VYPR

Vendor CVEs

Microsoft

All CVEs

14,293 total · sorted by risk
  • CVE-2019-0790HigApr 9, 2019
    risk 0.58cvss 8.8epss 0.16

    A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0791, CVE-2019-0792, CVE-2019-0793, CVE-2019-0795.

  • CVE-2019-0772HigApr 9, 2019
    risk 0.58cvss 8.8epss 0.13

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0667.

  • CVE-2019-0765HigApr 9, 2019
    risk 0.58cvss 8.8epss 0.14

    A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory, aka 'Comctl32 Remote Code Execution Vulnerability'.

  • CVE-2019-0756HigApr 9, 2019
    risk 0.58cvss 8.8epss 0.13

    A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'.

  • CVE-2019-0724HigMar 5, 2019
    risk 0.58cvss 8.1epss 0.24

    An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686.

  • CVE-2019-0668HigMar 5, 2019
    risk 0.58cvss 8.8epss 0.04

    An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

  • CVE-2019-0662HigMar 5, 2019
    risk 0.58cvss 8.8epss 0.15

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0618.

  • CVE-2019-0633HigMar 5, 2019
    risk 0.58cvss 8.8epss 0.13

    A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630.

  • CVE-2019-0613HigMar 5, 2019
    risk 0.58cvss 8.8epss 0.15

    A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET…

  • CVE-2019-0594HigMar 5, 2019
    risk 0.58cvss 8.8epss 0.12

    A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0604.

  • CVE-2018-8635HigDec 12, 2018
    risk 0.58cvss 8.8epss 0.06

    An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka "Microsoft SharePoint Server Elevation of Privilege Vulnerability." This affects Microsoft…

  • CVE-2018-8634HigDec 12, 2018
    risk 0.58cvss 8.8epss 0.15

    A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory, aka "Microsoft Text-To-Speech Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows…

  • CVE-2018-8609HigNov 14, 2018
    risk 0.58cvss 8.8epss 0.09

    A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability." This…

  • CVE-2018-8450HigNov 14, 2018
    risk 0.58cvss 8.8epss 0.16

    A remote code execution vulnerability exists when Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows…

  • CVE-2018-8531HigOct 10, 2018
    risk 0.58cvss 8.8epss 0.15

    A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory, aka "Azure IoT Device Client SDK Memory Corruption Vulnerability." This affects Hub Device Client SDK, Azure IoT Edge.

  • CVE-2018-8500CriOct 10, 2018
    risk 0.58cvss 9.8epss 0.18

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore.

  • CVE-2018-8475HigSep 13, 2018
    risk 0.58cvss 8.8epss 0.15

    A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows…

  • CVE-2018-8300HigJul 11, 2018
    risk 0.58cvss 8.8epss 0.13

    A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka "Microsoft SharePoint Remote Code Execution Vulnerability." This affects Microsoft SharePoint.

  • CVE-2018-8260HigJul 11, 2018
    risk 0.58cvss 8.8epss 0.15

    A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka ".NET Framework Remote Code Execution Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2.

  • CVE-2018-8126HigMay 9, 2018
    risk 0.58cvss 8.8epss 0.05

    A security feature bypass vulnerability exists when Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11.

  • CVE-2018-0947HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique…

  • CVE-2018-0944HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from…

  • CVE-2018-0923HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910.…

  • CVE-2018-0921HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910.…

  • CVE-2018-0917HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910.…

  • CVE-2018-0916HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from…

  • CVE-2018-0915HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from…

  • CVE-2018-0914HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from…

  • CVE-2018-0913HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from…

  • CVE-2018-0912HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from…

  • CVE-2018-0911HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from…

  • CVE-2018-0910HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from…

  • CVE-2018-0909HigMar 14, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from…

  • CVE-2018-0790HigJan 10, 2018
    risk 0.58cvss 8.8epss 0.05

    Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique…

  • CVE-2018-0789HigJan 10, 2018
    risk 0.58cvss 8.8epss 0.06

    Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique…

  • CVE-2018-0784HigJan 10, 2018
    risk 0.58cvss 8.8epss 0.07

    ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0808.

  • CVE-2018-0777HigJan 4, 2018
    risk 0.58cvss 7.5epss 0.78

    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".…

  • CVE-2018-0776HigJan 4, 2018
    risk 0.58cvss 7.5epss 0.78

    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".…

  • CVE-2018-0770HigJan 4, 2018
    risk 0.58cvss 7.5epss 0.78

    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".…

  • CVE-2018-0769HigJan 4, 2018
    risk 0.58cvss 7.5epss 0.79

    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".…

  • CVE-2018-0758HigJan 4, 2018
    risk 0.58cvss 7.5epss 0.81

    Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".…

  • CVE-2017-11936HigDec 12, 2017
    risk 0.58cvss 8.8epss 0.04

    Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".

  • CVE-2017-11879HigNov 15, 2017
    risk 0.58cvss 8.8epss 0.09

    ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".

  • CVE-2017-11854HigNov 15, 2017
    risk 0.58cvss 8.8epss 0.08

    Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects…

  • CVE-2017-11786HigOct 13, 2017
    risk 0.58cvss 8.8epss 0.09

    Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to steal an authentication hash that can be reused elsewhere, due to how Skype for Business handles authentication requests, aka "Skype for Business Elevation of Privilege Vulnerability."

  • CVE-2017-8740HigSep 13, 2017
    risk 0.58cvss 7.5epss 0.72

    Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is…

  • CVE-2017-8729HigSep 13, 2017
    risk 0.58cvss 7.5epss 0.72

    Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is…

  • CVE-2017-8660HigSep 13, 2017
    risk 0.58cvss 8.8epss 0.10

    Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka…

  • CVE-2017-8658CriAug 11, 2017
    risk 0.58cvss 9.8epss 0.20

    A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".

  • CVE-2017-8664HigAug 8, 2017
    risk 0.58cvss 8.8epss 0.04

    Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from a privileged user on a guest operating…

Page 21 of 286