Lucene search
K
MscveMost viewed

21761 matches found

Microsoft CVE
Microsoft CVE
•added 2018/01/09 8:0 a.m.•34 views

Microsoft Office Memory Corruption Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

9.3CVSS8.3AI score0.24398EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/12/07 8:0 a.m.•34 views

Microsoft Malware Protection Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...

9.3CVSS2.2AI score0.19759EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/11/14 8:0 a.m.•34 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

4.7CVSS3.1AI score0.02184EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2017/10/10 7:0 a.m.•34 views

W - SMB - DOS Authenticated

A denial of service vulnerability exists in the Microsoft Server Block Message SMB when an authenticated attacker sends specially crafted requests to the server. An attacker who exploited this vulnerability could cause the affected system to crash. To attempt to exploit this issue, an attacker...

7.8CVSS1.7AI score0.14399EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/09/12 7:0 a.m.•34 views

Microsoft Bluetooth Driver Spoofing Vulnerability

A spoofing vulnerability exists in Microsoft's implementation of the Bluetooth stack. An attacker who successfully exploited this vulnerability could perform a man-in-the-middle attack and force a user's computer to unknowingly route traffic through the attacker's computer. The attacker can then...

8.1CVSS6.7AI score0.02307EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2017/09/12 7:0 a.m.•34 views

Device Guard Code Integrity Policy Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code...

5.3CVSS3.6AI score0.01411EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/09/12 7:0 a.m.•34 views

Windows Hyper-V Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application...

7.2CVSS1.9AI score0.0242EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/09/12 7:0 a.m.•34 views

Microsoft Edge Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Edge improperly handles clipboard events. For an attack to be successful, an attacker must persuade a user to visit a malicious website and leave it open during clipboard activities. The update addresses the vulnerability by changing h...

4.3CVSS1.1AI score0.05837EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/08/08 7:0 a.m.•34 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based...

7.6CVSS7.6AI score0.0889EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/08/08 7:0 a.m.•34 views

Windows PDF Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

7.6CVSS3.5AI score0.14416EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/07/11 7:0 a.m.•34 views

Kerberos SNAME Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Microsoft Windows when Kerberos fails to prevent tampering with the SNAME field during ticket exchange. An attacker who successfully exploited this vulnerability could use it to bypass Extended Protection for Authentication. To exploit this...

7.5CVSS6.7AI score0.04621EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/06/28 7:0 a.m.•34 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by...

6.5CVSS1.9AI score0.14265EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•34 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

6.5CVSS3.1AI score0.14265EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•34 views

Windows GDI Information Disclosure Vulnerability

A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...

6.5CVSS1.6AI score0.14265EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•34 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

6.5CVSS3.1AI score0.14265EPSS
Exploits3
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•34 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

6.5CVSS3.1AI score0.14265EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2017/05/25 7:0 a.m.•34 views

Microsoft Malware Protection Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...

9.3CVSS2.2AI score0.71961EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2017/05/09 7:0 a.m.•34 views

May 2017 Adobe Flash Security Update

This security update addresses the following vulnerabilities, which are described in Adobe Security Bulletin APSB17-15: CVE-2017-3068,CVE-2017-3069,CVE-2017-3070,CVE-2017-3071,CVE-2017-3072,CVE-2017-3073,CVE-2017-3074...

9.3CVSS8.8AI score0.20353EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2017/05/09 7:0 a.m.•34 views

Windows SMB Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 SMBv1 server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To explo...

7CVSS1.5AI score0.13329EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/05/09 7:0 a.m.•34 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

4.7CVSS3.1AI score0.07363EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2017/05/09 7:0 a.m.•34 views

Windows Kernel Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. On systems with Windows 7 for x64-based Systems or later installed, this vulnerabilit...

7CVSS4.5AI score0.02004EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/05/09 7:0 a.m.•34 views

Windows GDI Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could...

4.4CVSS2.5AI score0.43458EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/05/09 7:0 a.m.•34 views

Windows DNS Server Denial of Service Vulnerability

A denial of service vulnerability exists in Windows DNS Server if the server is configured to answer version queries. An attacker who successfully exploited this vulnerability could cause the DNS Server service to become nonresponsive. An attacker could exploit this vulnerability by sending...

5.9CVSS3.5AI score0.0406EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/04/11 7:0 a.m.•34 views

Win32k Information Disclosure Vulnerability

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log ...

3.3CVSS1.4AI score0.02977EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/04/11 7:0 a.m.•34 views

Microsoft Edge Memory Corruption Vulnerability

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

7.6CVSS1.6AI score0.23593EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/04/11 7:0 a.m.•34 views

Internet Explorer Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. In a web-based attack scenario, an attacker could host a website that is us...

8.8CVSS2.3AI score0.19522EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/03/14 7:0 a.m.•34 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...

7.6CVSS7.8AI score0.1523EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/03/14 7:0 a.m.•34 views

Windows Uniscribe Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accoun...

9.3CVSS7.3AI score0.42546EPSS
Exploits5
Microsoft CVE
Microsoft CVE
•added 2017/03/14 7:0 a.m.•34 views

Windows GDI Information Disclosure Vulnerability

A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...

4.4CVSS1.6AI score0.33359EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/03/14 7:0 a.m.•34 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...

7.6CVSS7.8AI score0.78538EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2017/03/14 7:0 a.m.•34 views

Microsoft Color Management Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way that the Color Management Module ICM32.dll handles objects in memory. This vulnerability allows an attacker to retrieve information to bypass usermode ASLR Address Space Layout Randomization on a targeted system. By itself, the information...

6.5CVSS6.3AI score0.3528EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2017/03/14 7:0 a.m.•34 views

Microsoft Excel Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special...

4.7CVSS1.1AI score0.22552EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/03/14 7:0 a.m.•34 views

Microsoft Office Memory Corruption Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on wit...

9.3CVSS2.6AI score0.16607EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/03/14 7:0 a.m.•35 views

Windows GDI Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete...

7.8CVSS3.2AI score0.11022EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2017/03/14 7:0 a.m.•34 views

March 2017 Adobe Flash Security Update

This security update addresses the following vulnerabilities, which are described in Adobe Security Bulletin APSB17-07: CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000, CVE-2017-3001, CVE-2017-3002, CVE-2017-3003...

9.3CVSS7.7AI score0.0836EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2016/12/13 8:0 a.m.•34 views

Microsoft Office Memory Corruption Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on wit...

9.3CVSS2.6AI score0.25146EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/12/13 8:0 a.m.•34 views

.NET Framework Information Disclosure Vulnerability

An information disclosure vulnerability exists in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server that could allow an attacker to access information that should be defended by the Always Encrypted feature. The vulnerability is caused when .NET Framework improperly uses a...

7.5CVSS7.3AI score0.20008EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/11/08 8:0 a.m.•34 views

Microsoft Browser Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Microsoft browser XSS filter is abused to leak sensitive page information. An attacker who successfully exploited the vulnerability could obtain sensitive information from certain web pages. To exploit the vulnerability, an attacker would ha...

3.1CVSS1.3AI score0.11616EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2016/09/13 7:0 a.m.•34 views

Microsoft Office Memory Corruption Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on wit...

9.3CVSS2.6AI score0.18535EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/08/09 7:0 a.m.•34 views

Microsoft Browser Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

7.6CVSS3.9AI score0.14732EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/08/09 7:0 a.m.•34 views

Internet Explorer Memory Corruption Vulnerability

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory via the Microsoft Windows Text Services Framework. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...

7.6CVSS1.7AI score0.16428EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/06/14 7:0 a.m.•34 views

Windows Virtual PCI Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows Virtual PCI VPCI virtual service provider VSP fails to properly handle uninitialized memory. An attacker who successfully exploited this vulnerability could potentially disclose contents of memory to which the attacker should not hav...

5CVSS2.4AI score0.06014EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/06/14 7:0 a.m.•34 views

Windows PDF Information Disclosure Vulnerability

An information disclosure vulnerability exists in Microsoft Windows when a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could read memory in the context of the current user. To exploit the vulnerability, an attacker would have to trick the user...

9.3CVSS2.2AI score0.33569EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/05/10 7:0 a.m.•34 views

DirectX Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with...

7.8CVSS2.8AI score0.02031EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2016/04/12 7:0 a.m.•34 views

DLL Loading Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Internet Explorer improperly validates input before loading dynamic link library DLL files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, ...

7.8CVSS4AI score0.12877EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2016/04/12 7:0 a.m.•34 views

Microsoft Office Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

9.3CVSS2.6AI score0.1629EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2016/04/12 7:0 a.m.•34 views

Microsoft Excel Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

9.3CVSS2.6AI score0.20717EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/04/12 7:0 a.m.•34 views

Windows Hyper-V Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application...

7.1CVSS1.9AI score0.03414EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2026/05/12 2:0 p.m.•33 views

Windows Netlogon Remote Code Execution Vulnerability

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...

9.8CVSS6.1AI score0.72253EPSS
Exploits31
Microsoft CVE
Microsoft CVE
•added 2025/05/13 7:0 a.m.•33 views

Windows Installer Information Disclosure Vulnerability

Improper link resolution before file access 'link following' in Windows Installer allows an authorized attacker to disclose information locally...

5.5CVSS6.6AI score0.00511EPSS
Exploits0
Total number of security vulnerabilities5000