Vulnerability & Exploit Database

Displaying entries 61 - 70 of 126436 in total

Microsoft CVE-2018-0832: Windows Kernel Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. To exploit the vulnerability...

Microsoft CVE-2018-0859: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...

Microsoft CVE-2018-0864: Microsoft SharePoint Elevation of Privilege Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully explo...

Microsoft CVE-2018-0834: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...

Microsoft CVE-2018-0760: Windows EOT Font Engine Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that while this vulnerability would not allow a...

Microsoft CVE-2018-0850: Microsoft Outlook Elevation of Privilege Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message store (over SMB). To exploit the vulnera...