Microsoft Corporation

678 tracked vulnerabilities.

CVE-2017-0175 MEDIUM
Windows 7 SP1 and Windows Server 2008 SP2/R2 SP1 - Authenticated Information Disclosure via Crafted Document
May 12, 2017
CVSS 4.7
EPSS 0.03
CVE-2017-0171 MEDIUM
Windows DNS Server - Denial of Service via Version Query Handling
May 12, 2017
CVSS 5.9
EPSS 0.21
CVE-2017-0077 HIGH
Windows Kernel-Mode Drivers - Information Disclosure and Denial of Service
May 12, 2017
CVSS 7.8
EPSS 0.05
CVE-2017-0064 MEDIUM
Internet Explorer - Security Feature Bypass via Mixed Content Warning Bypass
May 12, 2017
CVSS 6.5
EPSS 0.19
CVE-2017-0290 HIGH
Microsoft Malware Protection Engine < 1.1.13701.0 - Remote Code Execution via Crafted File Scan
May 09, 2017
CVSS 7.8
EPSS 0.87
CVE-2017-0211 MEDIUM
Microsoft Windows OLE - Privilege Escalation
Apr 12, 2017
CVSS 5.5
EPSS 0.22
CVE-2017-0210 HIGH KEV
Internet Explorer - Privilege Escalation
Apr 12, 2017
CVSS 8.8
EPSS 0.43
CVE-2017-0208 MEDIUM
Microsoft Edge - Information Disclosure via Chakra Scripting Engine Memory Handling
Apr 12, 2017
CVSS 4.3
EPSS 0.15
CVE-2017-0207 MEDIUM
Microsoft Outlook for Mac 2011 - XSS
Apr 12, 2017
CVSS 6.5
EPSS 0.12
CVE-2017-0205 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
Apr 12, 2017
CVSS 7.5
EPSS 0.19
CVE-2017-0204 MEDIUM
Microsoft Outlook <2016 - Auth Bypass
Apr 12, 2017
CVSS 5.5
EPSS 0.12
CVE-2017-0202 HIGH
Internet Explorer - Remote Code Execution via Memory Corruption
Apr 12, 2017
CVSS 7.5
EPSS 0.62
CVE-2017-0201 HIGH
Internet Explorer 9 and 10 - Remote Code Execution via JScript and VBScript Engine Memory Corruption
Apr 12, 2017
CVSS 7.5
EPSS 0.24
CVE-2017-0200 HIGH
Microsoft Edge - Remote Code Execution via Memory Corruption
Apr 12, 2017
CVSS 7.5
EPSS 0.29
CVE-2017-0199 HIGH KEV
Microsoft Office Word Malicious Hta Execution
Apr 12, 2017
CVSS 7.8
EPSS 0.94
CVE-2017-0197 HIGH
Microsoft OneNote 2007 SP3 and 2010 SP2 - Remote Code Execution via Crafted Document
Apr 12, 2017
CVSS 7.8
EPSS 0.28
CVE-2017-0195 MEDIUM
Microsoft Excel Web App - Cross-Site Scripting via Crafted Request
Apr 12, 2017
CVSS 5.4
EPSS 0.01
CVE-2017-0194 MEDIUM
Microsoft Excel 2007 SP3/2010 SP2 & Office Compatibility Pack SP2 - Information Disclosure
Apr 12, 2017
CVSS 5.5
EPSS 0.44
CVE-2017-0192 MEDIUM
Microsoft Windows - Information Disclosure via Adobe Type Manager Font Driver
Apr 12, 2017
CVSS 4.3
EPSS 0.23
CVE-2017-0191 MEDIUM
Windows - Denial of Service via Memory Object Handling
Apr 12, 2017
CVSS 5.8
EPSS 0.02
CVE-2017-0189 HIGH
Windows 10 and Windows Server 2016 - Elevation of Privilege via Kernel-Mode Driver Memory Handling
Apr 12, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-0188 LOW
Windows Win32k Information Disclosure Vulnerability
Apr 12, 2017
CVSS 3.3
EPSS 0.05
CVE-2017-0186 MEDIUM
Microsoft Hyper-V Network Switch - Denial of Service via Improper Input Validation
Apr 12, 2017
CVSS 5.8
EPSS 0.00
CVE-2017-0185 MEDIUM
Microsoft Windows 10 - Improper Input Validation
Apr 12, 2017
CVSS 5.8
EPSS 0.01
CVE-2017-0184 MEDIUM
Microsoft Hyper-V - Denial of Service via Privileged Guest Input
Apr 12, 2017
CVSS 5.4
EPSS 0.00
Products
Microsoft Edge 66 Microsoft Windows 63 Internet Explorer 41 Microsoft Office 37 ChakraCore, Microsoft Edge 30 Windows Uniscribe 30 Browser 20 Microsoft Scripting Engine 18 Windows Hyper-V 17 Office 14 Edge 13 Windows kernel 13 Hyper-V 12 Windows 12 ChakraCore, Microsoft Edge, Internet Explorer 9 Windows Kernel 9 Uniscribe 8 Win32k 8 Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 8 Malware Protection Engine 7 Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 7 Server Message Block 1.0 7 Microsoft Graphics Component 6 Microsoft browsers 6 Windows GDI+ 6 Windows SMB 6 ASP.NET Core 5 ChakraCore 5 Device Guard 5 Internet Explorer, Microsoft Edge 5
Quick Filters
Critical CVEs With Exploits In CISA KEV