# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
16751 |
CVE-2018-0887 |
200 |
|
+Info |
2018-04-11 |
2018-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975. |
16752 |
CVE-2018-0885 |
20 |
|
DoS |
2018-03-14 |
2018-04-09 |
6.3 |
None |
Remote |
Medium |
Single system |
None |
None |
Complete |
The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows a denial of service vulnerability due to how input from a privileged user on a guest operating system is validated, aka "Hyper-V Denial of Service Vulnerability". |
16753 |
CVE-2018-0884 |
|
|
Bypass |
2018-03-14 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Windows Scripting Host (WSH) in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to how objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability". This CVE is unique from CVE-2018-0902. |
16754 |
CVE-2018-0882 |
|
|
|
2018-03-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0880. |
16755 |
CVE-2018-0881 |
|
|
|
2018-03-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled in memory, aka "Microsoft Video Control Elevation of Privilege Vulnerability". |
16756 |
CVE-2018-0880 |
|
|
|
2018-03-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0882. |
16757 |
CVE-2018-0879 |
200 |
|
+Info |
2018-03-14 |
2018-04-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". |
16758 |
CVE-2018-0878 |
611 |
|
|
2018-03-14 |
2019-05-08 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how XML External Entities (XXE) are processed, aka "Windows Remote Assistance Information Disclosure Vulnerability". |
16759 |
CVE-2018-0875 |
20 |
|
DoS |
2018-03-14 |
2018-04-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability". |
16760 |
CVE-2018-0871 |
200 |
|
+Info |
2018-06-14 |
2018-07-27 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when Edge improperly marks files, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8234. |
16761 |
CVE-2018-0869 |
79 |
|
XSS |
2018-02-14 |
2018-03-07 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
SharePoint Server 2016 allows an elevation of privilege vulnerability due to how web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". |
16762 |
CVE-2018-0868 |
20 |
|
|
2018-03-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Windows Installer in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how input is sanitized, aka "Windows Installer Elevation of Privilege Vulnerability". |
16763 |
CVE-2018-0864 |
79 |
|
XSS |
2018-02-14 |
2018-03-14 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 allow an information disclosure vulnerability due to how web requests are handled, aka "Microsoft SharePoint Information Disclosure Vulnerability". |
16764 |
CVE-2018-0855 |
200 |
|
+Info |
2018-02-14 |
2018-03-14 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0755, CVE-2018-0760, and CVE-2018-0761. |
16765 |
CVE-2018-0854 |
|
|
Bypass |
2018-05-09 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
A security feature bypass vulnerability exists in Windows Scripting Host which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0958, CVE-2018-8129, CVE-2018-8132. |
16766 |
CVE-2018-0853 |
200 |
|
+Info |
2018-02-14 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow an information disclosure vulnerability, due to how Office initializes the affected variable, aka "Microsoft Office Information Disclosure Vulnerability". |
16767 |
CVE-2018-0850 |
|
|
|
2018-02-14 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka "Microsoft Outlook Elevation of Privilege Vulnerability". |
16768 |
CVE-2018-0847 |
200 |
|
+Info |
2018-02-14 |
2018-03-14 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Information Disclosure Vulnerability". |
16769 |
CVE-2018-0846 |
|
|
|
2018-02-14 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
The Windows Common Log File System (CLFS) driver in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Common Log File System Driver Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0844. |
16770 |
CVE-2018-0844 |
|
|
|
2018-02-14 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
The Windows Common Log File System (CLFS) driver in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Common Log File System Driver Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0846. |
16771 |
CVE-2018-0843 |
200 |
|
+Info |
2018-02-14 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
The Windows kernel in Windows 10 version 1709 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0809 and CVE-2018-0820. |
16772 |
CVE-2018-0842 |
|
|
|
2018-02-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability". |
16773 |
CVE-2018-0839 |
200 |
|
+Info |
2018-02-14 |
2018-03-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0763. |
16774 |
CVE-2018-0833 |
476 |
|
DoS |
2018-02-14 |
2018-04-04 |
6.3 |
None |
Remote |
Medium |
Single system |
None |
None |
Complete |
The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests are handled, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability". |
16775 |
CVE-2018-0832 |
200 |
|
+Info |
2018-02-14 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0829 and CVE-2018-0830. |
16776 |
CVE-2018-0831 |
|
|
|
2018-02-14 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability". |
16777 |
CVE-2018-0830 |
200 |
|
+Info |
2018-02-14 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0829 and CVE-2018-0832. |
16778 |
CVE-2018-0829 |
200 |
|
+Info |
2018-02-14 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0830 and CVE-2018-0832. |
16779 |
CVE-2018-0828 |
522 |
|
|
2018-02-14 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability". |
16780 |
CVE-2018-0827 |
|
|
Bypass |
2018-02-14 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Windows Scripting Host (WSH) in Windows 10 versions 1703 and 1709 and Windows Server, version 1709 allows a Device Guard security feature bypass vulnerability due to the way objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability". |
16781 |
CVE-2018-0826 |
|
|
|
2018-02-14 |
2019-10-02 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Storage Services Elevation of Privilege Vulnerability". |
16782 |
CVE-2018-0824 |
502 |
|
Exec Code |
2018-05-09 |
2018-06-20 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
16783 |
CVE-2018-0823 |
|
|
|
2018-02-14 |
2019-10-02 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
The Named Pipe File System in Windows 10 version 1709 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Named Pipe File System handles objects, aka "Named Pipe File System Elevation of Privilege Vulnerability". |
16784 |
CVE-2018-0822 |
|
|
|
2018-02-14 |
2019-10-02 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
NTFS in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way NTFS handles objects, aka "Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability". |
16785 |
CVE-2018-0821 |
269 |
|
|
2018-02-14 |
2019-10-02 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
AppContainer in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way constrained impersonations are handled, aka "Windows AppContainer Elevation Of Privilege Vulnerability". |
16786 |
CVE-2018-0820 |
|
|
|
2018-02-14 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Kernel Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0809 and CVE-2018-0843. |
16787 |
CVE-2018-0819 |
|
|
|
2018-01-09 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for Mac displays encoded email addresses, aka "Spoofing Vulnerability in Microsoft Office for Mac." |
16788 |
CVE-2018-0817 |
|
|
|
2018-03-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0816. |
16789 |
CVE-2018-0816 |
|
|
|
2018-03-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0817. |
16790 |
CVE-2018-0815 |
|
|
|
2018-03-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0816, and CVE-2018-0817. |
16791 |
CVE-2018-0814 |
200 |
|
+Info |
2018-03-14 |
2018-04-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are initialized in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0901 and CVE-2018-0926. |
16792 |
CVE-2018-0813 |
200 |
|
+Info |
2018-03-14 |
2018-04-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are initialized in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0901 and CVE-2018-0926. |
16793 |
CVE-2018-0811 |
200 |
|
+Info |
2018-03-14 |
2018-04-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are initialized in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901 and CVE-2018-0926. |
16794 |
CVE-2018-0810 |
200 |
|
+Info |
2018-02-14 |
2018-03-09 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0757. |
16795 |
CVE-2018-0809 |
|
|
|
2018-02-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0820 and CVE-2018-0843. |
16796 |
CVE-2018-0808 |
|
|
|
2018-03-14 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how ASP.NET web applications handle web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0784. |
16797 |
CVE-2018-0803 |
74 |
|
|
2018-01-04 |
2018-01-16 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain and inject it into another domain, due to how Microsoft Edge enforces cross-domain policies, aka "Microsoft Edge Elevation of Privilege Vulnerability". |
16798 |
CVE-2018-0800 |
200 |
|
+Info |
2018-01-04 |
2018-01-17 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0767 and CVE-2018-0780. |
16799 |
CVE-2018-0799 |
79 |
|
XSS |
2018-01-09 |
2018-01-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and Microsoft SharePoint Enterprise Server 2016 allows a cross-site-scripting (XSS) vulnerability due to the way image field values are handled, aka "Microsoft Access Tampering Vulnerability". |
16800 |
CVE-2018-0790 |
|
|
|
2018-01-09 |
2019-10-02 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0789. |