Microsoft Edge Buffer Overflow Vulnerability (CNVD-2019-27396)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A buffer overflow vulnerability exists in the way the Chakra scripting engine in Microsoft Edge handles in-memory objects. The vulnerability originates when a web system or product perfor...

CVE-2019-0891

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-089...

CVE-2019-0585

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint,...

CVE-2019-0536

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012,...

CVE-2018-8333

An Elevation of Privilege vulnerability exists in Filter Manager when it improperly handles objects in memory, aka "Microsoft Filter Manager Elevation Of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2018-09644)

Microsoft Excel is a trial balance software component of Microsoft's Office software. A security vulnerability in the way Microsoft Excel handles in-memory objects allows remote attackers to exploit the vulnerability by submitting a special file and tricking the user into parsing it, which could...

Microsoft Office Remote Code Execution Vulnerability (CNVD-2018-09645)

Microsoft Excel is a trial balance software component of Microsoft's Office software. A security vulnerability in the way Microsoft Excel handles in-memory objects allows remote attackers to exploit the vulnerability by submitting a special file and tricking the user into parsing it, which could...

Microsoft Office Outlook Security Bypass Vulnerability

Microsoft Office is a suite of office software based on the Windows operating system developed by Microsoft. A security bypass vulnerability exists in the implementation of Microsoft Outlook when it does not properly handle in-memory objects, where an attacker could execute arbitrary commands via...

Microsoft Edge Remote Code Execution Vulnerability (CNVD-2017-14639)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle in-memory objects and has a remote code execution vulnerability in its implementation that could lead an attacker to execute arbitrary code in the current user context...

Microsoft Chakra Core Remote Code Execution Vulnerability

Chakra is a JavaScript engine developed by Microsoft for its web browsers. A security vulnerability in the way the JavaScript engine is rendered when handling in-memory objects in Microsoft Chakra Core could be exploited by remote attackers to construct malicious web pages that could be parsed by...

Microsoft Edge Remote Code Execution Vulnerability

Microsoft Edge is the web browser built into the Windows 10 version. A remote code execution vulnerability exists in the scripting engine presentation when Microsoft Edge handles in-memory objects, where an attacker could execute arbitrary code in the current user context...

Microsoft Windows Uniscribe Information Disclosure Vulnerability (CNVD-2017-03757)

Microsoft Uniscribe is a component of the Windows operating system developed by Microsoft Corporation for the correct presentation of Unicode characters. An information disclosure vulnerability exists in Microsoft Uniscribe's handling of in-memory objects, which allows remote attackers to exploit...

Microsoft Chakra JavaScript Scripting Engine Memory Corruption Vulnerability (CNVD-2016-03020)

Microsoft Edge is a web browser developed by Microsoft and is the default browser that comes with the Windows 10 operating system.Chakra JScript engine is a JavaScript engine component used by IE and Edge web browser. A memory corruption vulnerability exists in the way the Microsoft Chakra...

Microsoft Windows Kernel 'Win32k.sys' local elevation of privilege vulnerability (CNVD-2015-01104)

Microsoft Windows is a popular operating system. A security vulnerability in Microsoft Windows 'Win32k.sys' handling of in-memory objects allows local attackers to exploit the vulnerability to elevate privileges and execute arbitrary code in kernel context...