VYPR

Vendor CVEs

Microsoft

All CVEs

14,319 total · sorted by risk
  • CVE-2017-0136HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.15

    A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the…

  • CVE-2017-0132HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.15

    A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the…

  • CVE-2017-0131HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.15

    A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the…

  • CVE-2017-0109HigMar 17, 2017
    risk 0.50cvss 7.6epss 0.05

    Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host OS via a crafted application,…

  • CVE-2017-0095HigMar 17, 2017
    risk 0.50cvss 7.6epss 0.04

    Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This vulnerability is different from…

  • CVE-2017-0075HigMar 17, 2017
    risk 0.50cvss 7.6epss 0.13

    Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host OS via a crafted application,…

  • CVE-2017-0067HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.15

    A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the…

  • CVE-2017-0040HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.13

    The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different…

  • CVE-2017-0035HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.15

    A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the…

  • CVE-2017-0034HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.13

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited…

  • CVE-2017-0032HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.15

    A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the…

  • CVE-2017-0018HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.13

    Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in…

  • CVE-2017-0014HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.18

    The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via a…

  • CVE-2016-7296HigDec 20, 2016
    risk 0.50cvss 7.5epss 0.17

    The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286, CVE-2016-7288,…

  • CVE-2016-7279HigDec 20, 2016
    risk 0.50cvss 7.5epss 0.15

    Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

  • CVE-2016-7270HigDec 20, 2016
    risk 0.50cvss 7.5epss 0.20

    The Data Provider for SQL Server in Microsoft .NET Framework 4.6.2 mishandles a developer-supplied key, which allows remote attackers to bypass the Always Encrypted protection mechanism and obtain sensitive cleartext information by leveraging key guessability, aka ".NET…

  • CVE-2016-7181HigDec 20, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."

  • CVE-2016-7240HigNov 10, 2016
    risk 0.50cvss 7.5epss 0.66

    The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than…

  • CVE-2016-7237MedNov 10, 2016
    risk 0.50cvss 6.5epss 0.65

    Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote…

  • CVE-2016-7203HigNov 10, 2016
    risk 0.50cvss 7.5epss 0.65

    The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than…

  • CVE-2016-7198HigNov 10, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than…

  • CVE-2016-7196HigNov 10, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

  • CVE-2016-7195HigNov 10, 2016
    risk 0.50cvss 7.5epss 0.17

    Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than…

  • CVE-2016-7190HigOct 14, 2016
    risk 0.50cvss 7.5epss 0.67

    The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3386,…

  • CVE-2016-3384HigOct 14, 2016
    risk 0.50cvss 7.5epss 0.13

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

  • CVE-2016-3383HigOct 14, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

  • CVE-2016-3331HigOct 14, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

  • CVE-2016-3375HigSep 14, 2016
    risk 0.50cvss 7.5epss 0.17

    The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow…

  • CVE-2016-3369HigSep 14, 2016
    risk 0.50cvss 7.5epss 0.12

    Microsoft Windows 10 Gold and 1511 allows attackers to cause a denial of service via unspecified vectors, aka "Windows Denial of Service Vulnerability."

  • CVE-2016-3330HigSep 14, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3294.

  • CVE-2016-3295HigSep 14, 2016
    risk 0.50cvss 7.5epss 0.15

    Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

  • CVE-2016-3294HigSep 14, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3330.

  • CVE-2016-3322HigAug 9, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3289.

  • CVE-2016-3296HigAug 9, 2016
    risk 0.50cvss 7.5epss 0.15

    The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."

  • CVE-2016-3293HigAug 9, 2016
    risk 0.50cvss 7.5epss 0.15

    Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability."

  • CVE-2016-3290HigAug 9, 2016
    risk 0.50cvss 7.5epss 0.16

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3288.

  • CVE-2016-3289HigAug 9, 2016
    risk 0.50cvss 7.5epss 0.18

    Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322.

  • CVE-2016-3264HigJul 13, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

  • CVE-2016-3246HigJul 13, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."

  • CVE-2016-3243HigJul 13, 2016
    risk 0.50cvss 7.5epss 0.13

    Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

  • CVE-2016-3242HigJul 13, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3240 and…

  • CVE-2016-3241HigJul 13, 2016
    risk 0.50cvss 7.5epss 0.13

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3240 and…

  • CVE-2016-3240HigJul 13, 2016
    risk 0.50cvss 7.5epss 0.14

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3241 and…

  • CVE-2016-3207HigJun 16, 2016
    risk 0.50cvss 7.5epss 0.17

    The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine…

  • CVE-2016-3206HigJun 16, 2016
    risk 0.50cvss 7.5epss 0.15

    The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine…

  • CVE-2016-3205HigJun 16, 2016
    risk 0.50cvss 7.5epss 0.15

    The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine…

  • CVE-2016-1100HigMay 11, 2016
    risk 0.50cvss 7.5epss 0.10

    Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

  • CVE-2016-1099HigMay 11, 2016
    risk 0.50cvss 7.5epss 0.10

    Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

  • CVE-2016-1098HigMay 11, 2016
    risk 0.50cvss 7.5epss 0.10

    Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

  • CVE-2016-0192HigMay 11, 2016
    risk 0.50cvss 7.5epss 0.17

    Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."

Page 108 of 287