Filtered by vendor Microsoft
Subscribe
Search
Total
16927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-0810 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Server 2012 | 2020-08-24 | 1.9 LOW | 4.7 MEDIUM |
| The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0757. | |||||
| CVE-2018-0812 | 1 Microsoft | 3 Office, Office Compatibility Pack, Word | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption Vulnerability". | |||||
| CVE-2019-1316 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Microsoft Windows Setup when it does not properly handle privileges, aka 'Microsoft Windows Setup Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-1315 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342. | |||||
| CVE-2019-1314 | 1 Microsoft | 1 Windows 10 Mobile | 2020-08-24 | 4.6 MEDIUM | 6.8 MEDIUM |
| A security feature bypass vulnerability exists in Windows 10 Mobile when Cortana allows a user to access files and folders through the locked screen, aka 'Windows 10 Mobile Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-1313 | 1 Microsoft | 1 Sql Server Management Studio | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1376. | |||||
| CVE-2019-1311 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory, aka 'Windows Imaging API Remote Code Execution Vulnerability'. | |||||
| CVE-2019-1308 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1335, CVE-2019-1366. | |||||
| CVE-2019-1307 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1308, CVE-2019-1335, CVE-2019-1366. | |||||
| CVE-2019-1303 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1253, CVE-2019-1278. | |||||
| CVE-2019-1301 | 1 Microsoft | 2 .net Core, Powershell Core | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'. | |||||
| CVE-2019-1300 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1298. | |||||
| CVE-2019-1299 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2019 | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'. | |||||
| CVE-2018-0832 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2020-08-24 | 1.9 LOW | 4.7 MEDIUM |
| The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0829 and CVE-2018-0830. | |||||
| CVE-2019-1297 | 1 Microsoft | 3 Excel, Office, Office 365 Proplus | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | |||||
| CVE-2018-0834 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2020-08-24 | 9.3 HIGH | 7.5 HIGH |
| Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2018-0835 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2018-0836 | 1 Microsoft | 3 Chakracore, Edge, Windows 10 | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2018-0837 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2018-0838 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2019-1298 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237, CVE-2019-1300. | |||||
| CVE-2018-0840 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2020-08-24 | 9.3 HIGH | 7.5 HIGH |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2019-1294 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 2.1 LOW | 4.6 MEDIUM |
| A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-1292 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 6.8 MEDIUM | 4.9 MEDIUM |
| A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. | |||||
| CVE-2019-1291 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-0788, CVE-2019-1290. | |||||
| CVE-2019-1290 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-0788, CVE-2019-1291. | |||||
| CVE-2019-1289 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 3.6 LOW | 5.5 MEDIUM |
| An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions, aka 'Windows Update Delivery Optimization Elevation of Privilege Vulnerability'. | |||||
| CVE-2018-0845 | 1 Microsoft | 3 Office, Office Compatibility Pack, Word | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. | |||||
| CVE-2019-1287 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way that the Windows Network Connectivity Assistant handles objects in memory, aka 'Windows Network Connectivity Assistant Elevation of Privilege Vulnerability'. | |||||
| CVE-2018-0847 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Information Disclosure Vulnerability". | |||||
| CVE-2018-0848 | 1 Microsoft | 3 Office, Office Compatibility Pack, Word | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. | |||||
| CVE-2018-0849 | 1 Microsoft | 3 Office, Office Compatibility Pack, Word | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. | |||||
| CVE-2019-1285 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1256. | |||||
| CVE-2018-0851 | 1 Microsoft | 3 Office, Office Word Viewer, Outlook | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Office handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0852. | |||||
| CVE-2018-0852 | 1 Microsoft | 2 Office, Outlook | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Outlook handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0851. | |||||
| CVE-2018-0853 | 1 Microsoft | 1 Office | 2020-08-24 | 4.3 MEDIUM | 3.3 LOW |
| Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow an information disclosure vulnerability, due to how Office initializes the affected variable, aka "Microsoft Office Information Disclosure Vulnerability". | |||||
| CVE-2018-0856 | 1 Microsoft | 3 Chakracore, Edge, Windows 10 | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2018-0857 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2018-0858 | 1 Microsoft | 1 Chakracore | 2020-08-24 | 9.3 HIGH | 7.5 HIGH |
| ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2018-0859 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2018-0860 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0861, and CVE-2018-0866. | |||||
| CVE-2018-0861 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2020-08-24 | 9.3 HIGH | 7.5 HIGH |
| Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0866. | |||||
| CVE-2018-0862 | 1 Microsoft | 3 Office, Office Compatibility Pack, Word | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. | |||||
| CVE-2019-1284 | 1 Microsoft | 2 Windows 7, Windows Server 2008 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. | |||||
| CVE-2018-0866 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2020-08-24 | 9.3 HIGH | 7.5 HIGH |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0861. | |||||
| CVE-2018-0872 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | |||||
| CVE-2018-0873 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | |||||
| CVE-2018-0874 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | |||||
| CVE-2018-0876 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935. | |||||
| CVE-2019-1280 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'. | |||||