Lucene search

K

R2 Security Vulnerabilities

cve
cve

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass...

7.5CVSS

7.8AI Score

0.002EPSS

2019-07-15 07:15 PM
208
cve
cve

CVE-2019-6580

A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). ...

9.8CVSS

8.8AI Score

0.002EPSS

2019-06-12 02:29 PM
45
cve
cve

CVE-2019-6581

A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). ...

8.8CVSS

8.1AI Score

0.001EPSS

2019-06-12 02:29 PM
46
cve
cve

CVE-2019-6582

A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). ...

7.1CVSS

6.5AI Score

0.001EPSS

2019-06-12 02:29 PM
57
cve
cve

CVE-2019-0981

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820,...

7.5CVSS

7.3AI Score

0.002EPSS

2019-05-16 07:29 PM
130
cve
cve

CVE-2019-0980

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820,...

7.5CVSS

7.3AI Score

0.002EPSS

2019-05-16 07:29 PM
145
cve
cve

CVE-2019-0864

A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service...

5.5CVSS

6AI Score

0.0004EPSS

2019-05-16 07:29 PM
91
cve
cve

CVE-2019-0820

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980,...

7.5CVSS

7.2AI Score

0.002EPSS

2019-05-16 07:29 PM
154
cve
cve

CVE-2019-0583

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

8AI Score

0.017EPSS

2019-01-08 09:29 PM
114
cve
cve

CVE-2019-0584

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

8AI Score

0.017EPSS

2019-01-08 09:29 PM
152
cve
cve

CVE-2019-0582

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

8AI Score

0.017EPSS

2019-01-08 09:29 PM
111
cve
cve

CVE-2019-0581

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

8AI Score

0.017EPSS

2019-01-08 09:29 PM
102
cve
cve

CVE-2019-0579

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

8AI Score

0.017EPSS

2019-01-08 09:29 PM
109
cve
cve

CVE-2019-0570

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka "Windows Runtime Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows 8.1,....

7.8CVSS

7.5AI Score

0.002EPSS

2019-01-08 09:29 PM
129
cve
cve

CVE-2019-0577

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

8AI Score

0.017EPSS

2019-01-08 09:29 PM
104
cve
cve

CVE-2019-0569

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012,...

5.5CVSS

5.6AI Score

0.001EPSS

2019-01-08 09:29 PM
114
cve
cve

CVE-2019-0576

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

8AI Score

0.017EPSS

2019-01-08 09:29 PM
102
cve
cve

CVE-2019-0575

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

8AI Score

0.017EPSS

2019-01-08 09:29 PM
105
cve
cve

CVE-2019-0580

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

8AI Score

0.017EPSS

2019-01-08 09:29 PM
107
cve
cve

CVE-2019-0552

An elevation of privilege exists in Windows COM Desktop Broker, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10...

8.8CVSS

7.6AI Score

0.001EPSS

2019-01-08 09:29 PM
114
cve
cve

CVE-2019-0549

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012,...

5.5CVSS

5.6AI Score

0.001EPSS

2019-01-08 09:29 PM
103
cve
cve

CVE-2019-0554

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012,...

5.5CVSS

5.6AI Score

0.001EPSS

2019-01-08 09:29 PM
99
cve
cve

CVE-2019-0536

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012,...

5.5CVSS

5.6AI Score

0.001EPSS

2019-01-08 09:29 PM
102
cve
cve

CVE-2018-8626

A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests, aka "Windows DNS Server Heap Overflow Vulnerability." This affects Windows Server 2012 R2, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10...

9.8CVSS

9.5AI Score

0.033EPSS

2018-12-12 12:29 AM
120
cve
cve

CVE-2018-8622

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows...

5.5CVSS

6.5AI Score

0.001EPSS

2018-12-12 12:29 AM
50
cve
cve

CVE-2018-8621

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8477,...

5.5CVSS

6.5AI Score

0.001EPSS

2018-12-12 12:29 AM
43
cve
cve

CVE-2018-8641

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,...

7.8CVSS

8.5AI Score

0.001EPSS

2018-12-12 12:29 AM
138
In Wild
cve
cve

CVE-2018-8639

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

8.5AI Score

0.001EPSS

2018-12-12 12:29 AM
111
In Wild
cve
cve

CVE-2018-8611

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server...

7.8CVSS

8.4AI Score

0.001EPSS

2018-12-12 12:29 AM
922
In Wild
4
cve
cve

CVE-2018-8596

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

6.5CVSS

7.1AI Score

0.053EPSS

2018-12-12 12:29 AM
91
cve
cve

CVE-2018-8595

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

6.5CVSS

7.1AI Score

0.053EPSS

2018-12-12 12:29 AM
88
cve
cve

CVE-2018-8514

An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory, aka "Remote Procedure Call runtime Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server.....

5.5CVSS

6.6AI Score

0.001EPSS

2018-12-12 12:29 AM
91
cve
cve

CVE-2018-8477

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012,...

5.5CVSS

6.5AI Score

0.001EPSS

2018-12-12 12:29 AM
83
cve
cve

CVE-2018-8589

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008...

7.8CVSS

8AI Score

0.001EPSS

2018-11-14 01:29 AM
880
In Wild
cve
cve

CVE-2018-8563

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2008...

5.5CVSS

6.7AI Score

0.001EPSS

2018-11-14 01:29 AM
59
cve
cve

CVE-2018-8565

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka "Win32k Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server.....

5.5CVSS

6.4AI Score

0.011EPSS

2018-11-14 01:29 AM
101
cve
cve

CVE-2018-8553

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,...

7.8CVSS

7.7AI Score

0.235EPSS

2018-11-14 01:29 AM
85
cve
cve

CVE-2018-8561

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows....

7.8CVSS

6.5AI Score

0.001EPSS

2018-11-14 01:29 AM
100
cve
cve

CVE-2018-8562

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

7.8CVSS

7.2AI Score

0.001EPSS

2018-11-14 01:29 AM
103
cve
cve

CVE-2018-8547

A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Active Directory Federation Services XSS Vulnerability." This.....

5.4CVSS

6.5AI Score

0.001EPSS

2018-11-14 01:29 AM
91
cve
cve

CVE-2018-8544

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server...

8.8CVSS

7.7AI Score

0.947EPSS

2018-11-14 01:29 AM
127
cve
cve

CVE-2018-8256

A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012,....

8.8CVSS

7.7AI Score

0.184EPSS

2018-11-14 01:29 AM
125
cve
cve

CVE-2018-8415

A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server...

7.8CVSS

7.2AI Score

0.001EPSS

2018-11-14 01:29 AM
101
cve
cve

CVE-2018-8408

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows....

5.5CVSS

6.5AI Score

0.001EPSS

2018-11-14 01:29 AM
98
cve
cve

CVE-2018-8485

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows....

7.8CVSS

6.5AI Score

0.001EPSS

2018-11-14 01:29 AM
98
cve
cve

CVE-2018-8450

A remote code execution vulnerability exists when Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows.....

8.8CVSS

7.7AI Score

0.101EPSS

2018-11-14 01:29 AM
97
cve
cve

CVE-2018-8476

A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows.....

9.8CVSS

7.7AI Score

0.375EPSS

2018-11-14 01:29 AM
111
cve
cve

CVE-2018-8407

An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider" driver improperly initializes objects in memory, aka "MSRPC Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,...

5.5CVSS

6.7AI Score

0.001EPSS

2018-11-14 01:29 AM
120
cve
cve

CVE-2018-8493

An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10...

7.5CVSS

6.8AI Score

0.028EPSS

2018-10-10 01:29 PM
81
cve
cve

CVE-2018-8494

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012,...

8.8CVSS

7.8AI Score

0.248EPSS

2018-10-10 01:29 PM
96
Total number of security vulnerabilities1894