Lucene search
K

294 matches found

CVE
CVE
added 2018/02/15 2:0 a.m.81 views

CVE-2018-0760

Summary: CVE-2018-0760 affects the Windows Embedded OpenType (EOT) font engine in Windows 7 SP1, Windows Server 2008 R2, and Windows Server 2012. The vulnerability arises from the EOT font engine’s handling of embedded fonts, leading to information disclosure. What’s vulnerable: Windows EOT Font ...

5.5CVSS4.5AI score0.02367EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2018/02/15 2:0 a.m.80 views

CVE-2018-0761

CVE-2018-0761 concerns the Windows EOT Font Engine information disclosure in Microsoft Windows, caused by improper handling of embedded fonts. Affects Windows 7 SP1 and Windows Server 2008 R2 (per NVD entry for CVE-2018-0761); related advisories describe the same class of vulnerability across Win...

5.5CVSS4.5AI score0.02367EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2018/02/14 12:0 a.m.28 views

Microsoft Embedded OpenType Font Engine Information Disclosure Vulnerability

Microsoft Windows 7 and Windows Server 2008 are both products of Microsoft Corporation. The former is an operating system for personal computers and the latter is a server operating system.Windows Embedded OpenType EOT font engine is one of the font engines. An information disclosure vulnerabilit...

4.3CVSS6.2AI score0.06042EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/14 12:0 a.m.26 views

Microsoft Windows Embedded OpenType Information Disclosure Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. The Windows Embedded OpenType EOT font engine is one of the font engines. An information disclosure vulnerability exists in the Windows EOT font engine in Microsoft Windows 7 SP1 and Windows Server 20...

5.5CVSS6.1AI score0.02367EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2018/02/13 8:0 a.m.34 views

Windows EOT Font Engine Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType EOT font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that...

4.3CVSS1.7AI score0.06042EPSS
Exploits0
Kaspersky
Kaspersky
added 2018/02/13 12:0 a.m.59 views

KLA11200 Multiple vulnerabilties in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...

9.3CVSS8.9AI score0.44265EPSS
Exploits5References38
Tenable Nessus
Tenable Nessus
added 2018/02/13 12:0 a.m.97 views

KB4074587: Windows 7 and Windows Server 2008 R2 February 2018 Security Update

The remote Windows host is missing security update 4074587 or cumulative update 4074598. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability...

9.3CVSS7.8AI score0.53715EPSS
Exploits6References18
Tenable Nessus
Tenable Nessus
added 2018/02/13 12:0 a.m.111 views

KB4074589: Windows Server 2012 February 2018 Security Update

The remote Windows host is missing security update 4074589 or cumulative update 4074593. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability...

9.3CVSS7.9AI score0.53715EPSS
Exploits7References16
CNVD
CNVD
added 2017/11/16 12:0 a.m.20 views

Microsoft Windows Embedded OpenType Font Engine Information Disclosure Vulnerability

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and Windows Server 2008 R2 SP1 are products of Microsoft Corporation.Microsoft Windows 7 SP1 is an operating system for personal computers; Windows Server 2008 SP2 is an upgrade. Server 2008 SP2 is a server operating system, and R2 SP1 is an update...

5.5CVSS6.2AI score0.02384EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2017/11/15 3:29 a.m.2 views

CVE-2017-11835

Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be disclosed due to the way that the Microsoft Windows Embedded OpenType EOT font engine parses specially crafted embedded fonts, aka "Windows EOT Font...

5.5CVSS5.5AI score0.02384EPSS
Exploits0References4
NVD
NVD
added 2017/11/15 3:29 a.m.21 views

CVE-2017-11835

Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be disclosed due to the way that the Microsoft Windows Embedded OpenType EOT font engine parses specially crafted embedded fonts, aka "Windows EOT Font...

5.5CVSS4.7AI score0.02384EPSS
Exploits0References3
OSV
OSV
added 2017/11/15 3:29 a.m.6 views

CVE-2017-11832

The Microsoft Windows embedded OpenType EOT font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially...

4.7CVSS5.8AI score0.02091EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2017/11/15 3:29 a.m.6 views

CVE-2017-11832

The Microsoft Windows embedded OpenType EOT font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially...

5.5CVSS5.5AI score0.02384EPSS
Exploits0References4
OSV
OSV
added 2017/11/15 3:29 a.m.1 views

CVE-2017-11835

Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be disclosed due to the way that the Microsoft Windows Embedded OpenType EOT font engine parses specially crafted embedded fonts, aka "Windows EOT Font...

5.5CVSS5.8AI score0.02384EPSS
Exploits0References3
Prion
Prion
added 2017/11/15 3:29 a.m.24 views

Information disclosure

The Microsoft Windows embedded OpenType EOT font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially...

1.9CVSS4.7AI score0.02384EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2017/11/15 3:29 a.m.22 views

CVE-2017-11832

The Microsoft Windows embedded OpenType EOT font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially...

4.7CVSS4.8AI score0.02091EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/15 3:0 a.m.28 views

CVE-2017-11832

The Microsoft Windows embedded OpenType EOT font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially...

5.4AI score0.02091EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.151 views

KLA11136 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure...

9.3CVSS7.3AI score0.10975EPSS
Exploits11References30
Kaspersky
Kaspersky
added 2017/11/14 12:0 a.m.41 views

KLA11855 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. An information...

9.3CVSS9.2AI score0.47913EPSS
Exploits7References40
Qualys Blog
Qualys Blog
added 2017/08/08 6:25 p.m.167 views

August Patch Tuesday: 25 critical Microsoft vulnerabilities, 43 for Adobe

Today Microsoft released patches covering 48 vulnerabilities as part of August’s Patch Tuesday update, with 15 of them affecting Windows. Patches covering 25 of these vulnerabilities are labeled as Critical, and 27 can result in Remote Code Execution. According to Microsoft, none of these...

9.3CVSS8.3AI score0.55415EPSS
Exploits0
Rows per page
Query Builder