VYPR

Vendor CVEs

Microsoft

All CVEs

14,319 total · sorted by risk
  • CVE-2019-0933HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914,…

  • CVE-2019-0927HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914,…

  • CVE-2019-0925HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914,…

  • CVE-2019-0924HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914,…

  • CVE-2019-0923HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914,…

  • CVE-2019-0922HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914,…

  • CVE-2019-0917HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914,…

  • CVE-2019-0916HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914,…

  • CVE-2019-0915HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914,…

  • CVE-2019-0914HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0915,…

  • CVE-2019-0913HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0914, CVE-2019-0915,…

  • CVE-2019-0912HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0913, CVE-2019-0914, CVE-2019-0915,…

  • CVE-2019-0911HigMay 16, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0884, CVE-2019-0918.

  • CVE-2019-0829HigApr 9, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0812,…

  • CVE-2019-0806HigApr 9, 2019
    risk 0.42cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0810, CVE-2019-0812, CVE-2019-0829,…

  • CVE-2019-0757MedApr 9, 2019
    risk 0.42cvss 6.5epss 0.03

    A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.

  • CVE-2018-8592MedNov 14, 2018
    risk 0.42cvss 6.4epss 0.01

    An elevation of privilege vulnerability exists in Windows 10 version 1809 when installed from physical media (USB, DVD, etc, aka "Windows Elevation Of Privilege Vulnerability." This affects Windows 10, Windows Server 2019.

  • CVE-2018-0785MedJan 10, 2018
    risk 0.42cvss 6.5epss 0.03

    ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Cross Site Request Forgery Vulnerability".

  • CVE-2018-0780MedJan 4, 2018
    risk 0.42cvss 5.3epss 0.59

    Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure…

  • CVE-2017-11916HigDec 12, 2017
    risk 0.42cvss 7.5epss 0.06

    ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889,…

  • CVE-2017-11910HigDec 12, 2017
    risk 0.42cvss 7.5epss 0.09

    ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".…

  • CVE-2017-11908HigDec 12, 2017
    risk 0.42cvss 7.5epss 0.09

    ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886,…

  • CVE-2017-11905HigDec 12, 2017
    risk 0.42cvss 7.5epss 0.09

    ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption…

  • CVE-2017-11889HigDec 12, 2017
    risk 0.42cvss 7.5epss 0.09

    ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption…

  • CVE-2017-11871HigNov 15, 2017
    risk 0.42cvss 7.5epss 0.08

    ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This…

  • CVE-2017-11862HigNov 15, 2017
    risk 0.42cvss 7.5epss 0.08

    ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID…

  • CVE-2017-11821HigOct 13, 2017
    risk 0.42cvss 7.5epss 0.09

    ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique…

  • CVE-2017-11807HigOct 13, 2017
    risk 0.42cvss 7.5epss 0.09

    ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique…

  • CVE-2017-11806HigOct 13, 2017
    risk 0.42cvss 7.5epss 0.09

    ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique…

  • CVE-2017-11805HigOct 13, 2017
    risk 0.42cvss 7.5epss 0.09

    ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique…

  • CVE-2017-11801HigOct 13, 2017
    risk 0.42cvss 7.5epss 0.06

    ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11792,…

  • CVE-2017-11797HigOct 13, 2017
    risk 0.42cvss 7.5epss 0.06

    ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11792,…

  • CVE-2017-11796HigOct 13, 2017
    risk 0.42cvss 7.5epss 0.09

    ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from…

  • CVE-2017-11792HigOct 13, 2017
    risk 0.42cvss 7.5epss 0.09

    ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique…

  • CVE-2017-0174MedAug 8, 2017
    risk 0.42cvss 6.5epss 0.03

    Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it improperly handles NetBIOS packets, aka…

  • CVE-2016-3371MedSep 14, 2016
    risk 0.42cvss 5.5epss 0.40

    The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain sensitive…

  • CVE-2016-0162MedKEVApr 12, 2016
    risk 0.42cvss 4.3epss 0.22

    Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."

  • CVE-2026-46416MedMay 27, 2026
    risk 0.41cvss 6.3epss 0.00

    Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO creates one shared UFOWebSocketHandler instance and reuses it for multiple authenticated WebSocket connections. The handler stores per-connection…

  • CVE-2026-45539HigMay 15, 2026
    risk 0.41cvss 7.4epss 0.01

    Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files with bare Path.glob() / Path.rglob() calls and read each match with Path.read_text(), transparently following…

  • CVE-2026-41610MedMay 12, 2026
    risk 0.41cvss 6.3epss 0.01

    Improper neutralization of input during web page generation ('cross-site scripting') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

  • CVE-2025-60723MedNov 11, 2025
    risk 0.41cvss 6.3epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to deny service over a network.

  • CVE-2025-60711MedOct 31, 2025
    risk 0.41cvss 6.3epss 0.00

    Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

  • CVE-2025-48813MedOct 14, 2025
    risk 0.41cvss 6.3epss 0.00

    Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally.

  • CVE-2025-47963MedJul 11, 2025
    risk 0.41cvss 6.3epss 0.01

    No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-21393MedJan 14, 2025
    risk 0.41cvss 6.3epss 0.01

    Microsoft SharePoint Server Spoofing Vulnerability

  • CVE-2024-38207MedAug 23, 2024
    risk 0.41cvss 6.3epss 0.00

    Microsoft Edge (HTML-based) Memory Corruption Vulnerability

  • CVE-2024-30045MedMay 14, 2024
    risk 0.41cvss 6.3epss 0.01

    .NET and Visual Studio Remote Code Execution Vulnerability

  • CVE-2024-28898MedApr 9, 2024
    risk 0.41cvss 6.3epss 0.01

    Secure Boot Security Feature Bypass Vulnerability

  • CVE-2024-20675MedJan 11, 2024
    risk 0.41cvss 6.3epss 0.00

    Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

  • CVE-2023-36869MedAug 8, 2023
    risk 0.41cvss 6.3epss 0.01

    Azure DevOps Server Spoofing Vulnerability

Page 158 of 287