Latest CVE Feed
-
9.3
HIGHCVE-2017-0243
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8570.... Read more
- Published: Jul. 11, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0250
Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due t... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016- Published: Aug. 08, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0272
The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an at... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0176
A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows ... Read more
- Published: Jun. 22, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0148
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execu... Read more
Affected Products : windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_vista windows_10_1607 windows_10_1507 server_message_block +17 more products- Actively Exploited
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0166
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious tr... Read more
- Published: Apr. 12, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2019-1157
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +7 more products- Published: Aug. 14, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2017-0144
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execu... Read more
Affected Products : windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_vista windows_10_1607 windows_10_1507 server_message_block +17 more products- Actively Exploited
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0143
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execu... Read more
Affected Products : windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_vista windows_10_1607 windows_10_1507 intellispace_portal +18 more products- Actively Exploited
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2019-1127
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows windows_11_23h2- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-1119
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122... Read more
- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2017-0108
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows re... Read more
Affected Products : windows_7 windows_server_2008 office lync skype_for_business word_viewer windows_vista live_meeting silverlight- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2019-1034
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security cont... Read more
Affected Products : sharepoint_enterprise_server office word office_365_proplus sharepoint_server office_web_apps excel office_online_server sharepoint_server_2016 word_2016 +2 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2017-0053
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cra... Read more
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0052
Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsof... Read more
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0030
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of servi... Read more
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0072
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different ... Read more
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2019-0974
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0900
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, ... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: May. 16, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-0795
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0792, CVE-2019-0793.... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024