Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2018-8343 An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS... | N/A | NONE | — | 0 |
| CVE-2018-8344 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affec... | N/A | NONE | — | 0 |
| CVE-2018-16780 Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment. | N/A | NONE | — | 0 |
| CVE-2018-8345 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed, aka "LNK Remote Code Execution Vulnerability." This affects Window... | N/A | NONE | — | 0 |
| CVE-2018-8346 A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed, aka "LNK Remote Code Execution Vulnerability." This affects Window... | N/A | NONE | — | 0 |
| CVE-2018-8347 An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka "Windows Kernel Elevation of Privilege Vulne... | N/A | NONE | — | 0 |
| CVE-2018-8348 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows ... | N/A | NONE | — | 0 |
| CVE-2018-15807 POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locall... | N/A | NONE | — | 0 |
| CVE-2018-8349 A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." Th... | N/A | NONE | — | 0 |
| CVE-2018-8350 A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Ser... | N/A | NONE | — | 0 |
| CVE-2018-8351 An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Int... | N/A | NONE | — | 0 |
| CVE-2018-8353 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects I... | N/A | NONE | — | 0 |
| CVE-2018-8355 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Chakr... | N/A | NONE | — | 0 |
| CVE-2018-8357 An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft... | N/A | NONE | — | 0 |
| CVE-2018-8358 A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. | N/A | NONE | — | 0 |
| CVE-2018-8359 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore.... | N/A | NONE | — | 0 |
| CVE-2018-8360 An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka ".NET Framework Information Disclosure V... | N/A | NONE | — | 0 |
| CVE-2018-15808 POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user. "root" access to POSIM EVO's database may result in a breach of confidentiality, integrity, or availab... | N/A | NONE | — | 0 |
| CVE-2018-8370 A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | N/A | NONE | — | 0 |
| CVE-2018-8371 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects I... | N/A | NONE | — | 0 |
| CVE-2018-8372 A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Chakr... | N/A | NONE | — | 0 |
| CVE-2018-8374 A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data, aka "Microsoft Exchange Server Tampering Vulnerability." This affects Microsoft Exchange Server. | N/A | NONE | — | 0 |
| CVE-2018-8387 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID i... | N/A | NONE | — | 0 |
| CVE-2018-8375 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This a... | 7.8 | HIGH | — | 0 |
| CVE-2018-8376 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerabilit... | N/A | NONE | — | 0 |
| CVE-2018-8377 A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID i... | N/A | NONE | — | 0 |
| CVE-2018-8378 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Of... | N/A | NONE | — | 0 |
| CVE-2018-8383 A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-... | N/A | NONE | — | 0 |
| CVE-2018-8379 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This a... | N/A | NONE | — | 0 |
| CVE-2018-8380 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." Thi... | N/A | NONE | — | 0 |
| CVE-2018-8381 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." Thi... | N/A | NONE | — | 0 |
| CVE-2018-8382 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft ... | N/A | NONE | — | 0 |
| CVE-2018-15809 AccuPOS 2017.8 is installed with the insecure "Authenticated Users: Modify" permission for files within the installation path. This may allow local attackers to compromise the integrity of critical re... | N/A | NONE | — | 0 |
| CVE-2018-8388 A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2... | N/A | NONE | — | 0 |
| CVE-2018-8389 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects I... | N/A | NONE | — | 0 |
| CVE-2018-8390 A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft E... | N/A | NONE | — | 0 |
| CVE-2018-8394 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Wind... | N/A | NONE | — | 0 |
| CVE-2018-8412 An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka "Microsoft (MAU) Office Elevation of Priv... | N/A | NONE | — | 0 |
| CVE-2018-8396 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Wind... | N/A | NONE | — | 0 |
| CVE-2018-8397 A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka "GDI+ Remote Code Execution Vulnerability." This affects Win... | N/A | NONE | — | 0 |
| CVE-2018-8398 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Wind... | N/A | NONE | — | 0 |
| CVE-2018-8399 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows ... | N/A | NONE | — | 0 |
| CVE-2018-8400 An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability... | N/A | NONE | — | 0 |
| CVE-2018-8401 An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability... | N/A | NONE | — | 0 |
| CVE-2018-8403 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Internet Explorer 11, Mi... | N/A | NONE | — | 0 |
| CVE-2018-8404 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows ... | N/A | NONE | — | 0 |
| CVE-2018-11247 The JMX/RMI interface in Nasdaq BWise 5.0 does not require authentication for an SAP BO Component, which allows remote attackers to execute arbitrary code via a session on port 81. | N/A | NONE | — | 0 |
| CVE-2018-14007 Citrix XenServer 7.1 and newer allows Directory Traversal. | N/A | NONE | — | 0 |
| CVE-2018-14722 An issue was discovered in evaluate_auto_mountpoint in btrfsmaintenance-functions in btrfsmaintenance through 0.4.1. Code execution as root can occur via a specially crafted filesystem label if btrfs-... | N/A | NONE | — | 0 |
| CVE-2018-14779 A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data()`: {% highlight c %} if(*out_len... | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.