Filtered by vendor Microsoft
Subscribe
Total
19175 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0739 | 1 Microsoft | 1 Internet Information Server | 2018-10-12 | 5.0 MEDIUM | N/A |
| The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
| CVE-1999-0738 | 1 Microsoft | 1 Internet Information Server | 2018-10-12 | 5.0 MEDIUM | N/A |
| The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
| CVE-1999-0737 | 1 Microsoft | 1 Internet Information Server | 2018-10-12 | 5.0 MEDIUM | N/A |
| The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
| CVE-1999-0736 | 1 Microsoft | 1 Internet Information Server | 2018-10-12 | 5.0 MEDIUM | N/A |
| The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | |||||
| CVE-1999-0489 | 1 Microsoft | 1 Windows Nt | 2018-10-12 | 10.0 HIGH | N/A |
| MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013. | |||||
| CVE-1999-0386 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2018-10-12 | 5.0 MEDIUM | N/A |
| Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL. | |||||
| CVE-1999-0384 | 1 Microsoft | 6 Office, Outlook, Project and 3 more | 2018-10-12 | 4.6 MEDIUM | N/A |
| The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. | |||||
| CVE-1999-0382 | 1 Microsoft | 1 Windows Nt | 2018-10-12 | 7.2 HIGH | N/A |
| The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. | |||||
| CVE-1999-0379 | 1 Microsoft | 1 Backoffice Resource Kit | 2018-10-12 | 7.5 HIGH | N/A |
| Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting. | |||||
| CVE-1999-0376 | 1 Microsoft | 1 Windows Nt | 2018-10-12 | 4.6 MEDIUM | N/A |
| Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. | |||||
| CVE-1999-0278 | 1 Microsoft | 2 Internet Information Server, Windows Nt | 2018-10-12 | 5.0 MEDIUM | N/A |
| In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. | |||||
| CVE-2018-8316 | 1 Microsoft | 8 Internet Explorer, Windows 10, Windows 7 and 5 more | 2018-10-12 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 11, Internet Explorer 10. | |||||
| CVE-2018-8370 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2018-10-12 | 4.3 MEDIUM | 3.1 LOW |
| A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | |||||
| CVE-2018-8382 | 1 Microsoft | 5 Excel, Excel 2013 Rt, Excel Viewer and 2 more | 2018-10-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. | |||||
| CVE-2018-10510 | 2 Microsoft, Trendmicro | 2 Windows, Control Manager | 2018-10-12 | 7.5 HIGH | 9.8 CRITICAL |
| A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to execute arbitrary code on vulnerable installations. | |||||
| CVE-2009-0341 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2018-10-11 | 9.3 HIGH | N/A |
| The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP SP3 might allow remote attackers to execute arbitrary code via a long VALUE attribute in an INPUT element, possibly related to a stack consumption vulnerability. | |||||
| CVE-2009-0202 | 1 Microsoft | 1 Office Powerpoint | 2018-10-11 | 9.3 HIGH | N/A |
| Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows 2.1 Translator in Microsoft PowerPoint 2000 and 2002 allows remote attackers to execute arbitrary code via a Freelance file with unspecified "layout information" that triggers a heap-based buffer overflow. | |||||
| CVE-2009-0016 | 2 Apple, Microsoft | 2 Itunes, Windows | 2018-10-11 | 5.0 MEDIUM | N/A |
| Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header. | |||||
| CVE-2008-7211 | 2 Microsoft, Soundblaster | 2 Windows Vista, Ensoniq Pci Es1371 Wdm Driver | 2018-10-11 | 6.9 MEDIUM | N/A |
| CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver, as used in Ensoniq PCI 1371 sound cards and when running on Windows Vista, does not create a Functional Device Object (FDO) to prevent user-moade access to the Physical Device Object (PDO), which allows local users to gain SYSTEM privileges via a crafted IRP request that dereferences a NULL FsContext pointer. | |||||
| CVE-2008-6194 | 1 Microsoft | 1 Windows | 2018-10-11 | 7.8 HIGH | N/A |
| Memory leak in the DNS server in Microsoft Windows allows remote attackers to cause a denial of service (memory consumption) via DNS packets. NOTE: this issue reportedly exists because of an incorrect fix for CVE-2007-3898. | |||||