Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30399 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=. | |||||
| CVE-2022-30398 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/view_order&id=. | |||||
| CVE-2022-30396 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=. | |||||
| CVE-2022-30393 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=. | |||||
| CVE-2022-30402 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=. | |||||
| CVE-2022-26782 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2022-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_set_item` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | |||||
| CVE-2022-26781 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2022-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_print` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | |||||
| CVE-2021-43234 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-23 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Fax Service Remote Code Execution Vulnerability | |||||
| CVE-2022-26780 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2022-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_init` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | |||||
| CVE-2022-25995 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2022-05-23 | 9.0 HIGH | 8.8 HIGH |
| A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2022-24525 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server | 2022-05-23 | 4.4 MEDIUM | 7.0 HIGH |
| Windows Update Stack Elevation of Privilege Vulnerability. | |||||
| CVE-2022-24508 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2022-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| Windows SMBv3 Client/Server Remote Code Execution Vulnerability. | |||||
| CVE-2022-24507 | 1 Microsoft | 6 Windows 10, Windows 11, Windows Server and 3 more | 2022-05-23 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. | |||||
| CVE-2022-24505 | 1 Microsoft | 6 Windows 10, Windows 11, Windows Server and 3 more | 2022-05-23 | 4.4 MEDIUM | 7.0 HIGH |
| Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23283, CVE-2022-23287. | |||||
| CVE-2022-23296 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-23 | 7.2 HIGH | 7.8 HIGH |
| Windows Installer Elevation of Privilege Vulnerability. | |||||
| CVE-2022-23294 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2022-05-23 | 6.5 MEDIUM | 8.8 HIGH |
| Windows Event Tracing Remote Code Execution Vulnerability. | |||||
| CVE-2022-23283 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-23 | 4.4 MEDIUM | 7.0 HIGH |
| Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23287, CVE-2022-24505. | |||||
| CVE-2022-21990 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-23 | 6.8 MEDIUM | 8.8 HIGH |
| Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23285. | |||||
| CVE-2022-21995 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2022-05-23 | 6.8 MEDIUM | 7.9 HIGH |
| Windows Hyper-V Remote Code Execution Vulnerability. | |||||
| CVE-2022-21992 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2022-05-23 | 9.3 HIGH | 7.8 HIGH |
| Windows Mobile Device Management Remote Code Execution Vulnerability. | |||||
| CVE-2022-21984 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server | 2022-05-23 | 6.0 MEDIUM | 8.8 HIGH |
| Windows DNS Server Remote Code Execution Vulnerability. | |||||
| CVE-2022-21974 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2022-05-23 | 9.3 HIGH | 7.8 HIGH |
| Roaming Security Rights Management Services Remote Code Execution Vulnerability. | |||||
| CVE-2020-1082 | 1 Microsoft | 4 Windows 10, Windows Server, Windows Server 2016 and 1 more | 2022-05-23 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1021, CVE-2020-1088. | |||||
| CVE-2019-0545 | 1 Microsoft | 11 .net Core, .net Framework, Windows 10 and 8 more | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7/4.7.1/4.7.2, .NET Core 2.1, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 2.2, Microsoft .NET Framework 4.7.2. | |||||
| CVE-2018-8554 | 1 Microsoft | 3 Windows 10, Windows Server, Windows Server 2019 | 2022-05-23 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. This CVE ID is unique from CVE-2018-8485, CVE-2018-8561. | |||||
| CVE-2018-8414 | 1 Microsoft | 2 Windows 10, Windows Server | 2022-05-23 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10. | |||||
| CVE-2018-8399 | 1 Microsoft | 2 Windows 10, Windows Server | 2022-05-23 | 6.9 MEDIUM | 7.0 HIGH |
| An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8404. | |||||
| CVE-2018-8360 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2. | |||||
| CVE-2018-8350 | 1 Microsoft | 2 Windows 10, Windows Server | 2022-05-23 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10. | |||||
| CVE-2018-8284 | 1 Microsoft | 13 .net Framework, Project Server, Sharepoint Enterprise Server and 10 more | 2022-05-23 | 9.3 HIGH | 8.1 HIGH |
| A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. | |||||
| CVE-2018-8260 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2022-05-23 | 6.8 MEDIUM | 8.8 HIGH |
| A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka ".NET Framework Remote Code Execution Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2. | |||||
| CVE-2018-8202 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2022-05-23 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. | |||||
| CVE-2018-0902 | 1 Microsoft | 3 Windows 10, Windows Server, Windows Server 2016 | 2022-05-23 | 4.6 MEDIUM | 7.8 HIGH |
| The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709. Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver validates and enforces impersonation levels, aka "Windows Security Feature Bypass Vulnerability". This CVE is unique from CVE-2018-0884. | |||||
| CVE-2018-0884 | 1 Microsoft | 3 Windows 10, Windows Server, Windows Server 2016 | 2022-05-23 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Scripting Host (WSH) in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to how objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability". This CVE is unique from CVE-2018-0902. | |||||
| CVE-2018-0883 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how file copy destinations are validated, aka "Windows Shell Remote Code Execution Vulnerability". | |||||
| CVE-2018-0882 | 1 Microsoft | 3 Windows 10, Windows Server, Windows Server 2016 | 2022-05-23 | 6.9 MEDIUM | 7.0 HIGH |
| The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0880. | |||||
| CVE-2018-0881 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-23 | 6.9 MEDIUM | 7.0 HIGH |
| The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled in memory, aka "Microsoft Video Control Elevation of Privilege Vulnerability". | |||||
| CVE-2018-0880 | 1 Microsoft | 3 Windows 10, Windows Server, Windows Server 2016 | 2022-05-23 | 6.9 MEDIUM | 7.0 HIGH |
| The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0882. | |||||
| CVE-2018-0877 | 1 Microsoft | 3 Windows 10, Windows Server, Windows Server 2016 | 2022-05-23 | 7.2 HIGH | 7.8 HIGH |
| The Desktop Bridge Virtual File System (VFS) in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how file paths are managed, aka "Windows Desktop Bridge VFS Elevation of Privilege Vulnerability". | |||||
| CVE-2018-0825 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| StructuredQuery in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how objects are handled in memory, aka "StructuredQuery Remote Code Execution Vulnerability". | |||||
| CVE-2017-11873 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, and CVE-2017-11871. | |||||
| CVE-2017-11871 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, and CVE-2017-11873. | |||||
| CVE-2017-11870 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11871, and CVE-2017-11873. | |||||
| CVE-2017-11869 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how Microsoft browsers handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11862, CVE-2017-11866, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | |||||
| CVE-2017-11862 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11861, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | |||||
| CVE-2017-11861 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11840, CVE-2017-11841, CVE-2017-11843, CVE-2017-11846, CVE-2017-11858, CVE-2017-11859, CVE-2017-11862, CVE-2017-11866, CVE-2017-11869, CVE-2017-11870, CVE-2017-11871, and CVE-2017-11873. | |||||
| CVE-2017-11856 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2022-05-23 | 7.6 HIGH | 7.5 HIGH |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11855. | |||||
| CVE-2017-11827 | 1 Microsoft | 10 Edge, Internet Explorer, Windows 10 and 7 more | 2022-05-23 | 9.3 HIGH | 7.5 HIGH |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability". | |||||
| CVE-2017-11788 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| Windows Search in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows server, version 1709 allows an unauthenticated attacker to remotely send specially crafted messages that could cause a denial of service against the system due to improperly handing objects in memory, aka "Windows Search Denial of Service Vulnerability". | |||||
| CVE-2022-26002 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2022-05-23 | 6.5 MEDIUM | 7.2 HIGH |
| A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of malicious packets to trigger this vulnerability. | |||||