Vulnerabilities (CVE)

Vendor filter

Microsoft Subscribe

Filter

6191 total CVE
CVE Vendors Products Updated CVSS
CVE-2015-4000 12 Google, Openssl, Apple and 9 more 25 Safari, Network Security Services, Ie and 22 more 2019-02-12 4.3
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a...
CVE-2018-8599 1 Microsoft 5 Visual Studio, Visual Studio 2017, Windows 10 and 2 more 2019-02-06 4.6
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability." This...
CVE-2018-8529 1 Microsoft 1 Team Server 2019-01-31 7.5
A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This...
CVE-2018-17612 2 Microsoft, Sennheiser 10 Server, Headsetup, Windows 10 and 7 more 2019-01-31 5.0
Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) certificates into the Trusted Root CA store of the local system, and publishes the private key in the SennComCCKey.pem file within the public software distribution, which allows...
CVE-2019-0562 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2019-01-30 3.5
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This...
CVE-2019-0622 1 Microsoft 1 Skype 2019-01-28 2.1
An elevation of privilege vulnerability exists when Skype for Andriod fails to properly handle specific authentication requests, aka "Skype for Android Elevation of Privilege Vulnerability." This affects Skype 8.35.
CVE-2019-0570 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2019-01-22 4.6
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka "Windows Runtime Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,...
CVE-2019-0624 1 Microsoft 1 Skype For Business 2019-01-22 3.5
A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype.
CVE-2019-0646 1 Microsoft 1 Team Foundation Server 2019-01-22 3.5
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team.
CVE-2019-0647 1 Microsoft 1 Team Foundation Server 2019-01-19 4.0
An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka "Team Foundation Server Information Disclosure Vulnerability." This affects Team.
CVE-2019-0568 1 Microsoft 2 Chakracore, Edge 2019-01-19 7.6
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE...
CVE-2019-0567 1 Microsoft 2 Chakracore, Edge 2019-01-19 7.6
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE...
CVE-2019-0539 1 Microsoft 2 Chakracore, Edge 2019-01-19 7.6
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE...
CVE-2018-8617 1 Microsoft 2 Chakracore, Edge 2019-01-19 7.6
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE...
CVE-2019-0555 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2019-01-17 4.4
An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects...
CVE-2019-0575 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-01-16 9.3
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1,...
CVE-2019-0576 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-01-16 9.3
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1,...
CVE-2019-0577 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-01-16 9.3
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1,...
CVE-2019-0578 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-01-16 9.3
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1,...
CVE-2019-0579 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-01-16 9.3
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1,...