Vendor CVEs
Microsoft
All CVEs
14,197 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8487 | Hig | 0.59 | 7.8 | 0.63 | Jun 15, 2017 | Windows OLE in Windows XP and Windows Server 2003 allows an attacker to execute code when a victim opens a specially crafted file or program aka "Windows olecnv32.dll Remote Code Execution Vulnerability." | ||
| CVE-2017-8528 | Hig | 0.59 | 8.8 | 0.20 | Jun 15, 2017 | Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows a remote code execution vulnerability… | ||
| CVE-2017-8527 | Hig | 0.59 | 8.8 | 0.19 | Jun 15, 2017 | Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it handles objects in memory, aka… | ||
| CVE-2017-8512 | Hig | 0.59 | 8.8 | 0.22 | Jun 15, 2017 | A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-0260, and… | ||
| CVE-2017-8510 | Hig | 0.59 | 8.8 | 0.22 | Jun 15, 2017 | A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and… | ||
| CVE-2017-8509 | Hig | 0.59 | 8.8 | 0.18 | Jun 15, 2017 | A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and… | ||
| CVE-2017-0021 | Cri | 0.59 | 9.0 | 0.02 | Mar 17, 2017 | Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is different from that described in… | ||
| CVE-2016-7283 | Hig | 0.59 | 8.8 | 0.18 | Dec 20, 2016 | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||
| CVE-2016-7273 | Hig | 0.59 | 8.8 | 0.19 | Dec 20, 2016 | The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability." | ||
| CVE-2016-7217 | Hig | 0.59 | 8.8 | 0.22 | Nov 10, 2016 | Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Media Foundation Memory Corruption Vulnerability." | ||
| CVE-2016-7205 | Hig | 0.59 | 8.8 | 0.22 | Nov 10, 2016 | Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows… | ||
| CVE-2016-3368 | Hig | 0.59 | 8.8 | 0.18 | Sep 14, 2016 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging a domain account to make a… | ||
| CVE-2016-3367 | Hig | 0.59 | 8.8 | 0.18 | Sep 14, 2016 | StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not properly allocate memory for string-insert and string-append operations, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Silverlight Memory Corruption… | ||
| CVE-2016-3352 | Hig | 0.59 | 8.8 | 0.21 | Sep 14, 2016 | Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via a brute-force attack on NTLM password hashes, aka "Microsoft Information… | ||
| CVE-2016-3297 | Hig | 0.59 | 8.8 | 0.23 | Sep 14, 2016 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | ||
| CVE-2016-3248 | Hig | 0.59 | 8.8 | 0.23 | Jul 13, 2016 | The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted… | ||
| CVE-2016-3204 | Hig | 0.59 | 8.8 | 0.19 | Jul 13, 2016 | The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine… | ||
| CVE-2016-3210 | Hig | 0.59 | 8.8 | 0.22 | Jun 16, 2016 | The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | ||
| CVE-2016-0200 | Hig | 0.59 | 8.8 | 0.21 | Jun 16, 2016 | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0199 and… | ||
| CVE-2016-0195 | Hig | 0.59 | 8.8 | 0.18 | May 11, 2016 | The Imaging Component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka… | ||
| CVE-2016-0188 | Hig | 0.59 | 8.8 | 0.18 | May 11, 2016 | The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka "Internet Explorer Security Feature Bypass." | ||
| CVE-2016-0184 | Hig | 0.59 | 8.8 | 0.19 | May 11, 2016 | Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted… | ||
| CVE-2016-0178 | Hig | 0.59 | 8.8 | 0.17 | May 11, 2016 | The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles free operations, which allows remote attackers to execute arbitrary code… | ||
| CVE-2016-0101 | Hig | 0.59 | 8.8 | 0.20 | Mar 9, 2016 | Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution… | ||
| CVE-2016-0098 | Hig | 0.59 | 8.8 | 0.20 | Mar 9, 2016 | Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution Vulnerability." | ||
| CVE-2016-0069 | Hig | 0.59 | 8.8 | 0.19 | Feb 18, 2016 | Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0068. | ||
| CVE-2016-0084 | Hig | 0.59 | 8.8 | 0.18 | Feb 10, 2016 | Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability." | ||
| CVE-2016-0072 | Hig | 0.59 | 8.8 | 0.21 | Feb 10, 2016 | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0060,… | ||
| CVE-2016-0062 | Hig | 0.59 | 8.8 | 0.22 | Feb 10, 2016 | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." | ||
| CVE-2016-0061 | Hig | 0.59 | 8.8 | 0.22 | Feb 10, 2016 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than… | ||
| CVE-2016-0060 | Hig | 0.59 | 8.8 | 0.28 | Feb 10, 2016 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than… | ||
| CVE-2016-0024 | Hig | 0.59 | 8.8 | 0.18 | Jan 13, 2016 | The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Memory Corruption Vulnerability." | ||
| CVE-2013-0006 | Hig | 0.59 | 8.8 | 0.28 | Jan 9, 2013 | Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability." | ||
| CVE-2012-4775 | Hig | 0.59 | 8.8 | 0.22 | Nov 14, 2012 | Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability." | ||
| CVE-2012-0175 | Hig | 0.59 | 8.8 | 0.26 | Jul 10, 2012 | The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2) directory, aka "Command… | ||
| CVE-2011-3406 | Hig | 0.59 | 8.8 | 0.23 | Dec 14, 2011 | Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold… | ||
| CVE-2011-0663 | Hig | 0.59 | 8.8 | 0.26 | Apr 13, 2011 | Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability." | ||
| CVE-2009-1544 | Hig | 0.59 | 8.8 | 0.21 | Aug 12, 2009 | Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold,… | ||
| CVE-2024-43455 | Hig | 0.58 | 8.8 | 0.02 | Sep 10, 2024 | Windows Remote Desktop Licensing Service Spoofing Vulnerability | ||
| CVE-2024-30103 | Hig | 0.58 | 8.8 | 0.03 | Jun 11, 2024 | Microsoft Outlook Remote Code Execution Vulnerability | ||
| CVE-2023-35641 | Hig | 0.58 | 8.8 | 0.07 | Dec 12, 2023 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | ||
| CVE-2023-35630 | Hig | 0.58 | 8.8 | 0.06 | Dec 12, 2023 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | ||
| CVE-2023-36400 | Hig | 0.58 | 8.8 | 0.04 | Nov 14, 2023 | Windows HMAC Key Derivation Elevation of Privilege Vulnerability | ||
| CVE-2023-36052 | Hig | 0.58 | 8.6 | 0.22 | Nov 14, 2023 | Azure CLI REST Command Information Disclosure Vulnerability | ||
| CVE-2023-36039 | Hig | 0.58 | 8.0 | 0.73 | Nov 14, 2023 | Microsoft Exchange Server Spoofing Vulnerability | ||
| CVE-2023-38148 | Hig | 0.58 | 8.8 | 0.08 | Sep 12, 2023 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | ||
| CVE-2023-36756 | Hig | 0.58 | 8.0 | 0.75 | Sep 12, 2023 | Microsoft Exchange Server Remote Code Execution Vulnerability | ||
| CVE-2023-36745 | Hig | 0.58 | 8.0 | 0.81 | Sep 12, 2023 | Microsoft Exchange Server Remote Code Execution Vulnerability | ||
| CVE-2023-33160 | Hig | 0.58 | 8.8 | 0.05 | Jul 11, 2023 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2023-28229 | Hig | 0.58 | 7.0 | 0.02 | KEV | Apr 11, 2023 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability |
- risk 0.59cvss 7.8epss 0.63
Windows OLE in Windows XP and Windows Server 2003 allows an attacker to execute code when a victim opens a specially crafted file or program aka "Windows olecnv32.dll Remote Code Execution Vulnerability."
- risk 0.59cvss 8.8epss 0.20
Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows a remote code execution vulnerability…
- risk 0.59cvss 8.8epss 0.19
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it handles objects in memory, aka…
- risk 0.59cvss 8.8epss 0.22
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-0260, and…
- risk 0.59cvss 8.8epss 0.22
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and…
- risk 0.59cvss 8.8epss 0.18
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and…
- risk 0.59cvss 9.0epss 0.02
Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is different from that described in…
- risk 0.59cvss 8.8epss 0.18
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
- risk 0.59cvss 8.8epss 0.19
The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability."
- risk 0.59cvss 8.8epss 0.22
Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Media Foundation Memory Corruption Vulnerability."
- risk 0.59cvss 8.8epss 0.22
Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows…
- risk 0.59cvss 8.8epss 0.18
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging a domain account to make a…
- risk 0.59cvss 8.8epss 0.18
StringBuilder in Microsoft Silverlight 5 before 5.1.50709.0 does not properly allocate memory for string-insert and string-append operations, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Silverlight Memory Corruption…
- risk 0.59cvss 8.8epss 0.21
Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via a brute-force attack on NTLM password hashes, aka "Microsoft Information…
- risk 0.59cvss 8.8epss 0.23
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
- risk 0.59cvss 8.8epss 0.23
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…
- risk 0.59cvss 8.8epss 0.19
The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine…
- risk 0.59cvss 8.8epss 0.22
The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
- risk 0.59cvss 8.8epss 0.21
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0199 and…
- risk 0.59cvss 8.8epss 0.18
The Imaging Component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka…
- risk 0.59cvss 8.8epss 0.18
The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka "Internet Explorer Security Feature Bypass."
- risk 0.59cvss 8.8epss 0.19
Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted…
- risk 0.59cvss 8.8epss 0.17
The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles free operations, which allows remote attackers to execute arbitrary code…
- risk 0.59cvss 8.8epss 0.20
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution…
- risk 0.59cvss 8.8epss 0.20
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution Vulnerability."
- risk 0.59cvss 8.8epss 0.19
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0068.
- risk 0.59cvss 8.8epss 0.18
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
- risk 0.59cvss 8.8epss 0.21
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0060,…
- risk 0.59cvss 8.8epss 0.22
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
- risk 0.59cvss 8.8epss 0.22
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than…
- risk 0.59cvss 8.8epss 0.28
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than…
- risk 0.59cvss 8.8epss 0.18
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Memory Corruption Vulnerability."
- risk 0.59cvss 8.8epss 0.28
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
- risk 0.59cvss 8.8epss 0.22
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
- risk 0.59cvss 8.8epss 0.26
The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2) directory, aka "Command…
- risk 0.59cvss 8.8epss 0.23
Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold…
- risk 0.59cvss 8.8epss 0.26
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."
- risk 0.59cvss 8.8epss 0.21
Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold,…
- risk 0.58cvss 8.8epss 0.02
Windows Remote Desktop Licensing Service Spoofing Vulnerability
- risk 0.58cvss 8.8epss 0.03
Microsoft Outlook Remote Code Execution Vulnerability
- risk 0.58cvss 8.8epss 0.07
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
- risk 0.58cvss 8.8epss 0.06
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
- risk 0.58cvss 8.8epss 0.04
Windows HMAC Key Derivation Elevation of Privilege Vulnerability
- risk 0.58cvss 8.6epss 0.22
Azure CLI REST Command Information Disclosure Vulnerability
- risk 0.58cvss 8.0epss 0.73
Microsoft Exchange Server Spoofing Vulnerability
- risk 0.58cvss 8.8epss 0.08
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
- risk 0.58cvss 8.0epss 0.75
Microsoft Exchange Server Remote Code Execution Vulnerability
- risk 0.58cvss 8.0epss 0.81
Microsoft Exchange Server Remote Code Execution Vulnerability
- risk 0.58cvss 8.8epss 0.05
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.58cvss 7.0epss 0.02
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
Page 15 of 284