Vulnerabilities (CVE)

Vendor filter

Microsoft Subscribe

Filter

6877 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1181 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-10-10 10.0
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop...
CVE-2019-1000 1 Microsoft 1 Azure Active Directory Connect 2019-10-10 3.5
An elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect build 1.3.20.0, which allows an attacker to execute two PowerShell cmdlets in context of a privileged account, and perform privileged actions.To exploit...
CVE-2015-4000 12 Google, Openssl, Apple and 9 more 25 Safari, Network Security Services, Ie and 22 more 2019-10-09 4.3
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a...
CVE-2014-6321 1 Microsoft 9 Windows Rt 8.1, Windows 8, Windows Server 2008 and 6 more 2019-10-09 10.0
Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary...
CVE-2014-2608 3 Hp, Microsoft, Linux 3 Linux Kernel, Smart Update Manager, Windows 2019-10-09 2.1
Unspecified vulnerability in HP Smart Update Manager 6.x before 6.4.1 on Windows, and 6.2.x through 6.4.x before 6.4.1 on Linux, allows local users to obtain sensitive information, and consequently gain privileges, via unknown vectors.
CVE-2008-3473 1 Microsoft 1 Internet Explorer 2019-10-09 9.3
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive...
CVE-2008-2252 1 Microsoft 5 Windows Server 2008, Windows 2000, Windows Xp and 2 more 2019-10-09 7.2
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a...
CVE-2007-3897 1 Microsoft 2 Outlook Express, Windows Mail 2019-10-09 9.3
Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
CVE-2005-4827 2 Microsoft, Canon 2 Network Camera Server Vb101, Ie 2019-10-09 7.5
Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab,...
CVE-2017-8543 1 Microsoft 7 Windows Rt 8.1, Windows 7, Windows Server 2012 and 4 more 2019-10-03 10.0
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703,...
CVE-2017-8562 1 Microsoft 5 Windows 10, Windows Server 2012, Windows 8.1 and 2 more 2019-10-03 6.9
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows improperly handling calls to Advanced Local...
CVE-2018-1032 1 Microsoft 1 Sharepoint Enterprise Server 2019-10-03 3.5
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This...
CVE-2018-8276 1 Microsoft 1 Edge 2019-10-03 4.3
A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed, aka "Scripting Engine Security Feature Bypass Vulnerability." This affects Microsoft Edge, ChakraCore.
CVE-2018-8219 1 Microsoft 2 Windows 10, Windows Server 2016 2019-10-03 4.6
An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows...
CVE-2017-8573 1 Microsoft 7 Windows 10, Windows Server 2012, Windows 8.1 and 4 more 2019-10-03 6.9
Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability...
CVE-2017-11829 1 Microsoft 2 Windows 10, Windows Server 2016 2019-10-03 2.1
Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions.
CVE-2017-11936 1 Microsoft 1 Sharepoint Enterprise Server 2019-10-03 6.5
Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
CVE-2018-0850 1 Microsoft 2 Office, Outlook 2019-10-03 4.3
Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka...
CVE-2017-11762 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2019-10-03 6.8
The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code...
CVE-2017-8580 1 Microsoft 7 Windows Rt 8.1, Windows Server 2016, Windows 8.1 and 4 more 2019-10-03 6.2
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability...