microsoft vulnerabilities and exploits

5
CVSSv2
CVE-2018-0765

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.7.1,...

10
CVSSv2
CVE-2018-8421

A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input, aka ".NET Framework Remote Code Execution Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework...

Microsoft.net Framework
4.6
CVSSv2
CVE-2018-1039

A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard, aka ".NET Framework Device Guard Security Feature Bypass Vulnerability." This affects Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6,...

5
CVSSv2
CVE-2019-0545

An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft...

2.1
CVSSv2
CVE-2018-8356

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET...

4.9
CVSSv2
CVE-2009-2517

The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler...

6.5
CVSSv2
CVE-2016-7249

Microsoft SQL Server 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."...

9.3
CVSSv2
CVE-2015-6184

The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token sequence in conjunction with...

6.9
CVSSv2
CVE-2017-8573

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle...

6.8
CVSSv2
CVE-2017-8571

Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a security feature bypass vulnerability due to the way that it handles input, aka "Microsoft Office Outlook Security Feature Bypass...