Total
2876 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-8315 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2024-11-21 | 4.0 MEDIUM | 4.2 MEDIUM |
An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. | |||||
CVE-2018-8314 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2024-11-21 | 4.3 MEDIUM | 4.7 MEDIUM |
An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2, Windows 10. This CVE ID is unique from CVE-2018-8313. | |||||
CVE-2018-8313 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8314. | |||||
CVE-2018-8309 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
CVE-2018-8308 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 8.5 HIGH | 6.6 MEDIUM |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
CVE-2018-8307 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 6.8 MEDIUM | 5.3 MEDIUM |
A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects, aka "WordPad Security Feature Bypass Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
CVE-2018-8305 | 1 Microsoft | 4 Windows 8.1, Windows Calendar, Windows Mail and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
An information disclosure vulnerability exists in Windows Mail Client when a message is opened, aka "Windows Mail Client Information Disclosure Vulnerability." This affects Mail, Calendar, and People in Windows 8.1 App Store. | |||||
CVE-2018-8304 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 7.1 HIGH | 5.9 MEDIUM |
A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
CVE-2018-8296 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8298. | |||||
CVE-2018-8291 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298. | |||||
CVE-2018-8288 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298. | |||||
CVE-2018-8287 | 1 Microsoft | 10 Chakracore, Edge, Internet Explorer and 7 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298. | |||||
CVE-2018-8284 | 1 Microsoft | 13 .net Framework, Project Server, Sharepoint Enterprise Server and 10 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. | |||||
CVE-2018-8282 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
CVE-2018-8271 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory, aka "Windows Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
CVE-2018-8267 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8243. | |||||
CVE-2018-8260 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka ".NET Framework Remote Code Execution Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2. | |||||
CVE-2018-8256 | 1 Microsoft | 10 Microsoft.powershell.archive, Powershell Core, Windows 10 and 7 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1. | |||||
CVE-2018-8251 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
CVE-2018-8249 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows 8.1 and 3 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0978. |