Lucene search
K
MscveMost viewed

21727 matches found

Microsoft CVE
Microsoft CVE
added 2017/09/12 7:0 a.m.36 views

Win32k Information Disclosure Vulnerability

An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization KASLR bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kerne...

5.5CVSS2.1AI score0.0423EPSS
Exploits2
Microsoft CVE
Microsoft CVE
added 2017/09/12 7:0 a.m.36 views

Win32k Graphics Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete dat...

9.3CVSS6.9AI score0.49765EPSS
Exploits2
Microsoft CVE
Microsoft CVE
added 2017/08/08 7:0 a.m.36 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based...

7.6CVSS7.8AI score0.72116EPSS
Exploits9
Microsoft CVE
Microsoft CVE
added 2017/08/08 7:0 a.m.36 views

Volume Manager Extension Driver Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Volume Manager Extension Driver component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an...

5.5CVSS1.6AI score0.02426EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/08/08 7:0 a.m.36 views

Microsoft Edge based on Edge HTML Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attac...

6.5CVSS0.7AI score0.22937EPSS
Exploits3
Microsoft CVE
Microsoft CVE
added 2017/07/11 7:0 a.m.36 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based...

7.6CVSS7.3AI score0.66911EPSS
Exploits5
Microsoft CVE
Microsoft CVE
added 2017/07/11 7:0 a.m.36 views

Windows PowerShell Remote Code Execution Vulnerability

A remote code execution vulnerability exists in PowerShell when PSObject wraps a CIM Instance. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system. In an attack scenario, an attacker could execute malicious code in a PowerShell remote...

9.3CVSS5AI score0.17522EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/06/13 7:0 a.m.36 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based...

7.6CVSS6.8AI score0.67587EPSS
Exploits4
Microsoft CVE
Microsoft CVE
added 2017/05/09 7:0 a.m.36 views

Windows SMB Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 SMBv1 server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To explo...

7CVSS1.5AI score0.07243EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/04/11 7:0 a.m.36 views

Microsoft Edge Memory Corruption Vulnerability

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

7.6CVSS1.6AI score0.13774EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/04/11 7:0 a.m.37 views

Windows Hyper-V Denial of Service Vulnerability

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the...

6.3CVSS3.3AI score0.04432EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/03/14 7:0 a.m.36 views

Windows Kernel Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ne...

7.8CVSS3.3AI score0.0139EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/03/14 7:0 a.m.36 views

Windows GDI Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete...

7.8CVSS3.2AI score0.01858EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/01/10 8:0 a.m.36 views

Microsoft Office Memory Corruption Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

9.3CVSS2.6AI score0.24693EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/12/13 8:0 a.m.36 views

Microsoft Browser Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

7.6CVSS3.9AI score0.14824EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/12/13 8:0 a.m.36 views

Windows Common Log File System Driver Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Common Log File System CLFS driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have...

6CVSS6.9AI score0.02712EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/11/08 8:0 a.m.36 views

Microsoft Browser Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

7.6CVSS3.9AI score0.16963EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/10/11 7:0 a.m.36 views

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

10CVSS3.5AI score0.0616EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/09/13 7:0 a.m.36 views

Windows Secure Kernel Mode Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Secure Kernel Mode improperly handles objects in memory. A locally authenticated attacker who successfully exploited this vulnerability could be able to read sensitive information on the target system. To exploit this vulnerability, an...

5CVSS1.6AI score0.03813EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/09/13 7:0 a.m.36 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploit...

7.6CVSS7AI score0.16166EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/09/13 7:0 a.m.36 views

Microsoft Silverlight Memory Corruption Vulnerability

A remote code execution vulnerability exists when Microsoft Silverlight improperly allows applications to access objects in memory. The vulnerability could corrupt system memory, which could allow an attacker to execute arbitrary code. In a web-browsing scenario, an attacker who successfully...

9.3CVSS1.5AI score0.17793EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/09/13 7:0 a.m.36 views

Windows Permissions Enforcement Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that Windows enforces permissions if an attacker loads a specially crafted DLL. A locally authenticated attacker who successfully exploited this vulnerability could run arbitrary code as a system administrator. An attacker could then insta...

7.8CVSS3.4AI score0.0136EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/08/09 7:0 a.m.36 views

Microsoft OneNote Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft OneNote improperly discloses its memory contents. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could create a specially craft...

5.5CVSS1.3AI score0.3015EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/08/09 7:0 a.m.36 views

Internet Explorer Information Disclosure Vulnerability

An information disclosure vulnerability exists when Internet Explorer improperly handles page content, which could allow an attacker to detect the existence of specific files on the user's system. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website that ...

3.1CVSS2AI score0.35331EPSS
Exploits2
Microsoft CVE
Microsoft CVE
added 2016/06/14 7:0 a.m.36 views

Microsoft Exchange Information Disclosure Vulnerability

An email filter bypass exists in the way that Microsoft Exchange parses HTML messages that could allow information disclosure. An attacker who successfully exploited the vulnerability could identify, fingerprint, and track a user online if the user views email messages using Outlook Web Access OW...

5.5CVSS1.5AI score0.22554EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/06/14 7:0 a.m.36 views

Windows SMB Server Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the Microsoft Server Message Block SMB when an attacker forwards an authentication request intended for another service running on the same machine. An attacker who successfully exploited this vulnerability could execute arbitrary code with elevat...

7.8CVSS3.7AI score0.43493EPSS
Exploits6
Microsoft CVE
Microsoft CVE
added 2016/06/14 7:0 a.m.36 views

OpenType Font Driver Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver ATMFD.dll when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could...

7.8CVSS2.3AI score0.06976EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2016/06/14 7:0 a.m.36 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...

9.3CVSS8.5AI score0.56767EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2016/05/10 7:0 a.m.36 views

RPC Network Data Representation Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the way Microsoft Windows handles specially crafted Remote Procedure Call RPC requests. The remote code execution can occur when the RPC Network Data Representation NDR Engine improperly frees memory. An authenticated attacker who successfully...

9CVSS8.3AI score0.16706EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/04/12 7:0 a.m.36 views

.NET Framework Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Microsoft .NET Framework fails to properly validate input before loading libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delet...

7.8CVSS4.1AI score0.13924EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/06/10 7:0 a.m.35 views

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

Improper input validation in Microsoft AutoUpdate MAU allows an authorized attacker to elevate privileges locally...

7.8CVSS7.2AI score0.0037EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/03/11 7:0 a.m.35 views

Windows Remote Desktop Services Remote Code Execution Vulnerability

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...

8.1CVSS7.4AI score0.01744EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/01/14 8:0 a.m.35 views

Microsoft Excel Security Feature Bypass Vulnerability

...

7.8CVSS7.1AI score0.01565EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/12/10 8:0 a.m.35 views

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

...

8.1CVSS7.1AI score0.01399EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/12/10 8:0 a.m.35 views

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

...

7CVSS7.1AI score0.0043EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/11/12 8:0 a.m.35 views

SQL Server Native Client Remote Code Execution Vulnerability

...

8.8CVSS7.3AI score0.01345EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/11/12 8:0 a.m.35 views

SQL Server Native Client Remote Code Execution Vulnerability

...

8.8CVSS7.1AI score0.01345EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/31 4:46 p.m.35 views

Chromium: CVE-2024-10488 Use after free in WebRTC

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.5AI score0.00517EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/08 7:0 a.m.35 views

Visual Studio Code for Linux Remote Code Execution Vulnerability

...

7.8CVSS7.1AI score0.01002EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/09/19 7:0 a.m.35 views

Microsoft Edge (Chromium-based) Spoofing Vulnerability

...

8.8CVSS8.8AI score0.00472EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2024/09/10 7:0 a.m.35 views

Microsoft AllJoyn API Information Disclosure Vulnerability

...

7.5CVSS7.7AI score0.04469EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/09/10 7:0 a.m.35 views

Microsoft Windows Update Remote Code Execution Vulnerability

Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 initial version released July 2015. This means that an attacker could exploit these previously mitigated vulnerabilities on...

9.8CVSS9.7AI score0.12132EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/08/13 7:0 a.m.35 views

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

...

7.8CVSS7.8AI score0.0594EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/08/08 7:0 a.m.35 views

Microsoft Office Spoofing Vulnerability

...

9.1CVSS7.1AI score0.19534EPSS
Exploits2
Microsoft CVE
Microsoft CVE
added 2024/06/11 7:0 a.m.35 views

Windows Perception Service Elevation of Privilege Vulnerability

...

7CVSS7.1AI score0.00365EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/06/03 6:29 p.m.35 views

Chromium: CVE-2024-5493 Heap buffer overflow in WebRTC

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS7.8AI score0.00737EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2024/05/16 7:0 a.m.35 views

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

...

7.1CVSS7AI score0.01553EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/05/02 5:12 p.m.35 views

Chromium: CVE-2024-4368 Use after free in Dawn

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.6AI score0.01064EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2024/04/26 5:17 p.m.35 views

Chromium: CVE-2024-4059 Out of bounds read in V8 API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS8.4AI score0.009EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2024/04/12 3:52 p.m.35 views

Chromium: CVE-2024-3515 Use after free in Dawn

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.9AI score0.00783EPSS
Exploits1
Total number of security vulnerabilities5000