# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
19751 |
CVE-2018-0997 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-11 |
2018-05-15 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0870, CVE-2018-0991, CVE-2018-1018, CVE-2018-1020. |
19752 |
CVE-2018-0996 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-11 |
2018-05-15 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0988, CVE-2018-1001. |
19753 |
CVE-2018-0995 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-11 |
2018-05-11 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-1019. |
19754 |
CVE-2018-0994 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-11 |
2018-05-11 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0995, CVE-2018-1019. |
19755 |
CVE-2018-0993 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-11 |
2018-05-11 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019. |
19756 |
CVE-2018-0991 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-11 |
2018-05-15 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0870, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020. |
19757 |
CVE-2018-0990 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-11 |
2018-05-11 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0980, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019. |
19758 |
CVE-2018-0989 |
200 |
|
+Info |
2018-04-11 |
2018-05-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0981, CVE-2018-0987, CVE-2018-1000. |
19759 |
CVE-2018-0988 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-11 |
2018-05-15 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0996, CVE-2018-1001. |
19760 |
CVE-2018-0987 |
200 |
|
+Info |
2018-04-11 |
2018-05-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0981, CVE-2018-0989, CVE-2018-1000. |
19761 |
CVE-2018-0986 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-04 |
2018-08-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection. |
19762 |
CVE-2018-0983 |
|
|
|
2018-03-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Storage Services Elevation of Privilege Vulnerability". |
19763 |
CVE-2018-0982 |
732 |
|
|
2018-06-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |
19764 |
CVE-2018-0980 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-11 |
2018-05-20 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0979, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019. |
19765 |
CVE-2018-0979 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-04-11 |
2018-05-11 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019. |
19766 |
CVE-2018-0978 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-06-14 |
2018-08-01 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8249. |
19767 |
CVE-2018-0977 |
|
|
|
2018-03-14 |
2019-10-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka "Win32k Elevation of Privilege Vulnerability". |
19768 |
CVE-2018-0967 |
|
|
DoS |
2018-04-11 |
2019-10-02 |
6.3 |
None |
Remote |
Medium |
Single system |
None |
None |
Complete |
A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps, aka "Windows SNMP Service Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
19769 |
CVE-2018-0965 |
20 |
|
Exec Code |
2018-09-12 |
2018-11-05 |
7.7 |
None |
Local Network |
Low |
Single system |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8439. |
19770 |
CVE-2018-0963 |
|
|
|
2018-04-11 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |
19771 |
CVE-2018-0961 |
20 |
|
Exec Code |
2018-05-09 |
2018-06-14 |
7.4 |
None |
Local Network |
Medium |
Single system |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |
19772 |
CVE-2018-0959 |
20 |
|
Exec Code |
2018-05-09 |
2018-06-14 |
7.4 |
None |
Local Network |
Medium |
Single system |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
19773 |
CVE-2018-0958 |
|
|
Bypass |
2018-05-09 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0854, CVE-2018-8129, CVE-2018-8132. |
19774 |
CVE-2018-0956 |
20 |
|
DoS |
2018-04-11 |
2018-08-09 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. |
19775 |
CVE-2018-0955 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-05-09 |
2018-06-06 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. |
19776 |
CVE-2018-0954 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-05-09 |
2018-06-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. |
19777 |
CVE-2018-0953 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-05-09 |
2018-06-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. |
19778 |
CVE-2018-0952 |
|
|
|
2018-08-15 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers. |
19779 |
CVE-2018-0951 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-05-09 |
2018-06-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. |
19780 |
CVE-2018-0950 |
200 |
|
+Info |
2018-04-11 |
2018-05-23 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique from CVE-2018-1007. |
19781 |
CVE-2018-0949 |
|
|
Bypass |
2018-07-10 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. |
19782 |
CVE-2018-0947 |
79 |
|
XSS |
2018-03-14 |
2019-10-02 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923 and CVE-2018-0944. |
19783 |
CVE-2018-0946 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-05-09 |
2018-06-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. |
19784 |
CVE-2018-0945 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-05-09 |
2018-06-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139. |
19785 |
CVE-2018-0944 |
79 |
|
XSS |
2018-03-14 |
2019-10-02 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923 and CVE-2018-0947. |
19786 |
CVE-2018-0943 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-05-09 |
2018-06-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8130, CVE-2018-8133, CVE-2018-8145, CVE-2018-8177. |
19787 |
CVE-2018-0941 |
200 |
|
+Info |
2018-03-14 |
2018-04-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Microsoft Exchange Server 2016 Cumulative Update 7 and Microsoft Exchange Server 2016 Cumulative Update 8 allow an information disclosure vulnerability due to how data is imported, aka "Microsoft Exchange Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0924. |
19788 |
CVE-2018-0940 |
200 |
|
+Info |
2018-03-14 |
2018-11-20 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2016 Cumulative Update 7, and Microsoft Exchange Server 2016 Cumulative Update 8 allows an elevation of privilege vulnerability due to how links in the body of an email message are rewritten, aka "Microsoft Exchange Elevation of Privilege Vulnerability". |
19789 |
CVE-2018-0939 |
200 |
|
+Info |
2018-03-14 |
2018-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0891. |
19790 |
CVE-2018-0937 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-03-14 |
2018-04-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, and CVE-2018-0936. |
19791 |
CVE-2018-0936 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-03-14 |
2018-04-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
ChakraCore and Microsoft Windows 10 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, and CVE-2018-0937. |
19792 |
CVE-2018-0935 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-03-14 |
2018-04-07 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0893, and CVE-2018-0925. |
19793 |
CVE-2018-0934 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-03-14 |
2018-04-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0936, and CVE-2018-0937. |
19794 |
CVE-2018-0933 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-03-14 |
2018-04-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. |
19795 |
CVE-2018-0932 |
200 |
|
+Info |
2018-03-14 |
2018-04-06 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". |
19796 |
CVE-2018-0931 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-03-14 |
2018-04-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. |
19797 |
CVE-2018-0930 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-03-14 |
2018-04-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. |
19798 |
CVE-2018-0929 |
200 |
|
+Info |
2018-03-14 |
2018-04-06 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Information Disclosure Vulnerability". |
19799 |
CVE-2018-0927 |
200 |
|
+Info |
2018-03-14 |
2018-04-06 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". |
19800 |
CVE-2018-0925 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-03-14 |
2018-04-05 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0893, and CVE-2018-0935. |