CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,002 vulnerabilities with CWE-119
CVE-2017-0090
HIGH
Microsoft Windows Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1 - Remote Code Execution via Uniscribe
CVSS 8.8
CVE-2017-0089
HIGH
Microsoft Windows Uniscribe - Remote Code Execution via Crafted Website
CVSS 8.8
CVE-2017-0088
HIGH
Windows Uniscribe in Vista SP2, Server 2008 SP2/R2 SP1, and 7 SP1 - Remote Code Execution
CVSS 8.8
CVE-2017-0087
HIGH
Microsoft Windows Uniscribe - Remote Code Execution via Crafted Website
CVSS 8.8
CVE-2017-0086
HIGH
Microsoft Windows Vista SP2, Server 2008 SP2/R2 SP1, and 7 SP1 - Remote Code Execution via Uniscribe
CVSS 8.8
CVE-2017-0084
HIGH
Windows Uniscribe - Remote Code Execution via Crafted Website
CVSS 8.8
CVE-2017-0083
HIGH
Microsoft Windows Vista SP2, Server 2008 SP2/R2 SP1, and 7 SP1 - Remote Code Execution via Uniscribe
CVSS 8.8
CVE-2017-0072
HIGH
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 - Remote Code Execution
CVSS 8.8
CVE-2017-0071
HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0067
HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0053
HIGH
Microsoft Office - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2017-0052
HIGH
Microsoft Excel - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2017-0040
HIGH
Internet Explorer 9-11 - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2017-0035
HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0034
HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-0032
HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0031
HIGH
Microsoft Office 2010 SP2, Word 2007 SP3, and Word 2010 SP2 - Remote Code Execution via Crafted Document
CVSS 7.8
CVE-2017-0030
HIGH
Microsoft Office/Word 2007/2010 RCE via Crafted Document
CVSS 7.8
CVE-2017-0023
HIGH
Microsoft Edge PDF Library - Remote Code Execution via Crafted PDF File
CVSS 7.5
CVE-2017-0022
MEDIUM
KEV
Microsoft XML Core Services - Information Disclosure via Memory Object Handling
CVSS 6.5
CVE-2017-0020
HIGH
Microsoft Excel 2016/2010 SP2/2013 RT SP1 & Office Web Apps Server 2013 SP1 - RCE via Crafted Document
CVSS 7.8
CVE-2017-0019
HIGH
Microsoft Word 2016 - Remote Code Execution or Denial of Service via Crafted Document
CVSS 7.8
CVE-2017-0018
HIGH
Internet Explorer 10 and 11 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2017-0015
HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption in Scripting Engine
CVSS 7.5
CVE-2017-0006
HIGH
Microsoft Excel 2007 SP3 RCE/DoS via Crafted Document
CVSS 7.8
Details
Vulnerabilities
14,002
Exploit Likelihood
High