CVE-2018-8331 CVSS:9.3
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office. (Last Update:2018-11-16) (Publish Update:2018-09-12)
CVE-2018-8332 CVSS:9.3
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. (Last Update:2018-11-16) (Publish Update:2018-09-12)
CVE-2018-8430 CVSS:9.3
A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file, aka "Word PDF Remote Code Execution Vulnerability." This affects Microsoft Word, Microsoft Office. (Last Update:2018-11-16) (Publish Update:2018-09-12)
CVE-2018-8455 CVSS:4.6
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. (Last Update:2018-11-16) (Publish Update:2018-09-12)
CVE-2018-8468 CVSS:4.3
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. (Last Update:2018-11-16) (Publish Update:2018-09-12)
CVE-2018-8475 CVSS:6.8
A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. (Last Update:2018-11-16) (Publish Update:2018-09-12)
CVE-2018-8470 CVSS:4.3
A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11. (Last Update:2018-11-09) (Publish Update:2018-09-12)
CVE-2012-1856 CVSS:9.3
The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability." (Last Update:2018-11-07) (Publish Update:2012-08-14)
CVE-2018-8435 CVSS:2.3
A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. (Last Update:2018-11-07) (Publish Update:2018-09-12)
CVE-2018-8271 CVSS:2.1
An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory, aka "Windows Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. (Last Update:2018-11-06) (Publish Update:2018-09-12)
Click here for a complete list of security vulnerabilities. This vulnerability list widget is provided by www.cvedetails.com