Filtered by vendor Microsoft
Subscribe
Total
20965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-8267 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8243. | |||||
| CVE-2018-8266 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8380, CVE-2018-8381, CVE-2018-8384. | |||||
| CVE-2018-8265 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in the way Microsoft Exchange software parses specially crafted email messages, aka "Microsoft Exchange Remote Code Execution Vulnerability." This affects Microsoft Exchange Server. | |||||
| CVE-2018-8262 | 1 Microsoft | 2 Edge, Windows 10 | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8125, CVE-2018-8274, CVE-2018-8275, CVE-2018-8279, CVE-2018-8301. | |||||
| CVE-2018-8260 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka ".NET Framework Remote Code Execution Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2. | |||||
| CVE-2018-8256 | 1 Microsoft | 10 Microsoft.powershell.archive, Powershell Core, Windows 10 and 7 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1. | |||||
| CVE-2018-8254 | 1 Microsoft | 3 Project Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft Project Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8252. | |||||
| CVE-2018-8253 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka "Microsoft Cortana Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10. | |||||
| CVE-2018-8252 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8254. | |||||
| CVE-2018-8251 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
| CVE-2018-8249 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows 8.1 and 3 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0978. | |||||
| CVE-2018-8248 | 1 Microsoft | 1 Office | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office. | |||||
| CVE-2018-8247 | 1 Microsoft | 2 Office Online Server, Office Web Apps | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests, aka "Microsoft Office Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Office Online Server. This CVE ID is unique from CVE-2018-8245. | |||||
| CVE-2018-8246 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. | |||||
| CVE-2018-8245 | 1 Microsoft | 1 Publisher | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher. | |||||
| CVE-2018-8244 | 1 Microsoft | 3 Office, Outlook, Outlook Rt | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook. | |||||
| CVE-2018-8243 | 1 Microsoft | 1 Chakracore | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8267. | |||||
| CVE-2018-8242 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298. | |||||
| CVE-2018-8239 | 1 Microsoft | 3 Windows 10, Windows Server 1803, Windows Server 2016 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | |||||
| CVE-2018-8238 | 1 Microsoft | 2 Lync, Skype For Business | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync. | |||||