Microsoft Corporation

678 tracked vulnerabilities.

CVE-2017-0277 HIGH
Microsoft Windows SMBv1 - Remote Code Execution via Malicious Request Handling
May 12, 2017
CVSS 7.0
EPSS 0.02
CVE-2017-0276 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
May 12, 2017
CVSS 5.9
EPSS 0.03
CVE-2017-0275 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
May 12, 2017
CVSS 5.9
EPSS 0.05
CVE-2017-0274 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
May 12, 2017
CVSS 5.9
EPSS 0.16
CVE-2017-0273 MEDIUM
Microsoft Windows SMBv1 - Denial of Service via Crafted Requests
May 12, 2017
CVSS 5.9
EPSS 0.10
CVE-2017-0272 HIGH
Windows SMBv1 - Remote Code Execution via Malicious Request Handling
May 12, 2017
CVSS 8.1
EPSS 0.06
CVE-2017-0271 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
May 12, 2017
CVSS 5.9
EPSS 0.26
CVE-2017-0270 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
May 12, 2017
CVSS 5.9
EPSS 0.16
CVE-2017-0269 MEDIUM
Microsoft Windows SMBv1 - Denial of Service via Crafted Requests
May 12, 2017
CVSS 5.9
EPSS 0.10
CVE-2017-0268 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
May 12, 2017
CVSS 5.9
EPSS 0.16
CVE-2017-0267 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
May 12, 2017
CVSS 5.9
EPSS 0.26
CVE-2017-0266 HIGH
Microsoft Edge - Remote Code Execution via Memory Object Handling
May 12, 2017
CVSS 7.5
EPSS 0.37
CVE-2017-0265 HIGH
Microsoft PowerPoint for Mac 2011 - Remote Code Execution via Memory Corruption
May 12, 2017
CVSS 7.8
EPSS 0.29
CVE-2017-0264 HIGH
Microsoft PowerPoint for Mac 2011 - Remote Code Execution via Memory Corruption
May 12, 2017
CVSS 7.8
EPSS 0.29
CVE-2017-0263 HIGH KEV
Microsoft Windows - Use-After-Free in Kernel-Mode Drivers
May 12, 2017
CVSS 7.8
EPSS 0.20
CVE-2017-0262 HIGH KEV
Microsoft Office 2010 SP2, 2013 SP1, 2016 - Remote Code Execution
May 12, 2017
CVSS 7.8
EPSS 0.65
CVE-2017-0261 HIGH KEV
Microsoft Office 2010 SP2, 2013 SP1, 2016 - Remote Code Execution via Use-After-Free
May 12, 2017
CVSS 7.8
EPSS 0.92
CVE-2017-0259 MEDIUM
Windows Kernel - Information Disclosure via Crafted Document
May 12, 2017
CVSS 4.7
EPSS 0.03
CVE-2017-0258 MEDIUM
Windows Kernel - Authenticated Information Disclosure via Crafted Document
May 12, 2017
CVSS 4.7
EPSS 0.04
CVE-2017-0256 MEDIUM
ASP.NET Core MVC - Spoofing via Improper Request Sanitization
May 12, 2017
CVSS 5.3
EPSS 0.04
CVE-2017-0255 MEDIUM
Microsoft SharePoint Foundation 2013 SP1 - Cross-Site Scripting
May 12, 2017
CVSS 5.4
EPSS 0.01
CVE-2017-0254 HIGH
Microsoft Office - Remote Code Execution via Memory Corruption
May 12, 2017
CVSS 7.8
EPSS 0.33
CVE-2017-0249 HIGH
ASP.NET Core MVC - Elevation of Privilege via Improper Web Request Sanitization
May 12, 2017
CVSS 7.3
EPSS 0.06
CVE-2017-0248 HIGH
.NET Framework Security Feature Bypass via Improper Certificate Validation
May 12, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-0247 HIGH
ASP.NET Core Mvc < 1.0.4 and 1.1.x < 1.1.3 - Denial of Service via Unicode Non-Character Encoding
May 12, 2017
CVSS 7.5
EPSS 0.11
Products
Microsoft Edge 66 Microsoft Windows 63 Internet Explorer 41 Microsoft Office 37 ChakraCore, Microsoft Edge 30 Windows Uniscribe 30 Browser 20 Microsoft Scripting Engine 18 Windows Hyper-V 17 Office 14 Edge 13 Windows kernel 13 Hyper-V 12 Windows 12 ChakraCore, Microsoft Edge, Internet Explorer 9 Windows Kernel 9 Uniscribe 8 Win32k 8 Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 8 Malware Protection Engine 7 Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 7 Server Message Block 1.0 7 Microsoft Graphics Component 6 Microsoft browsers 6 Windows GDI+ 6 Windows SMB 6 ASP.NET Core 5 ChakraCore 5 Device Guard 5 Internet Explorer, Microsoft Edge 5
Quick Filters
Critical CVEs With Exploits In CISA KEV