Microsoft Excel Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

Description of the security update for the elevation of privilege vulnerabilities in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009: December 11, 2018

Description of the security update for the elevation of privilege vulnerabilities in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009: December 11, 2018 Summary Windows elevation of privilege vulnerabilities exist in the following scenarios: When Windows incorrectly handles calls...

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to how the scripting engine handles objects in memory, allowing a remote attacker to execute arbitrary code in the context of the authenticated user...

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to how the scripting engine handles objects in memory, which allows a remote attacker to execute arbitrary code in the context of the user. This CVE ID is different from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837,...

Remote Code Execution (RCE)

Microsoft Chakracore is vulnerable to remote code execution. The scripting engine does not properly handle objects in memory, which would allow an attacker to execute arbitrary commands in the context of the authenticated user. This CVE ID is different from CVE-2017-11886, CVE-2017-11889,...

CVE-2018-8408

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Window...

Remote code execution

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Microsoft Office. This CVE ID is unique from CVE-2018-8573...

CVE-2018-8450

A remote code execution vulnerability exists when Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows...

CVE-2018-8522

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-852...

CVE-2018-8544

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server...

CVE-2018-8577

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This...

CVE-2018-8554

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. This CVE ID is unique from CVE-2018-8485, CVE-2018-8561...

VulnCheck KEV: CVE-2018-8611

A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory...

CVE-2018-8333

An Elevation of Privilege vulnerability exists in Filter Manager when it improperly handles objects in memory, aka "Microsoft Filter Manager Elevation Of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

CVE-2018-8497

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers...

Microsoft Windows Graphics Component Information Disclosure Vulnerability (CNVD-2018-20734)

Microsoft Windows Server 2008 SP2 and others are products of Microsoft Corporation.Microsoft Windows Server 2008 SP2 is a set of operating systems used by servers.PowerPoint Viewer 2007 is a presentation handling program. Graphics Components is one of the graphics components. An information...

Microsoft Windows Codecs Library Information Disclosure Vulnerability

An Information Disclosure vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. Exploitation of the vulnerability requires that a...

CVE-2018-8442

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows...

CVE-2018-8443

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows...

Information disclosure

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge...