Max CVSS 9.3 Min CVSS 1.9 Total Count74
IDCVSSSummaryLast (major) updatePublished
CVE-2018-12828 7.5
Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation.
29-08-2018 - 09:29 29-08-2018 - 09:29
CVE-2018-12827 5.0
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
29-08-2018 - 09:29 29-08-2018 - 09:29
CVE-2018-12826 5.0
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
29-08-2018 - 09:29 29-08-2018 - 09:29
CVE-2018-12825 7.5
Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass.
29-08-2018 - 09:29 29-08-2018 - 09:29
CVE-2018-12824 4.3
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
29-08-2018 - 09:29 29-08-2018 - 09:29
CVE-2018-8414 9.3
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8412 4.6
An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability." This affects Microsoft Offic
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8406 7.2
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, W
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8405 7.2
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8404 7.2
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows Server 2012, Wi
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8403 7.6
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8401 7.2
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, W
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8400 7.2
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. Th
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8399 6.9
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8398 4.3
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Win
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8397 9.3
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka "GDI+ Remote Code Execution Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8396 1.9
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8394 4.3
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Win
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8390 7.6
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-20
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8389 7.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8388 4.3
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8383.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8387 7.6
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8377.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8385 7.6
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11,
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8383 4.3
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8388.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8382 4.3
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8381 7.6
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8380 7.6
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8379 9.3
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8378 4.3
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This a
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8377 7.6
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8387.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8375 9.3
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, M
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8373 7.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8372 7.6
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8371 7.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8370 4.3
A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8360 5.0
An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framewo
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8358 4.3
A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8357 5.1
An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft Edge.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8355 7.6
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8353 7.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8351 4.3
An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explor
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8350 9.3
A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8349 9.3
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Wind
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8348 1.9
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 200
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8347 7.2
An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windo
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8346 9.3
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed, aka "LNK Remote Code Execution Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8345 7.6
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed, aka "LNK Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windo
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8344 9.3
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8343 7.2
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS Elevation of Privilege Vulnerability." This affec
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8342 7.2
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS Elevation of Privilege Vulnerability." This affec
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8341 1.9
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 201
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8340 4.0
A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests, aka "AD FS Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows Ser
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8339 6.9
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior, aka "Windows Installer Elevation of Privilege Vulnerability." This af
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8316 7.6
A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 11, Internet Explorer
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8266 7.6
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8253 2.1
An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka "Microsoft Cortana Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8204 4.6
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windo
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-8200 4.6
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windo
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-0952 7.2
An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Window
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-3646 4.7
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fau
14-08-2018 - 15:29 14-08-2018 - 15:29
CVE-2018-3620 4.7
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel an
14-08-2018 - 15:29 14-08-2018 - 15:29
CVE-2018-3615 5.4
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a si
14-08-2018 - 15:29 14-08-2018 - 15:29
CVE-2018-14424 4.6
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting
14-08-2018 - 14:29 14-08-2018 - 14:29
CVE-2018-3110 6.5
A vulnerability was discovered in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18. Easily exploitable vulnerability allows low privileged attacker having Create Session pri
10-08-2018 - 18:29 10-08-2018 - 18:29
CVE-2018-14912 5.0
cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
06-08-2018 - 21:29 03-08-2018 - 15:29
CVE-2018-14345 6.0
An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is
17-07-2018 - 10:29 17-07-2018 - 10:29
CVE-2018-13796 4.3
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
12-07-2018 - 14:29 12-07-2018 - 14:29
CVE-2018-3665 4.7
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
21-06-2018 - 16:29 21-06-2018 - 16:29
CVE-2017-14503 4.3
libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16.
17-09-2017 - 14:29 17-09-2017 - 14:29
CVE-2017-14501 4.3
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header.
17-09-2017 - 14:29 17-09-2017 - 14:29
CVE-2017-14166 4.3
libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_fo
06-09-2017 - 14:29 06-09-2017 - 14:29
CVE-2016-10350 4.3
The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
05-05-2017 - 14:30 30-04-2017 - 21:59
CVE-2016-10349 4.3
The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
05-05-2017 - 14:30 30-04-2017 - 21:59
CVE-2016-10209 4.3
The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.
06-04-2017 - 09:10 03-04-2017 - 01:59
Back to Top Mark selected
Back to Top