Lucene search
K

26 matches found

CNVD
CNVD
added 2020/10/23 12:0 a.m.5 views

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2020-68841)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A remote code execution vulnerability exists in Microsoft Excel. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in a networked system or product. An...

8.8CVSS8.1AI score0.03665EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/10 12:0 a.m.4 views

Microsoft SharePoint Authorization Issues Vulnerability

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. An authorization issu...

8.9CVSS6.7AI score0.02174EPSS
Exploits1References1
CNVD
CNVD
added 2020/09/09 12:0 a.m.2 views

Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2020-63727)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A security...

8.8CVSS6.9AI score0.03703EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/08/11 12:0 a.m.5 views

PT-2020-3703 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge HTML-based affected versions not specified Description: A remote code execution issue exists due to the way the scripting engine handles objects in memory. This could allow an attacker to corrupt memory and execute arbitrary co...

9.3CVSS8.5AI score0.0451EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2020/02/11 12:0 a.m.7 views

PT-2020-1617 · Microsoft · Chakracore +1

Name of the Vulnerable Software and Affected Versions: Microsoft Edge ChakraCore affected versions not specified Description: The issue is related to errors in handling objects in memory by the ChakraCore scripting engine. This could allow a remote attacker to execute arbitrary code, potentially...

7.6CVSS7.6AI score0.17597EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2020/02/11 12:0 a.m.6 views

PT-2020-1692 · Microsoft · Chakracore +1

Name of the Vulnerable Software and Affected Versions: Microsoft Edge ChakraCore affected versions not specified Description: The issue is related to errors in handling objects in memory by the ChakraCore scripting engine. This could allow a remote attacker to execute arbitrary code in the contex...

7.6CVSS7.7AI score0.10124EPSS
Exploits0References10
OSV
OSV
added 2019/06/12 2:29 p.m.5 views

CVE-2019-1043

A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability coul...

6.4CVSS7.7AI score0.03029EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2018/11/12 12:0 a.m.4 views

VulnCheck KEV: CVE-2017-11869

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current...

7.6CVSS7.1AI score0.09825EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2018/08/14 7:0 a.m.26 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploit...

7.6CVSS7.1AI score0.24766EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2018/08/14 12:0 a.m.4 views

PT-2018-1466 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Microsoft Windows affected versions not specified Description: The issue is caused by a buffer overflow in the JavaScript handler of Internet Explorer, allowing a remote attacker to execute...

10CVSS8.8AI score0.14443EPSS
Exploits0References14
BDU FSTEC
BDU FSTEC
added 2018/01/18 12:0 a.m.4 views

Vulnerability of the JavaScript ChakraCore kernel, Internet Explorer and Microsoft Edge browsers, caused by operations beyond the buffer in memory, allowing attackers to gain control of the current user’s rights

The vulnerability in the JavaScript ChakraCore engine, as well as in browsers Internet Explorer and Microsoft Edge, arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to gain privileges of the current user...

7.6CVSS5.8AI score0.08474EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2017/12/12 9:29 p.m.3 views

CVE-2017-11901

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how Internet Explorer...

7.5CVSS5.8AI score0.07912EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2017/12/12 9:29 p.m.3 views

CVE-2017-11918

ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is...

7.6CVSS5.5AI score0.68491EPSS
Exploits28References5
OSV
OSV
added 2017/11/15 3:29 a.m.2 views

CVE-2017-11856

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current...

7.5CVSS5.8AI score0.05634EPSS
Exploits0References2
OSV
OSV
added 2017/11/15 3:29 a.m.3 views

CVE-2017-11861

Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID i...

7.5CVSS5.8AI score0.64194EPSS
Exploits3References4
OSV
OSV
added 2017/11/15 3:29 a.m.3 views

CVE-2017-11862

ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

7.5CVSS5.8AI score0.07912EPSS
Exploits0References3
OSV
OSV
added 2017/11/15 3:29 a.m.2 views

CVE-2017-11869

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current...

7.5CVSS5.8AI score0.09825EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2017/11/15 3:29 a.m.5 views

CVE-2017-11861

Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID i...

7.6CVSS5.5AI score0.69802EPSS
Exploits19References5
OSV
OSV
added 2017/11/15 3:29 a.m.3 views

CVE-2017-11843

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an...

7.5CVSS5.8AI score0.08474EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2017/11/15 3:29 a.m.1 views

CVE-2017-11838

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an...

7.6CVSS5.5AI score0.69802EPSS
Exploits19References5
Rows per page
Query Builder