Vulnerability & Exploit Database

Displaying entries 81 - 90 of 135096 in total

Microsoft CVE-2018-8372: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: August 14, 2018

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same u...

Microsoft CVE-2018-8371: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: August 14, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the sa...

Microsoft CVE-2018-8370: Microsoft Edge Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: August 14, 2018

A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. In browsing scenarios, an attacker could convince a user to visit a malicious site and leverage the vulnerabili...

Microsoft CVE-2018-8360: .NET Framework Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: August 14, 2018

An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. The vulnerability is caused when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream. To exploit the vulne...

Microsoft CVE-2018-8358: Microsoft Edge Security Feature Bypass Vulnerability Vulnerability

  • Severity: 4
  • Published: August 14, 2018

A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests. The vulnerability allows Microsoft Edge to bypass Cross-Origin Resource Sharing (CORS) redirect restrictions, and to follow redirect requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability c...

Microsoft CVE-2018-8357: Microsoft Browser Elevation of Privilege Vulnerability Vulnerability

  • Severity: 4
  • Published: August 14, 2018

An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be...

Microsoft CVE-2018-8355: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: August 14, 2018

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same u...

Microsoft CVE-2018-8353: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: August 14, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the sa...

Microsoft CVE-2018-8351: Microsoft Browser Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: August 14, 2018

An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction. An attacker who successfully exploited this vulnerability could allow an attacker to obtain browser frame or window state from a different domain. For an attack to be successful, an attacker must persuade a user to op...

Microsoft CVE-2018-8350: Windows PDF Remote Code Execution Vulnerability Vulnerability

  • Severity: 4
  • Published: August 14, 2018

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user righ...