VYPR

Vendor CVEs

Microsoft

All CVEs

14,323 total · sorted by risk
  • CVE-2019-0811HigJul 15, 2019
    risk 0.49cvss 7.5epss 0.04

    A denial of service vulnerability exists in Windows DNS Server when it fails to properly handle DNS queries, aka 'Windows DNS Server Denial of Service Vulnerability'.

  • CVE-2019-1080HigJun 12, 2019
    risk 0.49cvss 7.5epss 0.03

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who…

  • CVE-2019-1055HigJun 12, 2019
    risk 0.49cvss 7.5epss 0.03

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who…

  • CVE-2019-1038HigJun 12, 2019
    risk 0.49cvss 7.5epss 0.03

    A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully…

  • CVE-2019-1005HigJun 12, 2019
    risk 0.49cvss 7.5epss 0.03

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who…

  • CVE-2019-0988HigJun 12, 2019
    risk 0.49cvss 7.5epss 0.06

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who…

  • CVE-2019-0959HigJun 12, 2019
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an…

  • CVE-2019-0909HigJun 12, 2019
    risk 0.49cvss 7.5epss 0.04

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…

  • CVE-2019-0982HigMay 16, 2019
    risk 0.49cvss 7.5epss 0.07

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

  • CVE-2019-0981HigMay 16, 2019
    risk 0.49cvss 7.5epss 0.05

    A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980.

  • CVE-2019-0980HigMay 16, 2019
    risk 0.49cvss 7.5epss 0.05

    A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.

  • CVE-2019-0929HigMay 16, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

  • CVE-2019-0926HigMay 16, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.

  • CVE-2019-0918HigMay 16, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0911.

  • CVE-2019-0884HigMay 16, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918.

  • CVE-2019-0820HigMay 16, 2019
    risk 0.49cvss 7.5epss 0.06

    A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

  • CVE-2019-0875HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.03

    An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation of Privilege Vulnerability'.

  • CVE-2019-0815HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.07

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

  • CVE-2019-0753HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0752, CVE-2019-0862.

  • CVE-2019-0688HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.08

    An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'.

  • CVE-2019-0784HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'.

  • CVE-2019-0783HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769,…

  • CVE-2019-0780HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.

  • CVE-2019-0779HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'.

  • CVE-2019-0770HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769,…

  • CVE-2019-0763HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

  • CVE-2019-0680HigApr 9, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0769, CVE-2019-0770,…

  • CVE-2019-0665HigApr 8, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0666, CVE-2019-0667, CVE-2019-0772.

  • CVE-2019-0611HigApr 8, 2019
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0592.

  • CVE-2019-0741HigMar 5, 2019
    risk 0.49cvss 7.5epss 0.07

    An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'.

  • CVE-2019-0686HigMar 5, 2019
    risk 0.49cvss 7.4epss 0.05

    An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724.

  • CVE-2019-0637HigMar 5, 2019
    risk 0.49cvss 7.5epss 0.04

    A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections, aka 'Windows Defender Firewall Security Feature Bypass Vulnerability'.

  • CVE-2019-0564HigJan 8, 2019
    risk 0.49cvss 7.5epss 0.08

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0548.

  • CVE-2019-0548HigJan 8, 2019
    risk 0.49cvss 7.5epss 0.08

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.2, ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0564.

  • CVE-2018-8517HigDec 12, 2018
    risk 0.49cvss 7.5epss 0.06

    A denial of service vulnerability exists when .NET Framework improperly handles special web requests, aka ".NET Framework Denial Of Service Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2,…

  • CVE-2018-8493HigOct 10, 2018
    risk 0.49cvss 7.5epss 0.08

    An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10,…

  • CVE-2018-8409HigSep 13, 2018
    risk 0.49cvss 7.5epss 0.07

    A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.

  • CVE-2018-8335HigSep 13, 2018
    risk 0.49cvss 7.5epss 0.09

    A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,…

  • CVE-2018-8360HigAug 15, 2018
    risk 0.49cvss 7.5epss 0.09

    An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft…

  • CVE-2018-8310HigJul 11, 2018
    risk 0.49cvss 7.5epss 0.05

    A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka "Microsoft Office Tampering Vulnerability." This affects Microsoft Word, Microsoft Office.

  • CVE-2018-8251HigJun 14, 2018
    risk 0.49cvss 7.5epss 0.07

    A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server…

  • CVE-2018-8214HigJun 14, 2018
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique…

  • CVE-2018-8208HigJun 14, 2018
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique…

  • CVE-2018-0982HigJun 14, 2018
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

  • CVE-2018-8134HigMay 9, 2018
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

  • CVE-2018-0882HigMar 14, 2018
    risk 0.49cvss 7.0epss 0.03

    The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is…

  • CVE-2018-0880HigMar 14, 2018
    risk 0.49cvss 7.0epss 0.03

    The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is…

  • CVE-2018-0879HigMar 14, 2018
    risk 0.49cvss 7.5epss 0.09

    Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability".

  • CVE-2018-0808HigMar 14, 2018
    risk 0.49cvss 7.5epss 0.08

    ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how ASP.NET web applications handle web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0784.

  • CVE-2018-0826HigFeb 15, 2018
    risk 0.49cvss 7.0epss 0.03

    Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Storage Services Elevation of Privilege…

Page 121 of 287