microsoft vulnerabilities and exploits

7.2
CVSSv2
CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution....

6.8
CVSSv2
CVE-2018-7201

CSV Injection was discovered in ProjectSend before r1053, affecting victims who import the data into Microsoft Excel....

NA
CVE-2014-4878

R7-2014-18: Buffer Overflow in Hikvision RTSP Request Body Handling (CVE-2014-4878)...

2.1
CVSSv2
CVE-2019-0864

A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'....

Microsoft.net Framework
9.3
CVSSv2
CVE-2019-0900

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893,...

9.3
CVSSv2
CVE-2019-0898

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893,...

9
CVSSv2
CVE-2019-0971

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure...

3.5
CVSSv2
CVE-2019-1000

An elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect build 1.3.20.0, which allows an attacker to execute two PowerShell cmdlets in context of a privileged account, and perform privileged actions.To exploit this, an attacker would need to...

4.3
CVSSv2
CVE-2019-0921

An spoofing vulnerability exists when Internet Explorer improperly handles URLs, aka 'Internet Explorer Spoofing Vulnerability'....

MicrosoftInternet Explorer
7.6
CVSSv2
CVE-2019-0937

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914,...

MicrosoftChakracoreEdge