Microsoft Corporation

678 tracked vulnerabilities.

CVE-2017-8557 MEDIUM
Windows System Information Console - Information Disclosure via XML External Entity Injection
Jul 11, 2017
CVSS 5.5
EPSS 0.04
CVE-2017-8556 HIGH
Microsoft Graphics - Privilege Escalation
Jul 11, 2017
CVSS 7.0
EPSS 0.01
CVE-2017-8502 HIGH
Microsoft Excel - Remote Code Execution via Memory Corruption
Jul 11, 2017
CVSS 7.8
EPSS 0.28
CVE-2017-8501 HIGH
Microsoft Excel - Remote Code Execution via Memory Corruption
Jul 11, 2017
CVSS 7.8
EPSS 0.31
CVE-2017-8495 HIGH
Microsoft Windows - Kerberos SNAME Security Feature Bypass
Jul 11, 2017
CVSS 7.5
EPSS 0.16
CVE-2017-8486 MEDIUM
Microsoft Windows - Information Disclosure via Win32k Memory Handling
Jul 11, 2017
CVSS 4.7
EPSS 0.01
CVE-2017-8467 HIGH
Microsoft Windows - Privilege Escalation
Jul 11, 2017
CVSS 7.0
EPSS 0.01
CVE-2017-8463 HIGH
Windows Shell - Remote Code Execution via Improper Handling of Executable Files During Rename
Jul 11, 2017
CVSS 7.8
EPSS 0.34
CVE-2017-0243 HIGH
Microsoft Office and Business Productivity Servers - Remote Code Execution via Memory Object Handling
Jul 11, 2017
CVSS 7.8
EPSS 0.34
CVE-2017-0170 MEDIUM
Windows Performance Monitor - XML External Entity Injection
Jul 11, 2017
CVSS 6.5
EPSS 0.18
CVE-2017-8613 HIGH
Azure AD Connect - Weak Password Recovery Mechanism for Forgotten Password
Jun 29, 2017
CVSS 8.1
EPSS 0.02
CVE-2017-8579 HIGH
Windows 10 and Windows Server 2016 - Authenticated Elevation of Privilege via DirectX
Jun 29, 2017
CVSS 7.0
EPSS 0.01
CVE-2017-8576 HIGH
Microsoft Windows < - Privilege Escalation
Jun 29, 2017
CVSS 7.0
EPSS 0.01
CVE-2017-8575 MEDIUM
Windows 10 and Windows Server 2016 - Information Disclosure via Microsoft Graphics Component
Jun 29, 2017
CVSS 5.5
EPSS 0.02
CVE-2017-8558 HIGH
Microsoft Malware Protection Engine - Remote Code Execution via Crafted File Scan
Jun 29, 2017
CVSS 7.8
EPSS 0.58
CVE-2017-8554 MEDIUM
Microsoft Windows - Authenticated Memory Contents Exposure via Specially Crafted Application
Jun 29, 2017
CVSS 4.7
EPSS 0.01
CVE-2017-8487 HIGH
Windows XP and Windows Server 2003 - Remote Code Execution via Crafted File in OLE
Jun 15, 2017
CVSS 7.8
EPSS 0.69
CVE-2017-8461 HIGH
Windows XP and Windows Server 2003 - Remote Code Execution via RPC with Routing and Remote Access
Jun 15, 2017
CVSS 7.8
EPSS 0.08
CVE-2017-8555 MEDIUM
Microsoft Edge - Security Feature Bypass via Improper CSP Validation
Jun 15, 2017
CVSS 4.3
EPSS 0.06
CVE-2017-8553 MEDIUM
Windows Kernel - Information Disclosure via GDI Memory Handling
Jun 15, 2017
CVSS 4.7
EPSS 0.03
CVE-2017-8552 HIGH
Microsoft Windows - Privilege Escalation
Jun 15, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-8551 MEDIUM
Microsoft Project Server - Cross-Site Scripting
Jun 15, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-8550 MEDIUM
Skype for Business >= Microsoft Office 2016 Click-to-Run (C2R) - Remote Code Execution
Jun 15, 2017
CVSS 5.4
EPSS 0.10
CVE-2017-8549 HIGH
Microsoft Edge - Memory Corruption in Scripting Engine
Jun 15, 2017
CVSS 7.5
EPSS 0.16
CVE-2017-8548 HIGH
Microsoft Edge - Memory Corruption via Improper Object Handling
Jun 15, 2017
CVSS 7.5
EPSS 0.75
Products
Microsoft Edge 66 Microsoft Windows 63 Internet Explorer 41 Microsoft Office 37 ChakraCore, Microsoft Edge 30 Windows Uniscribe 30 Browser 20 Microsoft Scripting Engine 18 Windows Hyper-V 17 Office 14 Edge 13 Windows kernel 13 Hyper-V 12 Windows 12 ChakraCore, Microsoft Edge, Internet Explorer 9 Windows Kernel 9 Uniscribe 8 Win32k 8 Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 8 Malware Protection Engine 7 Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 7 Server Message Block 1.0 7 Microsoft Graphics Component 6 Microsoft browsers 6 Windows GDI+ 6 Windows SMB 6 ASP.NET Core 5 ChakraCore 5 Device Guard 5 Internet Explorer, Microsoft Edge 5
Quick Filters
Critical CVEs With Exploits In CISA KEV