# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
15251 |
CVE-2018-8511 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-10-10 |
2018-11-26 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8510, CVE-2018-8513. |
15252 |
CVE-2018-8510 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-10-10 |
2018-11-26 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8505, CVE-2018-8511, CVE-2018-8513. |
15253 |
CVE-2018-8509 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-10-10 |
2018-12-06 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8473. |
15254 |
CVE-2018-8505 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-10-10 |
2018-11-26 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8503, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513. |
15255 |
CVE-2018-8504 |
|
|
Exec Code |
2018-10-10 |
2019-10-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word. |
15256 |
CVE-2018-8503 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-10-10 |
2018-11-26 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8505, CVE-2018-8510, CVE-2018-8511, CVE-2018-8513. |
15257 |
CVE-2018-8502 |
|
|
Exec Code |
2018-10-10 |
2019-10-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. |
15258 |
CVE-2018-8501 |
|
|
Exec Code |
2018-10-10 |
2019-10-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Office 365 ProPlus, PowerPoint Viewer, Microsoft Office, Microsoft PowerPoint. |
15259 |
CVE-2018-8500 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-10-10 |
2018-11-26 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. |
15260 |
CVE-2018-8497 |
404 |
|
|
2018-10-10 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. |
15261 |
CVE-2018-8495 |
20 |
|
Exec Code |
2018-10-10 |
2018-11-28 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |
15262 |
CVE-2018-8494 |
611 |
|
Exec Code |
2018-10-10 |
2018-11-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
15263 |
CVE-2018-8493 |
200 |
|
+Info |
2018-10-10 |
2018-11-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. |
15264 |
CVE-2018-8492 |
|
|
Bypass |
2018-10-10 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. |
15265 |
CVE-2018-8491 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-10-10 |
2018-11-27 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8460. |
15266 |
CVE-2018-8490 |
20 |
|
Exec Code |
2018-10-10 |
2018-11-28 |
7.7 |
None |
Local Network |
Low |
Single system |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is unique from CVE-2018-8489. |
15267 |
CVE-2018-8489 |
20 |
|
Exec Code |
2018-10-10 |
2018-12-03 |
7.7 |
None |
Local Network |
Low |
Single system |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8490. |
15268 |
CVE-2018-8485 |
404 |
|
|
2018-11-13 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8554, CVE-2018-8561. |
15269 |
CVE-2018-8484 |
404 |
|
|
2018-10-10 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. |
15270 |
CVE-2018-8479 |
295 |
|
|
2018-09-12 |
2018-12-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK. |
15271 |
CVE-2018-8476 |
119 |
|
Exec Code Overflow |
2018-11-13 |
2019-05-08 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10 Servers. |
15272 |
CVE-2018-8475 |
20 |
|
Exec Code |
2018-09-12 |
2018-11-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
15273 |
CVE-2018-8474 |
20 |
|
Bypass |
2018-09-12 |
2018-12-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
A security feature bypass vulnerability exists when Lync for Mac 2011 fails to properly sanitize specially crafted messages, aka "Lync for Mac 2011 Security Feature Bypass Vulnerability." This affects Microsoft Lync. |
15274 |
CVE-2018-8473 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-10-10 |
2018-11-27 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8509. |
15275 |
CVE-2018-8471 |
404 |
|
|
2018-11-13 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability exists in the way that the Microsoft RemoteFX Virtual GPU miniport driver handles objects in memory, aka "Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 8.1, Windows 7, Windows Server 2019. |
15276 |
CVE-2018-8470 |
79 |
|
XSS Bypass |
2018-09-12 |
2018-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11. |
15277 |
CVE-2018-8469 |
|
|
|
2018-09-12 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8463. |
15278 |
CVE-2018-8468 |
|
|
|
2018-09-12 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
15279 |
CVE-2018-8467 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-09-12 |
2018-11-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8466. |
15280 |
CVE-2018-8466 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-09-12 |
2018-11-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8465, CVE-2018-8467. |
15281 |
CVE-2018-8465 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-09-12 |
2018-11-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8367, CVE-2018-8466, CVE-2018-8467. |
15282 |
CVE-2018-8464 |
119 |
|
Exec Code Overflow |
2018-09-12 |
2018-11-20 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge PDF Remote Code Execution Vulnerability." This affects Microsoft Edge. |
15283 |
CVE-2018-8463 |
|
|
|
2018-09-12 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8469. |
15284 |
CVE-2018-8462 |
404 |
|
|
2018-09-12 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |
15285 |
CVE-2018-8461 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-09-12 |
2018-11-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8447. |
15286 |
CVE-2018-8460 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-10-10 |
2018-11-27 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8491. |
15287 |
CVE-2018-8459 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-09-12 |
2018-11-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8457. |
15288 |
CVE-2018-8457 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-09-12 |
2018-11-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8459. |
15289 |
CVE-2018-8456 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-09-12 |
2018-11-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8457, CVE-2018-8459. |
15290 |
CVE-2018-8455 |
404 |
|
|
2018-09-12 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. |
15291 |
CVE-2018-8453 |
404 |
|
|
2018-10-10 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
15292 |
CVE-2018-8452 |
200 |
|
+Info |
2018-09-12 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. |
15293 |
CVE-2018-8450 |
404 |
|
Exec Code |
2018-11-13 |
2019-10-02 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
15294 |
CVE-2018-8448 |
79 |
|
XSS |
2018-10-10 |
2019-10-02 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server. |
15295 |
CVE-2018-8447 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-09-12 |
2018-11-01 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8461. |
15296 |
CVE-2018-8444 |
200 |
|
+Info |
2018-09-12 |
2018-11-20 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka "Windows SMB Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2. |
15297 |
CVE-2018-8441 |
190 |
|
Overflow |
2018-09-12 |
2018-11-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka "Windows Subsystem for Linux Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers. |
15298 |
CVE-2018-8440 |
|
|
|
2018-09-12 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
15299 |
CVE-2018-8439 |
20 |
|
Exec Code |
2018-09-12 |
2018-11-19 |
7.7 |
None |
Local Network |
Low |
Single system |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0965. |
15300 |
CVE-2018-8438 |
20 |
|
DoS |
2018-09-12 |
2018-11-02 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8436, CVE-2018-8437. |