| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Error Reporting Service Elevation of Privilege Vulnerability |
| .NET Framework Information Disclosure Vulnerability |
| SmartScreen Prompt Security Feature Bypass Vulnerability |
| Windows MSHTML Platform Security Feature Bypass Vulnerability |
| Windows DWM Core Library Elevation of Privilege Vulnerability |
| Windows Installer Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows Power Dependency Coordinator Elevation of Privilege Vulnerability |
| Scripting Engine Memory Corruption Vulnerability |
| Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts. |
| Microsoft Project Remote Code Execution Vulnerability |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| A security flaw has been discovered in Tenda O3 1.0.0.10(2478). Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. |
| A vulnerability was identified in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. |
| An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. |
| Windows Task Scheduler Elevation of Privilege Vulnerability |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". |
| Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812. |
| A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
