Vulnerability & Exploit Database

Displaying entries 111 - 120 of 128465 in total

Microsoft CVE-2018-0957: Hyper-V Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating...

Microsoft CVE-2018-0956: HTTP.sys Denial of Service Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. To exploit this vulnerability, an at...

Microsoft CVE-2018-0950: Microsoft Office Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site. To exploit the vulnerability, an attacker would have to send an ...

Microsoft CVE-2018-0920: Microsoft Excel Remote Code Execution Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could ta...

Microsoft CVE-2018-0892: Microsoft Edge Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to...

Microsoft CVE-2018-0890: Active Directory Security Feature Bypass Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings. To exploit this vulnerability, an attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could bypass firewall policies applied to Modern Applications. This update cor...

Microsoft CVE-2018-0887: Windows Kernel Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a s...

Microsoft CVE-2018-0870: Internet Explorer Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the c...