4.3 |
The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduc
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2011-0038 | 9.3 |
Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "I
|
23-07-2021 - 15:12 | 10-02-2011 - 16:00 | |
CVE-2011-0035 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
23-07-2021 - 15:12 | 10-02-2011 - 16:00 | |
CVE-2010-0244 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2010-0494 | 4.3 |
Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the cl
|
23-07-2021 - 15:12 | 31-03-2010 - 19:30 | |
CVE-2010-0245 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2010-0246 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2012-1874 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2010-0255 | 4.3 |
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScr
|
23-07-2021 - 15:12 | 04-02-2010 - 20:15 | |
CVE-2012-1876 | 9.3 |
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflo
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1873 | 4.3 |
Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerab
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1875 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2011-1260 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vuln
|
23-07-2021 - 15:12 | 16-06-2011 - 20:55 | |
CVE-2011-0036 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
23-07-2021 - 15:12 | 10-02-2011 - 16:00 | |
CVE-2011-1252 | 4.3 |
Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows
|
23-07-2021 - 15:12 | 16-06-2011 - 20:55 | |
CVE-2012-1878 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1882 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerabi
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2010-0490 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
23-07-2021 - 15:12 | 31-03-2010 - 19:30 | |
CVE-2012-1523 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-0172 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 10-04-2012 - 21:55 | |
CVE-2012-1880 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1881 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2010-0247 | 9.3 |
Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory c
|
23-07-2021 - 15:06 | 22-01-2010 - 22:00 | |
CVE-2007-3091 | 7.1 |
Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions
|
23-07-2021 - 15:05 | 06-06-2007 - 21:30 | |
CVE-2009-1528 | 9.3 |
Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly synchronize AJAX requests, which allows allows remote attackers to execute arbitr
|
23-07-2021 - 15:04 | 10-06-2009 - 18:30 | |
CVE-2010-3340 | 9.3 |
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka
|
23-07-2021 - 15:04 | 16-12-2010 - 19:33 | |
CVE-2011-1245 | 4.3 |
Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Javascript Informati
|
23-07-2021 - 15:04 | 13-04-2011 - 18:55 | |
CVE-2009-1531 | 9.3 |
Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code via frequent calls to the getElementsByTagName function combi
|
23-07-2021 - 15:04 | 10-06-2009 - 18:30 | |
CVE-2010-0488 | 4.3 |
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding
|
23-07-2021 - 15:04 | 31-03-2010 - 19:30 | |
CVE-2010-0267 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corrupti
|
23-07-2021 - 15:04 | 31-03-2010 - 19:30 | |
CVE-2012-0170 | 9.3 |
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability."
|
23-07-2021 - 15:04 | 10-04-2012 - 21:55 | |
CVE-2011-0094 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layouts Handling Memory Corruption Vulnerabilit
|
23-07-2021 - 15:04 | 13-04-2011 - 18:55 | |
CVE-2010-0807 | 9.3 |
Microsoft Internet Explorer 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, leading to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."
|
23-07-2021 - 15:04 | 31-03-2010 - 19:30 | |
CVE-2010-0806 | 9.3 |
Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an
|
23-07-2021 - 15:04 | 10-03-2010 - 22:30 | |
CVE-2009-1140 | 7.1 |
Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not prevent HTML rendering of cached content, which allows remote attackers t
|
23-07-2021 - 15:04 | 10-06-2009 - 18:30 | |
CVE-2010-0808 | 2.6 |
Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not prevent script from simulating user interaction with the AutoComplete feature, which allows remote attackers to obtain sensitive form information via a crafted web site, aka "AutoCo
|
23-07-2021 - 15:04 | 13-10-2010 - 19:00 | |
CVE-2010-0489 | 9.3 |
Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability."
|
23-07-2021 - 15:04 | 31-03-2010 - 19:30 | |
CVE-2010-0805 | 9.3 |
The Tabular Data Control (TDC) ActiveX control in Microsoft Internet Explorer 5.01 SP4, 6 on Windows XP SP2 and SP3, and 6 SP1 allows remote attackers to execute arbitrary code via a long URL (DataURL parameter) that triggers memory corruption in the
|
23-07-2021 - 12:19 | 31-03-2010 - 19:30 | |
CVE-2010-0491 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object M
|
23-07-2021 - 12:19 | 31-03-2010 - 19:30 | |
CVE-2009-0550 | 9.3 |
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on
|
23-07-2021 - 12:19 | 15-04-2009 - 08:00 | |
CVE-2010-3326 | 9.3 |
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
23-07-2021 - 12:16 | 13-10-2010 - 19:00 | |
CVE-2011-1997 | 9.3 |
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnLoad Event Remote Code Execution Vulnerability."
|
23-07-2021 - 12:16 | 12-10-2011 - 02:52 | |
CVE-2009-1141 | 9.3 |
Microsoft Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via unspecified DHTML function calls related to a tr element and the "insertion, deletion and attributes of a table cell,"
|
23-07-2021 - 12:16 | 10-06-2009 - 18:30 | |
CVE-2009-0552 | 9.3 |
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in me
|
23-07-2021 - 12:16 | 15-04-2009 - 08:00 | |
CVE-2013-3893 | 9.3 |
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL t
|
17-05-2021 - 17:15 | 18-09-2013 - 10:08 | |
CVE-2013-3128 | 9.3 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and
|
08-12-2020 - 15:11 | 09-10-2013 - 14:53 | |
CVE-2013-0006 | 9.3 |
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
|
20-11-2020 - 20:15 | 09-01-2013 - 18:09 | |
CVE-2013-3167 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle objects in memory, which allows local users to gain
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2012-4774 | 9.3 |
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted (1) file name or (2) subfolder name that
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2013-3888 | 7.2 |
dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerab
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2011-3417 | 9.3 |
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached content, which allows remote attackers to obtain access t
|
28-09-2020 - 12:58 | 30-12-2011 - 01:55 | |
CVE-2011-3416 | 8.5 |
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms A
|
28-09-2020 - 12:58 | 30-12-2011 - 01:55 | |
CVE-2012-4792 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated
|
28-09-2020 - 12:58 | 30-12-2012 - 18:55 | |
CVE-2013-3881 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a crafted application, aka "Win32k NULL Page Vulnerability."
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3128 | 9.3 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3894 | 9.3 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary cod
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3879 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT a
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3195 | 10.0 |
The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3200 | 7.2 |
The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate a
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3172 | 4.9 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to cause a denial of service (system ha
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-3174 | 9.3 |
DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2011-3402 | 9.3 |
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP
|
28-09-2020 - 12:58 | 04-11-2011 - 21:55 | |
CVE-2013-3173 | 7.2 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local u
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-3129 | 9.3 |
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Serv
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2012-4787 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2010-3958 | 9.3 |
The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted A
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2012-4775 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-4776 | 9.3 |
The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy settings, which allows remote attackers to execute arbitra
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2011-3414 | 7.8 |
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the abili
|
28-09-2020 - 12:58 | 30-12-2011 - 01:55 | |
CVE-2012-4782 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2012-4777 | 9.3 |
The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2011-1993 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1895 | 9.3 |
The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XB
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1873 | 4.3 |
Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerab
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-2897 | 10.0 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before
|
28-09-2020 - 12:58 | 26-09-2012 - 10:56 | |
CVE-2012-1881 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1878 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-1996 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1970 | 5.0 |
The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1257 | 7.6 |
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1995 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerabili
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1524 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Attribute Remove Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2012-1889 | 9.3 |
Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
|
28-09-2020 - 12:58 | 13-06-2012 - 04:46 | |
CVE-2013-1300 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2012-1523 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-1256 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory C
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1246 | 4.3 |
Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2012-2530 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2011-2000 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1960 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclo
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-2001 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1891 | 9.3 |
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2012-1880 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1874 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1855 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework applica
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1538 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1875 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1877 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1851 | 10.0 |
Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary
|
28-09-2020 - 12:58 | 15-08-2012 - 01:55 | |
CVE-2012-1848 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode
|
28-09-2020 - 12:58 | 09-05-2012 - 00:55 | |
CVE-2013-1340 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2011-1964 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corru
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2013-1345 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2012-1522 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2011-1258 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "D
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1251 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1963 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vu
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1271 | 5.1 |
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access rest
|
28-09-2020 - 12:58 | 10-05-2011 - 19:55 | |
CVE-2011-1261 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory C
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1254 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corr
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1244 | 5.8 |
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2012-1879 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerabil
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1876 | 9.3 |
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflo
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1528 | 9.3 |
Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileg
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-2556 | 9.3 |
The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2012-1896 | 5.0 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafte
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1882 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerabi
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-1961 | 9.3 |
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerab
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1966 | 10.0 |
The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerabil
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1268 | 10.0 |
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SM
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1250 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1873 | 9.3 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers d
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1999 | 9.3 |
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1539 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2011-1266 | 9.3 |
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1248 | 9.3 |
WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 does not properly handle socket send exceptions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted
|
28-09-2020 - 12:58 | 13-05-2011 - 17:05 | |
CVE-2012-2519 | 7.9 |
Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1858 | 4.3 |
The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduc
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1850 | 5.0 |
The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro
|
28-09-2020 - 12:58 | 15-08-2012 - 01:55 | |
CVE-2011-2013 | 10.0 |
Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by sending a sequence of crafted UDP packets to a clos
|
28-09-2020 - 12:58 | 08-11-2011 - 21:55 | |
CVE-2011-1998 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2013-1347 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
|
28-09-2020 - 12:58 | 05-05-2013 - 11:07 | |
CVE-2011-1262 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "HTTP Redirect Memory Corr
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1255 | 9.3 |
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1)
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2012-1527 | 9.3 |
Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privile
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2011-1962 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Sh
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2013-1288 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2011-1252 | 4.3 |
Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2013-1345 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2011-1260 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vuln
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1253 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-0661 | 10.0 |
The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-0020 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkup Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0093 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2011-0663 | 9.3 |
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-3881 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a crafted application, aka "Win32k NULL Page Vulnerability."
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3172 | 4.9 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to cause a denial of service (system ha
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-0087 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0023 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CDispNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0020 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkup Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-0004 | 9.3 |
Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code
|
28-09-2020 - 12:58 | 10-01-2012 - 21:55 | |
CVE-2011-0346 | 9.3 |
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM i
|
28-09-2020 - 12:58 | 07-01-2011 - 23:00 | |
CVE-2013-0022 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer LsGetTrailInfo Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0090 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2011-0657 | 7.5 |
DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2011-0660 | 9.3 |
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SM
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2012-0152 | 4.3 |
The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (application hang) via a series of crafted packets, aka "Terminal Server Denial o
|
28-09-2020 - 12:58 | 13-03-2012 - 21:55 | |
CVE-2012-0154 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2013-0094 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0087 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-0014 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2013-3200 | 7.2 |
The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate a
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-0030 | 9.3 |
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0007 | 9.3 |
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
CVE-2012-2556 | 9.3 |
The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2012-1851 | 10.0 |
Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary
|
28-09-2020 - 12:58 | 15-08-2012 - 01:55 | |
CVE-2012-0155 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2012-0004 | 9.3 |
Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code
|
28-09-2020 - 12:58 | 10-01-2012 - 21:55 | |
CVE-2011-3414 | 7.8 |
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the abili
|
28-09-2020 - 12:58 | 30-12-2011 - 01:55 | |
CVE-2011-0034 | 9.3 |
Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-3174 | 9.3 |
DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-0094 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0026 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer InsertElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-2519 | 7.9 |
Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-0180 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode
|
28-09-2020 - 12:58 | 09-05-2012 - 00:55 | |
CVE-2013-0029 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0019 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerabi
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-3167 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle objects in memory, which allows local users to gain
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-0090 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0024 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-4777 | 9.3 |
The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1855 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework applica
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-1966 | 10.0 |
The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerabil
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2012-0150 | 9.3 |
Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, aka "Msvcrt.dll Buffer Overflow Vulnerabilit
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2013-0092 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-2897 | 10.0 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before
|
28-09-2020 - 12:58 | 26-09-2012 - 10:56 | |
CVE-2012-1895 | 9.3 |
The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XB
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1528 | 9.3 |
Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileg
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-0152 | 4.3 |
The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (application hang) via a series of crafted packets, aka "Terminal Server Denial o
|
28-09-2020 - 12:58 | 13-03-2012 - 21:55 | |
CVE-2011-0660 | 9.3 |
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SM
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2012-0173 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which a
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-0032 | 9.3 |
Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan
|
28-09-2020 - 12:58 | 09-03-2011 - 23:00 | |
CVE-2012-0014 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2011-3417 | 9.3 |
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached content, which allows remote attackers to obtain access t
|
28-09-2020 - 12:58 | 30-12-2011 - 01:55 | |
CVE-2011-0034 | 9.3 |
Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-0088 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-0012 | 4.3 |
Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2012-0015 | 9.3 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET applicati
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2012-0002 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which a
|
28-09-2020 - 12:58 | 13-03-2012 - 21:55 | |
CVE-2012-0011 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2013-3894 | 9.3 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary cod
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-0029 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-1848 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode
|
28-09-2020 - 12:58 | 09-05-2012 - 00:55 | |
CVE-2012-0154 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2011-0664 | 9.3 |
Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code vi
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2013-3173 | 7.2 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local u
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-0093 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-4782 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2012-1850 | 5.0 |
The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro
|
28-09-2020 - 12:58 | 15-08-2012 - 01:55 | |
CVE-2011-0663 | 9.3 |
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-0091 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-1288 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0088 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0023 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CDispNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-2530 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1538 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-0151 | 9.3 |
The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly valida
|
28-09-2020 - 12:58 | 10-04-2012 - 21:55 | |
CVE-2012-0003 | 9.3 |
Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MI
|
28-09-2020 - 12:58 | 10-01-2012 - 21:55 | |
CVE-2011-0658 | 9.3 |
Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2013-0007 | 9.3 |
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
CVE-2013-3879 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT a
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3129 | 9.3 |
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Serv
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-1300 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2012-4774 | 9.3 |
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted (1) file name or (2) subfolder name that
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2012-1896 | 5.0 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafte
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1522 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2012-0173 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which a
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-0015 | 9.3 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET applicati
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2011-1970 | 5.0 |
The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2012-0180 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode
|
28-09-2020 - 12:58 | 09-05-2012 - 00:55 | |
CVE-2013-0026 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer InsertElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0011 | 10.0 |
The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted print job, aka "Windows Print Spooler Compone
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
CVE-2013-0092 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0006 | 9.3 |
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
CVE-2012-4776 | 9.3 |
The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy settings, which allows remote attackers to execute arbitra
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2011-3416 | 8.5 |
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms A
|
28-09-2020 - 12:58 | 30-12-2011 - 01:55 | |
CVE-2013-0089 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free V
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-0002 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which a
|
28-09-2020 - 12:58 | 13-03-2012 - 21:55 | |
CVE-2011-1248 | 9.3 |
WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 does not properly handle socket send exceptions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted
|
28-09-2020 - 12:58 | 13-05-2011 - 17:05 | |
CVE-2011-0661 | 10.0 |
The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-0030 | 9.3 |
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0024 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-3195 | 10.0 |
The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-0089 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free V
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0011 | 10.0 |
The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted print job, aka "Windows Print Spooler Compone
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
CVE-2012-4775 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1524 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Attribute Remove Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2011-3402 | 9.3 |
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP
|
28-09-2020 - 12:58 | 04-11-2011 - 21:55 | |
CVE-2011-1873 | 9.3 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers d
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1253 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-0658 | 9.3 |
Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2010-3958 | 9.3 |
The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted A
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-0091 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0019 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerabi
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-1527 | 9.3 |
Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privile
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-0150 | 9.3 |
Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, aka "Msvcrt.dll Buffer Overflow Vulnerabilit
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2011-1268 | 10.0 |
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SM
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-0664 | 9.3 |
Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code vi
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-0032 | 9.3 |
Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan
|
28-09-2020 - 12:58 | 09-03-2011 - 23:00 | |
CVE-2014-1766 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at
|
28-07-2020 - 19:23 | 27-04-2014 - 10:55 | |
CVE-2015-6152 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
24-06-2020 - 16:54 | 09-12-2015 - 11:59 | |
CVE-2013-2014 | 5.0 |
OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests.
|
02-06-2020 - 19:50 | 02-06-2014 - 15:55 | |
CVE-2015-0008 | 8.3 |
The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication fr
|
29-10-2019 - 19:15 | 11-02-2015 - 03:00 | |
CVE-2014-6321 | 10.0 |
Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary cod
|
09-10-2019 - 23:11 | 11-11-2014 - 22:55 | |
CVE-2017-0095 | 7.9 |
Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This vu
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0047 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0025 | 7.2 |
The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain pr
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0014 | 7.6 |
The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0039 | 9.3 |
Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0072 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0051 | 2.9 |
Microsoft Windows 10 1607 and Windows Server 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Hyper-V Network Switch Denial of Service Vulnerability." This vulnerability is diff
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0070 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0075 | 7.4 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0010 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0021 | 7.7 |
Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is differ
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0066 | 4.0 |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2011-1265 | 8.3 |
The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary
|
27-09-2019 - 17:05 | 13-07-2011 - 22:55 | |
CVE-2013-5072 | 4.3 |
Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerabili
|
01-06-2019 - 00:29 | 11-12-2013 - 00:55 | |
CVE-2012-4791 | 3.5 |
Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote authenticated users to cause a denial of service (Information Store service hang) by subscribing to a crafted RSS feed, aka "RSS Feed May Cause Exchange DoS Vulnerability."
|
01-06-2019 - 00:29 | 12-12-2012 - 00:55 | |
CVE-2014-1817 | 9.3 |
usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Of
|
20-05-2019 - 17:27 | 11-06-2014 - 04:56 | |
CVE-2014-1818 | 9.3 |
GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP1 and SP2, Live Meeting 2007
|
17-05-2019 - 20:27 | 11-06-2014 - 04:56 | |
CVE-2015-6104 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers t
|
17-05-2019 - 20:01 | 11-11-2015 - 12:59 | |
CVE-2015-6103 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers t
|
17-05-2019 - 19:19 | 11-11-2015 - 12:59 | |
CVE-2015-2459 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote atta
|
17-05-2019 - 13:10 | 15-08-2015 - 00:59 | |
CVE-2015-2460 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and .NET Framework 3.0 SP2, 3.5,
|
17-05-2019 - 12:53 | 15-08-2015 - 00:59 | |
CVE-2015-2465 | 2.1 |
The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, wh
|
17-05-2019 - 12:35 | 15-08-2015 - 00:59 | |
CVE-2015-6102 | 2.1 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protec
|
16-05-2019 - 19:38 | 11-11-2015 - 12:59 | |
CVE-2015-6113 | 2.1 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesys
|
16-05-2019 - 18:48 | 11-11-2015 - 12:59 | |
CVE-2015-2515 | 9.3 |
Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers
|
16-05-2019 - 17:00 | 14-10-2015 - 01:59 | |
CVE-2015-1696 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
16-05-2019 - 16:30 | 13-05-2015 - 10:59 | |
CVE-2016-0008 | 4.3 |
The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protectio
|
15-05-2019 - 19:28 | 13-01-2016 - 05:59 | |
CVE-2016-0058 | 9.3 |
Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted PDF document that triggers API calls, aka "Microsoft PDF Library Buffer Overf
|
15-05-2019 - 18:36 | 10-02-2016 - 11:59 | |
CVE-2015-1698 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
15-05-2019 - 18:17 | 13-05-2015 - 10:59 | |
CVE-2015-1697 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
15-05-2019 - 18:13 | 13-05-2015 - 10:59 | |
CVE-2016-3215 | 4.3 |
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability,"
|
15-05-2019 - 17:48 | 16-06-2016 - 01:59 | |
CVE-2015-0010 | 1.9 |
The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Wi
|
15-05-2019 - 17:04 | 11-02-2015 - 03:00 | |
CVE-2015-2426 | 9.3 |
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows rem
|
15-05-2019 - 15:23 | 20-07-2015 - 18:59 | |
CVE-2016-0038 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal file
|
15-05-2019 - 15:08 | 10-02-2016 - 11:59 | |
CVE-2015-2432 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to exe
|
15-05-2019 - 15:05 | 15-08-2015 - 00:59 | |
CVE-2015-2433 | 2.1 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism
|
15-05-2019 - 15:01 | 15-08-2015 - 00:59 | |
CVE-2016-0046 | 9.3 |
Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Reader file, aka "Microsoft Windows Reader Vulnerability."
|
15-05-2019 - 14:58 | 10-02-2016 - 11:59 | |
CVE-2015-2453 | 4.7 |
The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitiv
|
15-05-2019 - 14:54 | 15-08-2015 - 00:59 | |
CVE-2015-2506 | 9.3 |
atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to
|
15-05-2019 - 14:51 | 09-09-2015 - 00:59 | |
CVE-2015-6109 | 2.1 |
The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Wi
|
15-05-2019 - 14:48 | 11-11-2015 - 12:59 | |
CVE-2015-6108 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office 2007 SP3; Office 2010 SP2; Word Viewer; .NET Framewor
|
15-05-2019 - 14:43 | 09-12-2015 - 11:59 | |
CVE-2015-6107 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10 Gold and 1511, Office 2007 SP3, Office 2010 SP2,
|
15-05-2019 - 14:39 | 09-12-2015 - 11:59 | |
CVE-2015-2512 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges v
|
15-05-2019 - 14:31 | 09-09-2015 - 00:59 | |
CVE-2015-2514 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
15-05-2019 - 13:58 | 09-09-2015 - 00:59 | |
CVE-2015-2464 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee,
|
15-05-2019 - 13:52 | 15-08-2015 - 00:59 | |
CVE-2015-2507 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges v
|
15-05-2019 - 13:51 | 09-09-2015 - 00:59 | |
CVE-2015-2513 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
15-05-2019 - 13:47 | 09-09-2015 - 00:59 | |
CVE-2015-2463 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee,
|
15-05-2019 - 13:41 | 15-08-2015 - 00:59 | |
CVE-2015-2462 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, and .NET Framework 3.
|
15-05-2019 - 13:37 | 15-08-2015 - 00:59 | |
CVE-2015-6101 | 6.9 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a c
|
15-05-2019 - 13:32 | 11-11-2015 - 12:59 | |
CVE-2014-6332 | 9.3 |
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute ar
|
15-05-2019 - 13:30 | 11-11-2014 - 22:55 | |
CVE-2015-2456 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 201
|
15-05-2019 - 13:21 | 15-08-2015 - 00:59 | |
CVE-2015-2455 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 201
|
15-05-2019 - 12:55 | 15-08-2015 - 00:59 | |
CVE-2015-6100 | 6.9 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a c
|
15-05-2019 - 12:42 | 11-11-2015 - 12:59 | |
CVE-2015-2435 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 201
|
15-05-2019 - 11:59 | 15-08-2015 - 00:59 | |
CVE-2015-2423 | 4.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2
|
15-05-2019 - 11:53 | 15-08-2015 - 00:59 | |
CVE-2015-2454 | 2.1 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which all
|
14-05-2019 - 20:54 | 15-08-2015 - 00:59 | |
CVE-2015-1699 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
14-05-2019 - 20:51 | 13-05-2015 - 10:59 | |
CVE-2015-2527 | 7.2 |
The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which a
|
14-05-2019 - 20:48 | 09-09-2015 - 00:59 | |
CVE-2015-1695 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
14-05-2019 - 20:45 | 13-05-2015 - 10:59 | |
CVE-2015-2519 | 9.3 |
Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute
|
14-05-2019 - 20:33 | 09-09-2015 - 00:59 | |
CVE-2015-2518 | 6.9 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
14-05-2019 - 20:32 | 09-09-2015 - 00:59 | |
CVE-2015-2546 | 6.9 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
14-05-2019 - 20:30 | 09-09-2015 - 00:59 | |
CVE-2015-2511 | 6.9 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
14-05-2019 - 20:26 | 09-09-2015 - 00:59 | |
CVE-2015-2517 | 6.9 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
14-05-2019 - 20:26 | 09-09-2015 - 00:59 | |
CVE-2015-2461 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote atta
|
14-05-2019 - 20:23 | 15-08-2015 - 00:59 | |
CVE-2015-2458 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote atta
|
14-05-2019 - 19:57 | 15-08-2015 - 00:59 | |
CVE-2015-1635 | 10.0 |
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerabilit
|
14-05-2019 - 19:53 | 14-04-2015 - 20:59 | |
CVE-2015-0096 | 9.3 |
Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to
|
14-05-2019 - 19:47 | 11-03-2015 - 10:59 | |
CVE-2015-0003 | 6.9 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users
|
14-05-2019 - 19:39 | 11-02-2015 - 03:00 | |
CVE-2015-2530 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
14-05-2019 - 19:30 | 09-09-2015 - 00:59 | |
CVE-2015-0087 | 5.0 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensi
|
14-05-2019 - 19:25 | 11-03-2015 - 10:59 | |
CVE-2015-0074 | 4.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly allocate memory, whic
|
14-05-2019 - 19:21 | 11-03-2015 - 10:59 | |
CVE-2015-2516 | 4.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (
|
14-05-2019 - 19:18 | 09-09-2015 - 00:59 | |
CVE-2015-0089 | 5.0 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensi
|
14-05-2019 - 19:10 | 11-03-2015 - 10:59 | |
CVE-2015-0092 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
14-05-2019 - 19:09 | 11-03-2015 - 10:59 | |
CVE-2015-0091 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
14-05-2019 - 19:08 | 11-03-2015 - 10:59 | |
CVE-2015-0090 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
14-05-2019 - 19:07 | 11-03-2015 - 10:59 | |
CVE-2015-0093 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
14-05-2019 - 19:06 | 11-03-2015 - 10:59 | |
CVE-2015-0088 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
14-05-2019 - 19:06 | 11-03-2015 - 10:59 | |
CVE-2015-0060 | 4.7 |
The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1
|
14-05-2019 - 19:01 | 11-02-2015 - 03:01 | |
CVE-2015-0059 | 6.9 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted TrueType font, aka
|
14-05-2019 - 18:58 | 11-02-2015 - 03:01 | |
CVE-2015-0058 | 7.2 |
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free Vulnerabil
|
14-05-2019 - 18:51 | 11-02-2015 - 03:01 | |
CVE-2015-0081 | 9.3 |
Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to ex
|
14-05-2019 - 18:51 | 11-03-2015 - 10:59 | |
CVE-2015-0057 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users
|
14-05-2019 - 18:50 | 11-02-2015 - 03:01 | |
CVE-2015-2529 | 2.1 |
The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."
|
14-05-2019 - 18:24 | 09-09-2015 - 00:59 | |
CVE-2014-4060 | 6.8 |
Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document th
|
14-05-2019 - 17:03 | 12-08-2014 - 21:55 | |
CVE-2013-3918 | 9.3 |
The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold
|
14-05-2019 - 14:24 | 12-11-2013 - 14:35 | |
CVE-2013-3940 | 9.3 |
Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and W
|
14-05-2019 - 14:19 | 13-11-2013 - 00:55 | |
CVE-2013-5056 | 9.3 |
Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold
|
14-05-2019 - 14:11 | 11-12-2013 - 00:55 | |
CVE-2014-0263 | 9.3 |
The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a large 2D geometric figure
|
14-05-2019 - 14:10 | 12-02-2014 - 04:50 | |
CVE-2014-4118 | 9.3 |
XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers
|
14-05-2019 - 14:04 | 11-11-2014 - 22:55 | |
CVE-2013-7331 | 4.3 |
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstra
|
14-05-2019 - 13:24 | 26-02-2014 - 14:55 | |
CVE-2015-1675 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
13-05-2019 - 20:21 | 13-05-2015 - 10:59 | |
CVE-2014-0301 | 9.3 |
Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allow
|
13-05-2019 - 19:22 | 12-03-2014 - 05:15 | |
CVE-2015-6125 | 9.3 |
Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Use After Free Vulnerability." <a href
|
08-05-2019 - 22:03 | 09-12-2015 - 11:59 | |
CVE-2016-3227 | 10.0 |
Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Server Use After Free Vulnerability." <a href="http://cwe.m
|
08-05-2019 - 22:03 | 16-06-2016 - 01:59 | |
CVE-2015-2362 | 7.2 |
Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS by
|
08-05-2019 - 22:03 | 14-07-2015 - 21:59 | |
CVE-2015-2361 | 7.2 |
Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (buffer overflow) by leveragin
|
08-05-2019 - 22:03 | 14-07-2015 - 21:59 | |
CVE-2009-1924 | 9.3 |
Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability.
|
30-04-2019 - 14:27 | 12-08-2009 - 17:30 | |
CVE-2009-1923 | 9.3 |
Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buf
|
30-04-2019 - 14:27 | 12-08-2009 - 17:30 | |
CVE-2009-1138 | 10.0 |
The LDAP service in Active Directory on Microsoft Windows 2000 SP4 does not properly free memory for LDAP and LDAPS requests, which allows remote attackers to execute arbitrary code via a request that uses hexadecimal encoding, whose associated memor
|
30-04-2019 - 14:27 | 10-06-2009 - 18:00 | |
CVE-2010-0478 | 9.3 |
Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka "Med
|
30-04-2019 - 14:27 | 14-04-2010 - 16:00 | |
CVE-2009-1139 | 7.8 |
Memory leak in the LDAP service in Active Directory on Microsoft Windows 2000 SP4 and Server 2003 SP2, and Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2, allows remote attackers to cause a denial of service (m
|
30-04-2019 - 14:27 | 10-06-2009 - 18:00 | |
CVE-2009-0555 | 9.3 |
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute ar
|
28-02-2019 - 01:20 | 14-10-2009 - 10:30 | |
CVE-2009-0075 | 9.3 |
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document o
|
27-02-2019 - 14:07 | 10-02-2009 - 22:30 | |
CVE-2008-4261 | 9.3 |
Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers t
|
26-02-2019 - 14:04 | 10-12-2008 - 14:00 | |
CVE-2011-3397 | 9.3 |
The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted web site that leverages an unspecified "binary behavior" in Internet Explorer, aka "Mic
|
26-02-2019 - 14:04 | 14-12-2011 - 00:55 | |
CVE-2008-4114 | 7.1 |
srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact vi
|
26-02-2019 - 14:04 | 16-09-2008 - 23:00 | |
CVE-2013-3181 | 9.3 |
usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerabili
|
26-02-2019 - 14:04 | 14-08-2013 - 11:10 | |
CVE-2008-4029 | 4.3 |
Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet Explorer, allows remote attackers to obtain sensitive information from another domain via a crafted XML document, related to improper error checks for external
|
26-02-2019 - 14:04 | 12-11-2008 - 23:30 | |
CVE-2010-3970 | 9.3 |
Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor (aka graphics rendering engine) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and
|
26-02-2019 - 14:04 | 22-12-2010 - 21:00 | |
CVE-2010-3956 | 9.3 |
The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly perform array indexing, which allows local users to gain pr
|
26-02-2019 - 14:04 | 16-12-2010 - 19:33 | |
CVE-2008-4260 | 8.5 |
Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
|
26-02-2019 - 14:04 | 10-12-2008 - 14:00 | |
CVE-2008-4258 | 8.5 |
Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly validate parameters during calls to navigation methods, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Paramet
|
26-02-2019 - 14:04 | 10-12-2008 - 14:00 | |
CVE-2013-3863 | 9.3 |
Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via a crafted OLE object in a file, aka "OLE Property Vulnerability."
|
26-02-2019 - 14:04 | 11-09-2013 - 14:03 | |
CVE-2008-4834 | 10.0 |
Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Tra
|
26-02-2019 - 14:04 | 14-01-2009 - 22:30 | |
CVE-2008-4259 | 9.3 |
Microsoft Internet Explorer 7 sometimes attempts to access uninitialized memory locations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, related to a WebDAV request for a file wit
|
26-02-2019 - 14:04 | 10-12-2008 - 14:00 | |
CVE-2010-3959 | 6.9 |
The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted CMAP table in an OpenType
|
26-02-2019 - 14:04 | 16-12-2010 - 19:33 | |
CVE-2010-3957 | 6.9 |
Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a craf
|
26-02-2019 - 14:04 | 16-12-2010 - 19:33 | |
CVE-2010-2550 | 10.0 |
The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate fields in an SMB request, which allows remote attackers to execute
|
26-02-2019 - 14:04 | 11-08-2010 - 18:47 | |
CVE-2010-1882 | 9.3 |
Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in (1) a craft
|
26-02-2019 - 14:04 | 11-08-2010 - 18:47 | |
CVE-2010-1885 | 9.3 |
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist
|
26-02-2019 - 14:04 | 15-06-2010 - 14:04 | |
CVE-2009-1920 | 9.3 |
The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2009-3672 | 9.3 |
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory that (1) were not properly initialized or (2) are deleted, which allows remote attackers to execute arbitrary code via vectors involving a call to the getElementsByTagName
|
26-02-2019 - 14:04 | 02-12-2009 - 11:30 | |
CVE-2010-3228 | 9.3 |
The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-2729 | 9.3 |
The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permis
|
26-02-2019 - 14:04 | 15-09-2010 - 19:00 | |
CVE-2010-2566 | 9.3 |
The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate request messages from TLS and SSL servers, which allows remote servers to execute arbitrary co
|
26-02-2019 - 14:04 | 11-08-2010 - 18:47 | |
CVE-2009-2497 | 9.3 |
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser appl
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2009-2531 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2009-3677 | 10.0 |
The Internet Authentication Service (IAS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly verify the credentials in an MS-CHAP v2 Protected Extensible Authentication Protocol
|
26-02-2019 - 14:04 | 09-12-2009 - 18:30 | |
CVE-2009-2494 | 10.0 |
The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operation
|
26-02-2019 - 14:04 | 12-08-2009 - 17:30 | |
CVE-2009-2530 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2011-1869 | 7.8 |
The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote DFS servers to cause a d
|
26-02-2019 - 14:04 | 16-06-2011 - 20:55 | |
CVE-2009-2498 | 9.3 |
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1)
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2011-1868 | 10.0 |
The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate fields in DFS responses, which allows remote DFS servers to execute arbitrary code via a crafted response, aka "DFS Me
|
26-02-2019 - 14:04 | 16-06-2011 - 20:55 | |
CVE-2009-1547 | 9.3 |
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability."
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2010-1883 | 9.3 |
Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary cod
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-2738 | 9.3 |
The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly
|
26-02-2019 - 14:04 | 15-09-2010 - 19:00 | |
CVE-2009-1925 | 10.0 |
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and th
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2009-1539 | 9.3 |
The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 does not properly validate unspecified size fields in QuickTime media files,
|
26-02-2019 - 14:04 | 15-07-2009 - 15:30 | |
CVE-2009-2525 | 9.3 |
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote atta
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2009-1538 | 9.3 |
The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 performs updates to pointers without properly validating unspecified data val
|
26-02-2019 - 14:04 | 15-07-2009 - 15:30 | |
CVE-2009-1926 | 7.8 |
Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small o
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2009-2519 | 9.3 |
The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2009-2499 | 8.5 |
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2013-0077 | 9.3 |
Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via crafted media content in (1) a media file, (2) a media stream, or (3) a Microsoft Offi
|
26-02-2019 - 14:04 | 13-02-2013 - 12:04 | |
CVE-2010-0487 | 9.3 |
The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Se
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2009-0081 | 9.3 |
The graphics device interface (GDI) implementation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate input received from user mode, which allows remote
|
26-02-2019 - 14:04 | 10-03-2009 - 20:30 | |
CVE-2011-0027 | 9.3 |
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a
|
26-02-2019 - 14:04 | 12-01-2011 - 01:00 | |
CVE-2009-0088 | 9.3 |
The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via
|
26-02-2019 - 14:04 | 15-04-2009 - 08:00 | |
CVE-2009-0086 | 10.0 |
Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to execute arbitrary code via crafted parameter values in
|
26-02-2019 - 14:04 | 15-04-2009 - 08:00 | |
CVE-2010-0816 | 9.3 |
Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 a
|
26-02-2019 - 14:04 | 12-05-2010 - 11:46 | |
CVE-2010-0269 | 10.0 |
The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows re
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2011-0654 | 10.0 |
Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and S
|
26-02-2019 - 14:04 | 16-02-2011 - 01:00 | |
CVE-2009-0232 | 9.3 |
Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name ta
|
26-02-2019 - 14:04 | 15-07-2009 - 15:30 | |
CVE-2010-0480 | 9.3 |
Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a craft
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2010-0818 | 9.3 |
The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly handle crafted media content with MPEG-4 video encoding, which allows remote attacker
|
26-02-2019 - 14:04 | 15-09-2010 - 19:00 | |
CVE-2010-0486 | 9.3 |
The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2009-0090 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2009-0089 | 5.8 |
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold allows remote web servers to impersonate arbitrary https web sites by using DNS spoofing to "forward a connection" to a differe
|
26-02-2019 - 14:04 | 15-04-2009 - 08:00 | |
CVE-2009-1133 | 9.3 |
Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unsp
|
26-02-2019 - 14:04 | 12-08-2009 - 17:30 | |
CVE-2009-0554 | 9.3 |
Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page
|
26-02-2019 - 14:04 | 15-04-2009 - 08:00 | |
CVE-2011-0026 | 9.3 |
Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long s
|
26-02-2019 - 14:04 | 12-01-2011 - 01:00 | |
CVE-2009-0083 | 7.2 |
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 does not properly handle invalid pointers, which allows local users to gain privileges via an application that triggers use of a crafted pointer, aka "Windows Kernel Invali
|
26-02-2019 - 14:04 | 10-03-2009 - 20:30 | |
CVE-2009-0082 | 7.2 |
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified
|
26-02-2019 - 14:04 | 10-03-2009 - 20:30 | |
CVE-2009-0091 | 9.3 |
Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a craf
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2010-0016 | 9.3 |
The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate response fields, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted respo
|
26-02-2019 - 14:04 | 10-02-2010 - 18:30 | |
CVE-2009-0076 | 9.3 |
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a
|
26-02-2019 - 14:04 | 10-02-2009 - 22:30 | |
CVE-2011-0041 | 9.3 |
Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF i
|
26-02-2019 - 14:04 | 13-04-2011 - 18:55 | |
CVE-2011-0033 | 9.3 |
The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts,
|
26-02-2019 - 14:04 | 10-02-2011 - 16:00 | |
CVE-2010-0476 | 10.0 |
The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption an
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2009-0084 | 9.3 |
Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is
|
26-02-2019 - 14:04 | 15-04-2009 - 08:00 | |
CVE-2008-2249 | 9.3 |
Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a malformed header in a crafted WMF file, which triggers a buffe
|
26-02-2019 - 14:02 | 10-12-2008 - 14:00 | |
CVE-2008-3465 | 9.3 |
Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WM
|
26-02-2019 - 14:02 | 10-12-2008 - 14:00 | |
CVE-2009-3676 | 7.1 |
The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that co
|
30-10-2018 - 16:28 | 13-11-2009 - 15:30 | |
CVE-2017-0104 | 9.3 |
The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerabilit
|
30-10-2018 - 16:28 | 17-03-2017 - 00:59 | |
CVE-2010-0017 | 9.3 |
Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code, and in the SMB client implementation in Windows Vista Gold, SP1, an
|
30-10-2018 - 16:28 | 10-02-2010 - 18:30 | |
CVE-2016-7275 | 7.2 |
Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."
|
30-10-2018 - 16:27 | 20-12-2016 - 06:59 | |
CVE-2015-6124 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulner
|
30-10-2018 - 16:27 | 09-12-2015 - 11:59 | |
CVE-2016-3318 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted file, aka "Graphics Component Memory Corruption Vulnerability."
|
30-10-2018 - 16:27 | 09-08-2016 - 21:59 | |
CVE-2011-3401 | 9.3 |
ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .dvr-ms file, aka "Windows Media Player DVR-MS Memo
|
30-10-2018 - 16:27 | 14-12-2011 - 00:55 | |
CVE-2016-3357 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Serv
|
30-10-2018 - 16:27 | 14-09-2016 - 10:59 | |
CVE-2016-3313 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-10-2018 - 16:27 | 09-08-2016 - 21:59 | |
CVE-2012-2553 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted app
|
30-10-2018 - 16:27 | 14-11-2012 - 00:55 | |
CVE-2009-3678 | 9.3 |
Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot
|
30-10-2018 - 16:27 | 14-05-2010 - 19:30 | |
CVE-2010-2551 | 7.8 |
The SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate an internal variable in an SMB packet, which allows remote attackers to cause a denial of service (system hang) via
|
30-10-2018 - 16:27 | 11-08-2010 - 18:47 | |
CVE-2010-2552 | 7.8 |
Stack consumption vulnerability in the SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a denial of service (system hang) via a malformed SMBv2 compounded request
|
30-10-2018 - 16:27 | 11-08-2010 - 18:47 | |
CVE-2015-2466 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted template, aka "Microsoft Office Remote Code Execution Vulnerability."
|
30-10-2018 - 16:27 | 15-08-2015 - 00:59 | |
CVE-2015-2470 | 9.3 |
Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Integer Underfl
|
30-10-2018 - 16:27 | 15-08-2015 - 00:59 | |
CVE-2010-2553 | 9.3 |
The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vul
|
30-10-2018 - 16:27 | 11-08-2010 - 18:47 | |
CVE-2010-3225 | 7.6 |
Use-after-free vulnerability in the Media Player Network Sharing Service in Microsoft Windows Vista SP1 and SP2 and Windows 7 allows remote attackers to execute arbitrary code via a crafted Real Time Streaming Protocol (RTSP) packet, aka "RTSP Use Af
|
30-10-2018 - 16:27 | 13-10-2010 - 19:00 | |
CVE-2010-0477 | 10.0 |
The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet that ca
|
30-10-2018 - 16:27 | 14-04-2010 - 16:00 | |
CVE-2016-0126 | 9.3 |
Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-10-2018 - 16:27 | 11-05-2016 - 01:59 | |
CVE-2016-0009 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka "Win32k Remote Code Execution Vulnerability."
|
30-10-2018 - 16:27 | 13-01-2016 - 05:59 | |
CVE-2010-0811 | 9.3 |
Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, an
|
30-10-2018 - 16:27 | 08-06-2010 - 22:30 | |
CVE-2010-0250 | 9.3 |
Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Win
|
30-10-2018 - 16:27 | 10-02-2010 - 18:30 | |
CVE-2010-0018 | 9.3 |
Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows re
|
30-10-2018 - 16:27 | 13-01-2010 - 19:30 | |
CVE-2010-0270 | 10.0 |
The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (m
|
30-10-2018 - 16:27 | 14-04-2010 - 16:00 | |
CVE-2010-0252 | 9.3 |
The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2
|
30-10-2018 - 16:27 | 10-02-2010 - 18:30 | |
CVE-2011-0042 | 9.3 |
SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack fo
|
30-10-2018 - 16:27 | 09-03-2011 - 23:00 | |
CVE-2008-4031 | 9.3 |
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Ma
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4030 | 9.3 |
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers t
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4837 | 9.3 |
Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Microsoft Works 8 a
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4025 | 9.3 |
Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4026 | 9.3 |
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4027 | 9.3 |
Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4024 | 9.3 |
Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4028 | 9.3 |
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Ma
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2009-1929 | 9.3 |
Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code v
|
30-10-2018 - 16:25 | 12-08-2009 - 17:30 | |
CVE-2009-2532 | 10.0 |
Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a
|
30-10-2018 - 16:25 | 14-10-2009 - 10:30 | |
CVE-2009-2526 | 7.8 |
Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server se
|
30-10-2018 - 16:25 | 14-10-2009 - 10:30 | |
CVE-2009-1546 | 8.5 |
Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP
|
30-10-2018 - 16:25 | 12-08-2009 - 17:30 | |
CVE-2009-1545 | 9.3 |
Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbit
|
30-10-2018 - 16:25 | 12-08-2009 - 17:30 | |
CVE-2009-2527 | 9.3 |
Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via (1) a crafted ASF file or (2) crafted streaming content, aka "WMP Heap Overflow Vulnerability."
|
30-10-2018 - 16:25 | 14-10-2009 - 10:30 | |
CVE-2009-1132 | 9.3 |
Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed wireless frame, aka "Wireless
|
30-10-2018 - 16:25 | 08-09-2009 - 22:30 | |
CVE-2009-0087 | 9.3 |
Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to exe
|
30-10-2018 - 16:25 | 15-04-2009 - 08:00 | |
CVE-2009-0229 | 4.9 |
The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerabi
|
30-10-2018 - 16:25 | 10-06-2009 - 18:00 | |
CVE-2017-0023 | 7.6 |
The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerabilit
|
17-10-2018 - 17:07 | 17-03-2017 - 00:59 | |
CVE-2007-0099 | 9.3 |
Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer 6 and other applications, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via many nested tags in
|
16-10-2018 - 16:31 | 08-01-2007 - 20:28 | |
CVE-2016-7257 | 4.3 |
The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7278 | 2.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosure Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7276 | 5.8 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted docum
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7283 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7263 | 9.3 |
Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7227 | 2.6 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7196 | 7.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7289 | 9.3 |
Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7268 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive in
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7212 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code vi
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7286 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7267 | 4.3 |
Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses file formats, which makes it easier for remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7241 | 7.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7206 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7280
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7284 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7300 | 4.6 |
Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7282 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerabilit
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7243 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7205 | 9.3 |
Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a c
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7281 | 2.6 |
The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7204 | 2.6 |
Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7273 | 9.3 |
The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7222 | 7.2 |
Task Scheduler in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to gain privileges via a crafted UNC pathname in a task, aka "Task Scheduler Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7209 | 2.6 |
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7291 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7277 | 9.3 |
Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7240 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7280 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7206
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7297 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7279 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7242 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7217 | 9.3 |
Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Media Foundation Memor
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7198 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7274 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arb
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7264 | 5.8 |
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a craft
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7221 | 7.2 |
Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles DLL loading
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7203 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7189 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."
|
12-10-2018 - 22:14 | 14-10-2016 - 02:59 | |
CVE-2016-7290 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7265 | 5.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attacker
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7239 | 2.6 |
The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser In
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7202 | 7.6 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7182 | 10.0 |
The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Sk
|
12-10-2018 - 22:14 | 14-10-2016 - 02:59 | |
CVE-2016-7288 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7298 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memo
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7199 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7210 | 4.3 |
atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sens
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7208 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7190 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:14 | 14-10-2016 - 02:59 | |
CVE-2016-7296 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7272 | 9.3 |
The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers t
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7287 | 7.6 |
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7266 | 6.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel 2016 for Mac mishandle a registry check, which allows user-assisted remote attackers to execute arbitrary
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7194 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:14 | 14-10-2016 - 02:59 | |
CVE-2016-7195 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7181 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-3383 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3362 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Service
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3324 | 6.8 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3263 | 5.0 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3246 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3382 | 9.3 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript en
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3355 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3325 | 2.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3389 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3316 | 9.3 |
Microsoft Word 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3295 | 5.1 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3273 | 2.6 |
The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclos
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3239 | 7.2 |
The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via vectors
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3378 | 5.8 |
Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and condu
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3360 | 9.3 |
Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, PowerPoint 2013 RT SP1, PowerPoint 2016 for Mac, Office Compatibility Pack SP3, PowerPoint Viewer, SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Serv
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3296 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3276 | 2.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3242 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3222 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 16-06-2016 - 01:59 | |
CVE-2016-3319 | 9.3 |
The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3297 | 6.8 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3277 | 2.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3241 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3384 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3349 | 7.2 |
The kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3322 | 7.6 |
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3289.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3269 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3233 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 16-06-2016 - 01:59 | |
CVE-2016-3354 | 4.3 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to bypass the
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3329 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3379 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2 allows remote attackers to inject arbitrary web script or HTML via a meeting-invitation request, aka "Microsoft Exchange Elevation of Privilege Vulne
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3358 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Exce
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3283 | 9.3 |
Microsoft Word Viewer allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3248 | 9.3 |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memo
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3356 | 9.3 |
The Graphics Device Interface (GDI) in Microsoft Windows 10 1607 allows remote attackers to execute arbitrary code via a crafted document, aka "GDI Remote Code Execution Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3290 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3288.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3271 | 4.3 |
The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3326 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3327.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3281 | 9.3 |
Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitra
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3261 | 2.6 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3244 | 4.3 |
Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3292 | 5.1 |
Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3270 | 10.0 |
The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privi
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3375 | 7.6 |
The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3353 | 5.1 |
Microsoft Internet Explorer 9 through 11 mishandles .url files from the Internet zone, which allows remote attackers to bypass intended access restrictions via a crafted file, aka "Internet Explorer Security Feature Bypass."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3301 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer;
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3240 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3385 | 9.3 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3363 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3317 | 9.3 |
Microsoft Office 2010 SP2, Word 2007 SP3, Word 2010 SP2, Word for Mac 2011, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3278 | 9.3 |
Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3386 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3315 | 4.3 |
Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3264 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3392 | 2.6 |
The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents, which allows remote attackers to bypass intended access restrictions via a crafted web site, aka "Microsoft Browser Security Feature Bypass Vulnerability
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3348 | 9.3 |
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a cr
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3327 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3326.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3304 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2013 SP1, Lync 2010, Lync 2010 Attendee, and Live Meeting 2007 Co
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3279 | 4.3 |
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePo
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3243 | 7.6 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3289 | 7.6 |
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3234 | 4.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office
|
12-10-2018 - 22:12 | 16-06-2016 - 01:59 | |
CVE-2016-3388 | 2.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3331 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3291 | 2.6 |
Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3267 | 4.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3396 | 9.3 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3288 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3290.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3262 | 5.0 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3245 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3390 | 7.6 |
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3365 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Service
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3282 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automa
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3265 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3359 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3238 | 9.3 |
The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle attackers to execute arbi
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3361 | 9.3 |
Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3387 | 6.8 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3321 | 1.9 |
Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Inte
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3293 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3274 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3247 | 5.1 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3381 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3364 | 9.3 |
Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3303 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2013 SP1, Lync 2010, Lync 2010 Attendee, and Live Meeting 2007 Co
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3280 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office docum
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3260 | 9.3 |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corrupt
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3391 | 2.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3284 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office doc
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3259 | 9.3 |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memo
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3211 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3202 | 7.6 |
The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a c
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3213 | 9.3 |
The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explor
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3210 | 9.3 |
The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3198 | 4.3 |
Microsoft Edge allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted document, aka "Microsoft Edge Security Feature Bypass."
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3204 | 9.3 |
The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted we
|
12-10-2018 - 22:11 | 13-07-2016 - 01:59 | |
CVE-2016-3214 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3212 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, aka "Internet Explorer XSS Filter Vulne
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3206 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3207 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3199 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3205 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3203 | 9.3 |
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3209 | 5.0 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
12-10-2018 - 22:11 | 14-10-2016 - 02:59 | |
CVE-2016-0138 | 4.0 |
Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitiv
|
12-10-2018 - 22:11 | 14-09-2016 - 10:59 | |
CVE-2016-0084 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 10-02-2016 - 11:59 | |
CVE-2016-0161 | 4.3 |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158.
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0145 | 9.3 |
The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold and 1511; Office 2007 SP3 and 2010 SP2; Word Viewer; .NET Framework 3.0
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0141 | 4.3 |
The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft
|
12-10-2018 - 22:11 | 14-09-2016 - 10:59 | |
CVE-2016-0130 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0113 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0105 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0129 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0108 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0127 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Offi
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0120 | 7.1 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to cause a denial of
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0194 | 2.6 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass file permissions and obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0179 | 9.3 |
Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Shell Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0117 | 9.3 |
The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0182 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal (aka .jnt) file, aka "Windows Journal Memory Corruption V
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0110 | 7.6 |
Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0183 | 9.3 |
The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Microsoft O
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0166 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0136 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, ak
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0191 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0170 | 9.3 |
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0156 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0143 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0104 | 7.6 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0114 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0168 | 4.3 |
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted do
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0155 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0156 and CVE-2016-
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0123 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0106 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0192 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0098 | 9.3 |
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execu
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0158 | 4.3 |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161.
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0137 | 4.3 |
The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."
|
12-10-2018 - 22:11 | 14-09-2016 - 10:59 | |
CVE-2016-0199 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-0186 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0109 | 7.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0103 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0140 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption V
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0121 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0112 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0101 | 9.3 |
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Rem
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0169 | 4.3 |
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted do
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0157 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0102 | 7.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0193 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0160 | 7.2 |
Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." <a href="http://cwe.mitre.org/data/definitions/426.html">CWE-426: Unt
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0147 | 9.3 |
Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web site, aka "MSXML 3.0 Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0195 | 9.3 |
The Imaging Component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0188 | 9.3 |
The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka "Internet Explorer Security Feature Bypass."
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0142 | 9.3 |
Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Video Control Remote Code Execution
|
12-10-2018 - 22:11 | 14-10-2016 - 02:59 | |
CVE-2016-0118 | 9.3 |
The PDF library in Microsoft Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0159 | 7.6 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0164 | 7.6 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0139 | 9.3 |
Microsoft Excel 2010 SP2, Word for Mac 2011, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0124 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0116 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0123, CVE-2016-012
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0187 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "S
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0154 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0111 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0198 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted O
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0125 | 2.6 |
Microsoft Edge mishandles the Referer policy, which allows remote attackers to obtain sensitive browser-history and request information via a crafted HTTPS web site, aka "Microsoft Edge Information Disclosure Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0200 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-0184 | 9.3 |
Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbit
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0122 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0107 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2015-6176 | 4.3 |
Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6153 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6139 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attackers to execute arbitrary web script in a privileged context via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6097 | 9.3 |
Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted Journal (.jnt) file, aka "Windows Journal Heap Overflo
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6085 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6065 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6053 | 5.0 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via crafted parameters in an ArrayBuffer.slice call, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6155 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6088 | 4.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6076 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6170 | 6.8 |
Microsoft Edge allows remote attackers to gain privileges via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6158 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6144 | 4.3 |
Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Browser XSS Fil
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6130 | 9.3 |
Integer underflow in Uniscribe in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows remote attackers to execute arbitrary code via a crafted font, aka "Windows Integer Underflow Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6080 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6156 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6143 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6089 | 9.3 |
The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corr
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6073 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6052 | 4.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6154 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6117 | 4.3 |
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft Share
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2015-6083 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6046 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6142 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6045 | 9.3 |
Use-after-free vulnerability in the CElement object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript that improperly interacts w
|
12-10-2018 - 22:10 | 13-11-2015 - 03:59 | |
CVE-2015-6169 | 4.3 |
Microsoft Edge misparses HTTP responses, which allows remote attackers to redirect users to arbitrary web sites via unspecified vectors, aka "Microsoft Edge Spoofing Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6149 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6072 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6055 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Fi
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6044 | 6.8 |
Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6157 | 4.3 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6136 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6086 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6064 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6165 | 4.3 |
Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Silverlight Information Disclosure Vulnerability," a different vulnerability than CVE-2015-6114.
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6146 | 9.3 |
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6114 | 4.3 |
Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Silverlight Information Disclosure Vulnerability," a different vulnerability than CVE-2015-6165.
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6077 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6140 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6084 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6070 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6056 | 9.3 |
The (1) JScript and (2) VBScript engines in Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6172 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2016, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted email message processed by Outlook, aka "Microsoft O
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6159 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6147 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6122 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6082 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6069 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6161 | 4.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6151 | 9.3 |
Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6135 | 5.0 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scriptin
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6118 | 9.3 |
Microsoft Office 2007 SP3 and Office 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6078 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6049 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6168 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6153.
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6162 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6145 | 9.3 |
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6079 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6068 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6160 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6150 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6106 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2010, Lync 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbit
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6074 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6047 | 6.8 |
The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the AppContainer protection mechanism and gain privileges via a DelegateExecute launch of an arbitrary application, as demonstrated by a transit
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6040 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6164 | 6.8 |
Microsoft Internet Explorer 9 through 11 improperly implements a cross-site scripting (XSS) protection mechanism, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, aka "Internet Explorer XSS Filter Bypass Vulnerab
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6075 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6059 | 4.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scriptin
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6166 | 9.3 |
Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read or write access) via unspecified open and close requests, aka "Microsoft Silverlight RCE Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6148 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6134 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6081 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6071 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6138 | 4.3 |
Microsoft Internet Explorer 8 through 11 mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Internet Explorer XSS Filter Bypass Vulnera
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6177 | 9.3 |
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6141 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6087 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6066 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6050 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-2548 | 9.3 |
Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerab
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-2542 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-09-2015 - 00:59 | |
CVE-2016-0064 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0052 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0010 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0068 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0069.
|
12-10-2018 - 22:10 | 18-02-2016 - 22:59 | |
CVE-2016-0060 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0054 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint S
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0077 | 4.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0022 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0011 | 3.5 |
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft Share
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0067 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0041 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0035 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office doc
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0080 | 4.3 |
Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0061 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0039 | 4.3 |
Cross-site scripting (XSS) vulnerability in SharePoint Server in Microsoft SharePoint Foundation 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0063 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0056 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corrup
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0002 | 7.6 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0059 | 4.3 |
The Hyperlink Object Library in Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted URL in a (1) e-mail message or (2) Office document, aka "Internet Explorer Information
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0072 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0069 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0068.
|
12-10-2018 - 22:10 | 18-02-2016 - 22:59 | |
CVE-2016-0055 | 9.3 |
Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0003 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Microsoft Edge Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0005 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0025 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automa
|
12-10-2018 - 22:10 | 16-06-2016 - 01:59 | |
CVE-2016-0012 | 4.3 |
Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1,
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0071 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0062 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0053 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and SharePoint S
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2015-2467 | 9.3 |
Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-2441 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1744 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2452 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2441.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1753 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1767 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2485 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2477 | 9.3 |
Microsoft Office 2007 SP3, Office for Mac 2011, Office for Mac 2016, and Word Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-2443 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2427 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 11-11-2015 - 11:59 | |
CVE-2015-2448 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1737 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2411 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1739 | 6.8 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1752 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1751 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2431 | 9.3 |
Microsoft Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, and Lync Basic 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office Graphics Library (OGL) font, aka "Microsoft
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-2422 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1732 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1733 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1735 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2421 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2401 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1741 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2469 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office for Mac 2011 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-1738 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2446 | 9.3 |
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2447.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2413 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted module-resource request, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2398 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2403 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2384 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2449 | 4.3 |
Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass."
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2402 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2442 | 9.3 |
Microsoft Internet Explorer 8 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2414 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to obtain sensitive browsing-history information via vectors related to image caching, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2373 | 10.0 |
The Remote Desktop Protocol (RDP) server service in Microsoft Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a series of crafted packets, aka "Remote Desktop Protocol (RDP) Remote Code Executio
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2468 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-1736 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2404 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2391 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2508 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2486 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2397 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2510 | 9.3 |
Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remot
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-1747 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1745 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2447 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2446.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2372 | 9.3 |
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScri
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1755 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2410 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted stylesheet, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2389 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1748 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743.
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2408 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2388 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1754 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2494 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2445 | 4.3 |
Microsoft Internet Explorer 10 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass."
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1750 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2450 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2451.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2412 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1740 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2406 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2390 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2383 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1765 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site.
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1730 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2482 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
|
12-10-2018 - 22:09 | 14-10-2015 - 01:59 | |
CVE-2015-2444 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2442.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1766 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1742 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2451 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2450.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1731 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2385 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1650 | 9.3 |
Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1728 | 9.3 |
Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability."
|
12-10-2018 - 22:08 | 10-06-2015 - 01:59 | |
CVE-2015-1718 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1661 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1645 | 9.3 |
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to execute arbitrary code via a crafted Enhanced Metafile (EMF) image, aka "EMF Processing Remote Code Execution Vulner
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1624 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1708 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1685 | 4.3 |
Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1625 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1660 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1713 | 6.8 |
Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1694 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1658 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1711 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1670 | 4.3 |
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote attackers to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType F
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1659 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1639 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Office for Mac 2011 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Outlook App for Mac XSS Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1714 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1668 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1651 | 9.3 |
Use-after-free vulnerability in Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability." <a
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1705 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1703 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1704.
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1692 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows user-assisted remote attackers to read the clipboard contents via crafted web script, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1687 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 10-06-2015 - 01:59 | |
CVE-2015-1691 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1684 | 4.3 |
VBScript.dll in the Microsoft VBScript 5.6 through 5.8 engine, as used in Internet Explorer 8 through 11 and other products, allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript ASLR Bypass."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1665 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1652 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1704 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1703.
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1657 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1666 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1717 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1688 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1662 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1649 | 9.3 |
Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps Server 2010 SP2 allows remote attackers t
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1634 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1623 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1709 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1626 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1712 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1710 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1686 | 4.3 |
The Microsoft (1) VBScript 5.6 through 5.8 and (2) JScript 5.6 through 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1667 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1622 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1729 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:08 | 14-07-2015 - 21:59 | |
CVE-2015-1706 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1689 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-0066 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0053 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0050 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0038 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0040 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0036 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0028 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0026 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0037 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0045 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0044 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0032 | 9.3 |
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 8 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScri
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0068 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0054 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0043 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0051 | 4.3 |
Microsoft Internet Explorer 8 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0029 | 9.3 |
Microsoft Internet Explorer 6 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0069 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0067 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0031 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0070 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0025 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0100 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0042 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0052 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0055 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0041 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0048 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0056 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0027 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0099 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0035 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0039 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0030 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0049 | 9.3 |
Microsoft Internet Explorer 8 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0046 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2014-8966 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6348 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6356 | 9.3 |
Array index error in Microsoft Word 2007 SP3, Word 2010 SP2, and Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Invalid Index Remote Code Execution Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6349 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6350.
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6340 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6330 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6351 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-4081 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6373 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6357 | 9.3 |
Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 Gold an
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6328 | 5.0 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6365
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4093 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6368 | 4.3 |
Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4104 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4084 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6369 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4082 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4132 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4111 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4101 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4089 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6343 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-4122 | 4.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote attackers to obtain potentially sensitive information about memory addresses by leveraging the predictability of an executable image's location,
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4108 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4096 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4087 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4080 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6342 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6323 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to obtain sensitive clipboard information via a crafted web site, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6375 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6353 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6374 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4109 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4088 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6363 | 9.3 |
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScri
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4086 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4079 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6354 | 7.6 |
Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 allows remote attackers to execute arbitrary code.
|
12-10-2018 - 22:07 | 27-06-2017 - 20:29 | |
CVE-2014-6350 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349.
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6344 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6339 | 5.0 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6327 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6365 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6328
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6347 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6341 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6337 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6366 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6346 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6376 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6345 | 4.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6329 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4143 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-4129 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4110 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4097 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4140 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4103 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4092 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4141 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4133 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4100 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4090 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4128 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4105 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4095 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4127 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4102 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4124 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-4123.
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4094 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4083 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4130 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4107 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4138 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4126 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4098 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4137 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4106 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4085 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4091 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4134 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4121 | 10.0 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4099 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2015-0022 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0017 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0021 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0018 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0019 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0014 | 10.0 |
Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary
|
12-10-2018 - 22:07 | 13-01-2015 - 22:59 | |
CVE-2015-0020 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0023 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2014-4058 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2799 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 10-09-2014 - 01:55 | |
CVE-2014-2792 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-4050 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2820 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2810 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-4067 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2803 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2775 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2766 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2760 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2754 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-4063 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-4059 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 10-09-2014 - 01:55 | |
CVE-2014-2826 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2819 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2811 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2807 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2773 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2769 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2764 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2761 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2758 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2753 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-4065 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 10-09-2014 - 01:55 | |
CVE-2014-4056 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-4052 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-4073 | 10.0 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET Clic
|
12-10-2018 - 22:06 | 15-10-2014 - 10:55 | |
CVE-2014-4057 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2794 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2788 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2783 | 6.4 |
Microsoft Internet Explorer 7 through 11 does not prevent use of wildcard EV SSL certificates, which might allow remote attackers to spoof a trust level by leveraging improper issuance of a wildcard certificate by a recognized Certification Authority
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2824 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2796 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2789 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2774 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2765 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2755 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2822 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2809 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2804 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2800 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2795 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2791 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2787 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2785 | 9.3 |
Microsoft Internet Explorer 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2772 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2768 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2821 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2813 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2808 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2806 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2802 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2798 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2784 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2823 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2801 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2797 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2786 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2782 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 19-06-2014 - 10:50 | |
CVE-2014-2777 | 7.5 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2771 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2767 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2759 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2756 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-4051 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2827 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2818 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2825 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2790 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2776 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2770 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2763 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2757 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-4055 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-1805 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1797 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1789 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1804 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1788 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1774 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1802 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1775 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1800 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1786 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1796 | 9.3 |
Microsoft Internet Explorer 6 and 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1780 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1769 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1784 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1778 | 6.8 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1771 | 6.8 |
SChannel in Microsoft Internet Explorer 6 through 11 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1824 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted Jo
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-1791 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1815 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as exploited in the wild in May 2014, aka "Internet Explorer Memory Corruption Vulnera
|
12-10-2018 - 22:06 | 14-05-2014 - 11:13 | |
CVE-2014-1783 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1770 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript code that interacts improperly with a CollectGarbage function call on a CMarkup object allocated by the
|
12-10-2018 - 22:06 | 22-05-2014 - 11:14 | |
CVE-2014-1782 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1772 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1799 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1790 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1777 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to read local files on the client via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1813 | 8.5 |
Microsoft Web Applications 2010 SP1 and SP2 allows remote authenticated users to execute arbitrary code via crafted page content, aka "Web Applications Page Content Vulnerability."
|
12-10-2018 - 22:06 | 14-05-2014 - 11:13 | |
CVE-2014-1795 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1781 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1794 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1803 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1792 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1785 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1779 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1773 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2013-5791 | 1.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. NOTE: the previous infor
|
12-10-2018 - 22:05 | 16-10-2013 - 15:55 | |
CVE-2013-5763 | 1.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance. NOTE: the original disclosure
|
12-10-2018 - 22:05 | 12-12-2013 - 20:55 | |
CVE-2013-5051 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-5046 | 6.2 |
Microsoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulner
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-5047 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-5052 | 9.3 |
Microsoft Internet Explorer 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-5045 | 6.2 |
Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerabi
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-3916 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-5049 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-3910 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3912 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3908 | 4.3 |
Microsoft Internet Explorer 6 through 10 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information from any visited document via a crafted web page that is not properly handled during a print-preview acti
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3911 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3875 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-5048 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-3914 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3882 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3860 | 7.8 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote attackers to cause a denial of service (application crash or hang) via a crafted signed XML d
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3885 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3909 | 4.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to read content from a different (1) domain or (2) zone via crafted characters in Cascading Style Sheets (CSS) token sequences, aka "Internet Explorer Information Disclosure Vulnerabilit
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3870 | 9.3 |
Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."
|
12-10-2018 - 22:05 | 11-09-2013 - 14:03 | |
CVE-2013-3874 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-4015 | 6.9 |
Microsoft Internet Explorer 6 through 10 allows local users to bypass the elevation policy check in the (1) Protected Mode or (2) Enhanced Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute san
|
12-10-2018 - 22:05 | 26-07-2013 - 12:05 | |
CVE-2013-3872 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3861 | 7.8 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote attackers to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka "JSON Parsing Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3858 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary c
|
12-10-2018 - 22:05 | 11-09-2013 - 14:03 | |
CVE-2013-3886 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3871 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3857 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attacker
|
12-10-2018 - 22:05 | 11-09-2013 - 14:03 | |
CVE-2013-3873 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3915 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3880 | 3.5 |
The App Container feature in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to bypass intended access restrictions and obtain sensitive information from a different container via a Trojan h
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3917 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2014-1751 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1763 | 10.0 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at Can
|
12-10-2018 - 22:05 | 27-04-2014 - 10:55 | |
CVE-2014-1754 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1, Office Web Apps Server 2013 Gold and SP1, and SharePoint Server 2013 Client Components SDK allows remote attackers to
|
12-10-2018 - 22:05 | 14-05-2014 - 11:13 | |
CVE-2014-1758 | 9.3 |
Stack-based buffer overflow in Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Word Stack Overflow Vulnerability."
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1765 | 7.6 |
Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSe
|
12-10-2018 - 22:05 | 27-04-2014 - 10:55 | |
CVE-2014-1764 | 10.0 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSec
|
12-10-2018 - 22:05 | 27-04-2014 - 10:55 | |
CVE-2014-1755 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1760 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1752 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1753 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1762 | 7.5 |
Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via unknown vectors, as demonstrated by ZDI during a Pw
|
12-10-2018 - 22:05 | 27-04-2014 - 10:55 | |
CVE-2014-1757 | 9.3 |
Microsoft Word 2007 SP3 and 2010 SP1 and SP2, and Office Compatibility Pack SP3, allocates memory incorrectly for file conversions from a binary (aka .doc) format to a newer format, which allows remote attackers to execute arbitrary code via a crafte
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-0284 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0267 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0298 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0285 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0325 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that triggers improper processing of CElement objects, aka "Intern
|
12-10-2018 - 22:05 | 03-07-2014 - 14:55 | |
CVE-2014-0282 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 11-06-2014 - 04:56 | |
CVE-2014-0281 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0288 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0308 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0314 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0277 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0299 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0287 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0270 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0290 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0275 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0294 | 10.0 |
Microsoft Forefront Protection 2010 for Exchange Server does not properly parse e-mail content, which might allow remote attackers to execute arbitrary code via a crafted message, aka "RCE Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0313 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0297 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0276 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0304 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0268 | 4.3 |
Microsoft Internet Explorer 8 through 11 does not properly restrict file installation and registry-key creation, which allows remote attackers to bypass the Mandatory Integrity Control protection mechanism via a crafted web site, aka "Internet Explor
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0307 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a certain sequence of manipulations of a TextRange element, aka "Internet Explorer Me
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0321 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0303 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0289 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0293 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0273 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0311 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0269 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0305 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0283 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0274 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0312 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0286 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0271 | 9.3 |
The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0309 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0280 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0310 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 14-05-2014 - 11:13 | |
CVE-2014-0279 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0306 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0272 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0251 | 9.0 |
Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 SP1 and SP2 and 2013 Gold and SP1; Web Applications
|
12-10-2018 - 22:05 | 14-05-2014 - 11:13 | |
CVE-2014-0324 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0302 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0278 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2013-3125 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3142 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3188 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3178 | 9.3 |
Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted Silverlight application, aka "Null Pointer V
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3153 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3117 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3112 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3191 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3162 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3202 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3846 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Int
|
12-10-2018 - 22:04 | 29-12-2013 - 04:25 | |
CVE-2013-3776 | 6.8 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulne
|
12-10-2018 - 22:04 | 17-07-2013 - 13:41 | |
CVE-2013-3209 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3150 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3122 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3206 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3194 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3133 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafte
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3123 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3205 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3189 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3171 | 9.3 |
The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser a
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3145 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3781 | 6.8 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulne
|
12-10-2018 - 22:04 | 17-07-2013 - 13:41 | |
CVE-2013-3201 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3190 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3179 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3203 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3132 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBA
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3127 | 9.3 |
The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafte
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3847 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary c
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3116 | 9.3 |
Microsoft Internet Explorer 7 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3207 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3187 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3164 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3161 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3139 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3119 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3140 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted CMarkup object, aka "Internet Explorer Use After Free Vulnerability."
|
12-10-2018 - 22:04 | 16-12-2013 - 15:14 | |
CVE-2013-3113 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3124 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3199 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3147 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3115 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3849 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary c
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3180 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST XSS Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3146 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3149 | 9.3 |
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3848 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary c
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3208 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3144 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3148 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3134 | 9.3 |
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 on 64-bit platforms does not properly allocate arrays of structures, which allows remote attackers to execute arbitrary code via a crafted .NET Framework ap
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3120 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3111 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3152 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3141 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3114 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3845 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3204 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3193 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3184 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3121 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3166 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scro
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3143 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3118 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3151 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3131 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does not properly prevent changes to data in multidimensional arrays of structures, which allows remote attackers to execute arbitrary code via (1) a craf
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3126 | 9.3 |
Microsoft Internet Explorer 9 and 10, when script debugging is enabled, does not properly handle objects in memory during the processing of script, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Internet Explorer
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3110 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-2393 | 1.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
|
12-10-2018 - 22:04 | 17-04-2013 - 17:55 | |
CVE-2013-1310 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1311 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1306 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnera
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1330 | 10.0 |
The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-1308 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1309 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1307 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1296 | 9.3 |
The Remote Desktop ActiveX control in mstscax.dll in Microsoft Remote Desktop Connection Client 6.1 and 7.0 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a web page that triggers access to a d
|
12-10-2018 - 22:04 | 09-04-2013 - 22:55 | |
CVE-2013-1297 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1338 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 02-05-2013 - 03:31 | |
CVE-2013-1313 | 9.3 |
Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability."
|
12-10-2018 - 22:04 | 13-02-2013 - 12:04 | |
CVE-2013-1312 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2012-4786 | 10.0 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute
|
12-10-2018 - 22:03 | 12-12-2012 - 00:55 | |
CVE-2012-3110 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
CVE-2012-3108 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
CVE-2012-3106 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
CVE-2012-4781 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "InjectHTMLStream Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 12-12-2012 - 00:55 | |
CVE-2012-3107 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
CVE-2012-3109 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
CVE-2012-2521 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL Object Access Remote Code Execution Vulnerability."
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2012-2523 | 9.3 |
Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka "JavaScript Integer Ov
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2012-2528 | 9.3 |
Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote atta
|
12-10-2018 - 22:03 | 09-10-2012 - 21:55 | |
CVE-2012-2522 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this table's deletion, aka "Virtual Function Table Corru
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2012-2557 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "cloneNode Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 21-09-2012 - 21:55 | |
CVE-2012-2526 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP3 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to a deleted object, ak
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2013-0811 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v
|
12-10-2018 - 22:03 | 15-05-2013 - 03:36 | |
CVE-2012-2548 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Layout Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 21-09-2012 - 21:55 | |
CVE-2012-2546 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Event Listener Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 21-09-2012 - 21:55 | |
CVE-2013-0084 | 7.5 |
Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "SharePoint Direct
|
12-10-2018 - 22:03 | 13-03-2013 - 00:55 | |
CVE-2013-0418 | 6.8 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability t
|
12-10-2018 - 22:03 | 17-01-2013 - 01:55 | |
CVE-2013-0393 | 6.8 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability t
|
12-10-2018 - 22:03 | 17-01-2013 - 01:55 | |
CVE-2013-0080 | 7.5 |
Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."
|
12-10-2018 - 22:03 | 13-03-2013 - 00:55 | |
CVE-2013-0085 | 7.8 |
Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability."
|
12-10-2018 - 22:03 | 13-03-2013 - 00:55 | |
CVE-2013-0079 | 9.3 |
Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."
|
12-10-2018 - 22:03 | 13-03-2013 - 00:55 | |
CVE-2013-0027 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CPasteCommand Use After Free Vulnerabil
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0015 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers cross-domain scroll
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0025 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0083 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability."
|
12-10-2018 - 22:03 | 13-03-2013 - 00:55 | |
CVE-2013-0081 | 5.0 |
Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka
|
12-10-2018 - 22:03 | 11-09-2013 - 14:03 | |
CVE-2013-0028 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CObjectElement Use After Free Vulnerabil
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0018 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SetCapture Use After Free Vulnerability.
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2012-1772 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1769 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1766 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1768 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1853 | 10.0 |
Stack-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Admini
|
12-10-2018 - 22:02 | 15-08-2012 - 01:55 | |
CVE-2012-1852 | 10.0 |
Heap-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote
|
12-10-2018 - 22:02 | 15-08-2012 - 01:55 | |
CVE-2012-1770 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1771 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1529 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "OnMove Use Af
|
12-10-2018 - 22:02 | 21-09-2012 - 21:55 | |
CVE-2012-1526 | 9.3 |
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability
|
12-10-2018 - 22:02 | 15-08-2012 - 01:55 | |
CVE-2012-1773 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1767 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-0167 | 9.3 |
Heap-based buffer overflow in the Office GDI+ library in Microsoft Office 2003 SP3 and 2007 SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted EMF image in an Office document, aka "GDI+ Heap Overflow Vulnerability."
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0165 | 9.3 |
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 does not properly validate record types in EMF images, which allows remote attackers to execute arbitrary code via a crafted image, a
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0183 | 9.3 |
Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "RTF Mis
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0181 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard L
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0162 | 9.3 |
Microsoft .NET Framework 4 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Framework Buffer Alloc
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0164 | 5.0 |
Microsoft .NET Framework 4 does not properly compare index values, which allows remote attackers to cause a denial of service (application hang) via crafted requests to a Windows Presentation Foundation (WPF) application, aka ".NET Framework Index Co
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0176 | 9.3 |
Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329 on Windows allows remote attackers to execute arbitrary code via vectors involving crafted XAML glyphs, aka "Silverlight Double-Free Vulnerability."
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0160 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0161 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows remote attackers to execute arbitrar
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0159 | 9.3 |
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 bef
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0182 | 9.3 |
Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Word PAPX Section Corruption Vulnerability."
|
12-10-2018 - 22:02 | 09-10-2012 - 21:55 | |
CVE-2012-0163 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted AS
|
12-10-2018 - 22:02 | 10-04-2012 - 21:55 | |
CVE-2011-5046 | 9.3 |
The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly valida
|
12-10-2018 - 22:01 | 30-12-2011 - 19:55 | |
CVE-2011-1243 | 9.3 |
The Windows Messenger ActiveX control in msgsc.dll in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via unspecified vectors that "corrupt the system state," aka "Microsoft Windows Messenger ActiveX Control Vulnera
|
12-10-2018 - 22:00 | 13-04-2011 - 18:55 | |
CVE-2010-3973 | 9.3 |
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef met
|
12-10-2018 - 21:59 | 23-12-2010 - 18:00 | |
CVE-2010-3334 | 9.3 |
Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing a
|
12-10-2018 - 21:58 | 10-11-2010 - 03:00 | |
CVE-2010-3337 | 9.3 |
Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Insecure Library Loading Vulnerability." NOTE: this might overlap CVE-2010-3
|
12-10-2018 - 21:58 | 10-11-2010 - 03:00 | |
CVE-2010-3336 | 9.3 |
Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "MSO Large SPID
|
12-10-2018 - 21:58 | 10-11-2010 - 03:00 | |
CVE-2010-2573 | 9.3 |
Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Integer Underflow Causes Heap Corrupt
|
12-10-2018 - 21:58 | 10-11-2010 - 03:00 | |
CVE-2010-2728 | 9.3 |
Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, and 2007 SP2, when Online Mode for an Exchange Server is enabled, allows remote attackers to execute arbitrary code via a crafted e-mail message, aka "Heap Based Buffer Overflow in O
|
12-10-2018 - 21:58 | 15-09-2010 - 19:00 | |
CVE-2010-3335 | 9.3 |
Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that
|
12-10-2018 - 21:58 | 10-11-2010 - 03:00 | |
CVE-2010-1903 | 9.3 |
Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed record in a Word file, aka "Word HTML Linked Objects Memory Corrup
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1902 | 9.3 |
Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File For
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1901 | 9.3 |
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not pro
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-2561 | 9.3 |
Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted response, aka "Msxml2.XMLHTTP.3.0 Response Han
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1881 | 9.3 |
The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows
|
12-10-2018 - 21:57 | 15-07-2010 - 12:57 | |
CVE-2010-1900 | 9.3 |
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 d
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1880 | 9.3 |
Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "M
|
12-10-2018 - 21:57 | 08-06-2010 - 22:30 | |
CVE-2010-1879 | 9.3 |
Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data,
|
12-10-2018 - 21:57 | 08-06-2010 - 22:30 | |
CVE-2010-1898 | 9.3 |
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and deleg
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-0814 | 9.3 |
The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 and 2007 SP1 and SP2 do not properly interact with the memory-allocation approach used by Internet Explorer during instantiation, which allows remote attackers to
|
12-10-2018 - 21:57 | 15-07-2010 - 12:57 | |
CVE-2010-0815 | 9.3 |
VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allow
|
12-10-2018 - 21:57 | 12-05-2010 - 11:46 | |
CVE-2010-0239 | 10.0 |
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Router Advertisement packets, which allows remote attackers to execute arb
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0268 | 9.3 |
Unspecified vulnerability in the Windows Media Player ActiveX control in Windows Media Player (WMP) 9 on Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted media content, aka "Media Player Remo
|
12-10-2018 - 21:56 | 14-04-2010 - 16:00 | |
CVE-2010-0019 | 9.3 |
Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before 3.0.41130.0 on Mac OS X, does not properly handle pointers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and framework outage
|
12-10-2018 - 21:56 | 11-08-2010 - 18:47 | |
CVE-2010-0242 | 7.8 |
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, ak
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0241 | 10.0 |
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitr
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0240 | 10.0 |
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulating Security Payload (ESP) over UDP packets, which a
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2009-2528 | 9.3 |
GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vu
|
12-10-2018 - 21:52 | 14-10-2009 - 10:30 | |
CVE-2009-3103 | 10.0 |
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (syste
|
12-10-2018 - 21:52 | 08-09-2009 - 22:30 | |
CVE-2009-2518 | 9.3 |
Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote attackers to execute arbitrary code via an Office document with a bitmap (aka BMP) image that triggers memory corruption, aka "Office BMP Integer Overflow Vulnerability."
|
12-10-2018 - 21:52 | 14-10-2009 - 10:30 | |
CVE-2009-3126 | 9.3 |
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP
|
12-10-2018 - 21:52 | 14-10-2009 - 10:30 | |
CVE-2009-2514 | 9.3 |
win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not correctly parse font code during construction of a directory-entry table, which allows remote attackers to execute arbitrary code via a crafted Embed
|
12-10-2018 - 21:51 | 11-11-2009 - 19:30 | |
CVE-2009-2495 | 7.8 |
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obt
|
12-10-2018 - 21:51 | 29-07-2009 - 17:30 | |
CVE-2009-2501 | 9.3 |
Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 G
|
12-10-2018 - 21:51 | 14-10-2009 - 10:30 | |
CVE-2009-2500 | 9.3 |
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP
|
12-10-2018 - 21:51 | 14-10-2009 - 10:30 | |
CVE-2009-2496 | 9.3 |
Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, In
|
12-10-2018 - 21:51 | 12-08-2009 - 17:30 | |
CVE-2009-1537 | 9.3 |
Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary cod
|
12-10-2018 - 21:51 | 29-05-2009 - 18:30 | |
CVE-2009-2513 | 7.2 |
The Graphics Device Interface (GDI) in win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local user
|
12-10-2018 - 21:51 | 11-11-2009 - 19:30 | |
CVE-2009-2512 | 9.3 |
The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly process the headers of WSD messages, which allows remote attackers to execute arbitrary code via a crafted (1) message or (2)
|
12-10-2018 - 21:51 | 11-11-2009 - 19:30 | |
CVE-2009-1533 | 9.3 |
Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that trigg
|
12-10-2018 - 21:51 | 10-06-2009 - 18:00 | |
CVE-2009-2493 | 9.3 |
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2,
|
12-10-2018 - 21:51 | 29-07-2009 - 17:30 | |
CVE-2009-2505 | 10.0 |
The Internet Authentication Service (IAS) in Microsoft Windows Vista SP2 and Server 2008 SP2 does not properly validate MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP) authentication requests, which allows remote attackers to execute a
|
12-10-2018 - 21:51 | 09-12-2009 - 18:30 | |
CVE-2009-1534 | 9.3 |
Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary c
|
12-10-2018 - 21:51 | 12-08-2009 - 17:30 | |
CVE-2009-2504 | 9.3 |
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Mi
|
12-10-2018 - 21:51 | 14-10-2009 - 10:30 | |
CVE-2009-2503 | 9.3 |
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold a
|
12-10-2018 - 21:51 | 14-10-2009 - 10:30 | |
CVE-2009-1137 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format Vulne
|
12-10-2018 - 21:51 | 12-05-2009 - 22:30 | |
CVE-2009-1134 | 9.3 |
Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file w
|
12-10-2018 - 21:51 | 10-06-2009 - 18:30 | |
CVE-2009-1136 | 9.3 |
The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Micro
|
12-10-2018 - 21:51 | 15-07-2009 - 15:30 | |
CVE-2009-0222 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to a "pointer overwrite" and memory corruption, aka
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-1131 | 9.3 |
Multiple stack-based buffer overflows in Microsoft Office PowerPoint 2000 SP3 allow remote attackers to execute arbitrary code via a large amount of data associated with unspecified atoms in a PowerPoint file that triggers memory corruption, aka "Dat
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0225 | 9.3 |
Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to improper "array indexing" and memory corruption, aka "PP7 Memory Corrupti
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-1129 | 9.3 |
Multiple stack-based buffer overflows in the PowerPoint 95 importer (PP7X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via an inconsistent record length in sound data in a fil
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0549 | 9.3 |
Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Microsoft Office Excel Viewer 2003 SP3 allow remote attackers to execute arbitrary code via a crafted Ex
|
12-10-2018 - 21:50 | 10-06-2009 - 18:30 | |
CVE-2009-0238 | 9.3 |
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remot
|
12-10-2018 - 21:50 | 25-02-2009 - 16:30 | |
CVE-2009-0559 | 9.3 |
Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "String Copy Stack-Based Overrun Vulnerability."
|
12-10-2018 - 21:50 | 10-06-2009 - 18:30 | |
CVE-2009-0223 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format Vulne
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-1128 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to memory corruption, aka "PP7 Memory Corruption Vul
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0228 | 10.0 |
Stack-based buffer overflow in the EnumeratePrintShares function in Windows Print Spooler Service (win32spl.dll) in Microsoft Windows 2000 SP4 allows remote printer servers to execute arbitrary code via a crafted ShareName in a response to an RPC req
|
12-10-2018 - 21:50 | 10-06-2009 - 18:00 | |
CVE-2009-0235 | 9.3 |
Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corrupti
|
12-10-2018 - 21:50 | 15-04-2009 - 08:00 | |
CVE-2009-1130 | 9.3 |
Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted structure in a Notes container in a PowerPoint file that
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0565 | 9.3 |
Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Forma
|
12-10-2018 - 21:50 | 10-06-2009 - 18:00 | |
CVE-2009-0227 | 9.3 |
Stack-based buffer overflow in the PowerPoint 4.2 conversion filter (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a large number of structures in sound data in a fil
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0224 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 2003 and 2007 SP1 and SP2; PowerPoint in Microsoft Office 2004 for Mac and 2008 for Mac; Open XML File Format Converter for Mac; Microsoft Works 8.5 and
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0560 | 9.3 |
Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office
|
12-10-2018 - 21:50 | 10-06-2009 - 18:30 | |
CVE-2009-0558 | 9.3 |
Array index error in Excel in Microsoft Office 2000 SP3 and Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac, allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Arra
|
12-10-2018 - 21:50 | 10-06-2009 - 18:30 | |
CVE-2009-0220 | 9.3 |
Multiple stack-based buffer overflows in the PowerPoint 4.0 importer (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via crafted formatting data for paragraphs in a file th
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0226 | 9.3 |
Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a long string in sound data in a file that uses a PowerPoint 4.0
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0556 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value tha
|
12-10-2018 - 21:50 | 03-04-2009 - 18:30 | |
CVE-2009-1127 | 7.2 |
win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not correctly validate an argument to an unspecified system call, which allows local users to gain pr
|
12-10-2018 - 21:50 | 11-11-2009 - 19:30 | |
CVE-2009-0230 | 9.0 |
The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file
|
12-10-2018 - 21:50 | 10-06-2009 - 18:00 | |
CVE-2009-0561 | 9.3 |
Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP
|
12-10-2018 - 21:50 | 10-06-2009 - 18:30 | |
CVE-2009-0901 | 9.3 |
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Serv
|
12-10-2018 - 21:50 | 29-07-2009 - 17:30 | |
CVE-2009-0221 | 9.3 |
Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a PowerPoint file containing a crafted record type for "collaboration information for different slides" that contains a field
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0562 | 9.3 |
The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Accelerati
|
12-10-2018 - 21:50 | 12-08-2009 - 17:30 | |
CVE-2008-4841 | 9.3 |
The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corrupti
|
12-10-2018 - 21:49 | 10-12-2008 - 14:00 | |
CVE-2008-4844 | 9.3 |
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving (1) an XML Island, (2)
|
12-10-2018 - 21:49 | 11-12-2008 - 15:30 | |
CVE-2009-0100 | 9.3 |
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007
|
12-10-2018 - 21:49 | 15-04-2009 - 08:00 | |
CVE-2009-0102 | 9.3 |
Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3, does not properly handle memory allocation for Project files, which allows remote attackers to execute arbitrary code via a malformed file, aka "Project Memory Validation Vulnerabi
|
12-10-2018 - 21:49 | 09-12-2009 - 18:30 | |
CVE-2009-0099 | 5.0 |
The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service (application outage
|
12-10-2018 - 21:49 | 10-02-2009 - 22:30 | |
CVE-2009-0098 | 9.3 |
Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message
|
12-10-2018 - 21:49 | 10-02-2009 - 22:30 | |
CVE-2008-4269 | 8.5 |
The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML docum
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4252 | 8.5 |
The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a c
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4268 | 8.5 |
The Windows Search component in Microsoft Windows Vista Gold and SP1 and Server 2008 does not properly free memory during a save operation for a Windows Search file, which allows remote attackers to execute arbitrary code via a crafted saved-search f
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4256 | 8.5 |
The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote at
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4265 | 9.3 |
Microsoft Office Excel 2000 SP3 allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed object, which triggers memory corruption during the loading of records from this spreadsheet, aka "File Format
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4253 | 8.5 |
The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allo
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4266 | 9.3 |
Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2003 Gold and SP3; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Exc
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4254 | 8.5 |
Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols prop
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4033 | 4.3 |
Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the
|
12-10-2018 - 21:48 | 12-11-2008 - 23:30 | |
CVE-2008-4264 | 9.3 |
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4255 | 9.3 |
Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Proj
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-3704 | 9.3 |
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP
|
12-10-2018 - 21:48 | 18-08-2008 - 19:41 | |
CVE-2008-2540 | 9.3 |
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downlo
|
12-10-2018 - 21:47 | 03-06-2008 - 15:32 | |
CVE-2008-0015 | 9.3 |
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP
|
12-10-2018 - 21:44 | 07-07-2009 - 23:30 | |
CVE-2008-0020 | 9.3 |
Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server
|
12-10-2018 - 21:44 | 07-07-2009 - 23:30 | |
CVE-2014-4112 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
08-03-2018 - 17:15 | 08-02-2018 - 23:29 | |
CVE-2014-4145 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
08-03-2018 - 17:14 | 08-02-2018 - 23:29 | |
CVE-2014-4066 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
08-03-2018 - 17:14 | 08-02-2018 - 23:29 | |
CVE-2014-8985 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
23-02-2018 - 17:47 | 08-02-2018 - 23:29 | |
CVE-2012-4969 | 9.3 |
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
|
21-11-2017 - 18:13 | 18-09-2012 - 10:39 | |
CVE-2013-2013 | 2.1 |
The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process.
|
19-09-2017 - 01:36 | 01-10-2013 - 20:55 | |
CVE-2017-0038 | 4.3 |
gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers
|
01-09-2017 - 01:29 | 20-02-2017 - 16:59 | |
CVE-2017-0086 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0061 | 2.6 |
The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2, Windows Server 2008 SP2 and R2, and Windows 7 SP1 allows remote attackers to bypass ASLR and execute code in combination with another vulnerability through a
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0063 | 4.3 |
The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2; Windows Server 2008 SP2 and R2; and Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0115 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0091 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0100 | 4.4 |
A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a craft
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0111 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0088 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0084 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arb
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0085 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0113 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0090 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0083 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0112 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0087 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0114 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0062 | 1.9 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0092 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0108 | 9.3 |
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allo
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0116 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0089 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0117 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0074 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0099 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0096 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to obtain sensitive information from h
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0076 | 2.9 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0098 | 2.9 |
Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka "Hyper-V Denial of Service Vulnerability." This vulnerabilit
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0109 | 7.4 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0097 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0065 | 4.3 |
Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CV
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0033 | 4.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0069 | 4.3 |
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0130 | 7.6 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This v
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0018 | 7.6 |
Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different f
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0057 | 4.3 |
DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convinc
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0049 | 4.3 |
The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different fro
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0035 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0009 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0007 | 2.1 |
Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability."
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0040 | 7.6 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This v
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0015 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0008 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those descr
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0067 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0012 | 4.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0011 | 4.3 |
Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0154 | 5.8 |
Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it into another via a crafted application, aka, "Internet
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0034 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0068 | 4.3 |
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0032 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0017 | 4.3 |
The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability." This vulner
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2016-7293 | 5.0 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue in a "generally available" software product. Notes: none.
|
16-02-2017 - 16:59 | 16-02-2017 - 16:59 | |
CVE-2014-8967 | 6.8 |
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets (CSS) token sequence specifying the run-in value for the display pr
|
30-10-2015 - 19:01 | 15-12-2014 - 18:59 |