Latest CVE Feed
-
9.3
HIGHCVE-2017-0143
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execu... Read more
Affected Products : windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_vista windows_10_1607 windows_10_1507 intellispace_portal +18 more products- Actively Exploited
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2019-1127
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows windows_11_23h2- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-1119
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122... Read more
- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2017-0108
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows re... Read more
Affected Products : windows_7 windows_server_2008 office lync skype_for_business word_viewer windows_vista live_meeting silverlight- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2019-1034
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security cont... Read more
Affected Products : sharepoint_enterprise_server office word office_365_proplus sharepoint_server office_web_apps excel office_online_server sharepoint_server_2016 word_2016 +2 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2017-0053
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cra... Read more
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0052
Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsof... Read more
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0030
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of servi... Read more
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0072
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different ... Read more
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2019-0974
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0900
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, ... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: May. 16, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-0795
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0792, CVE-2019-0793.... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2017-0003
Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."... Read more
- Published: Jan. 10, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-0031
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vu... Read more
- Published: Mar. 17, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2016-9949
An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.... Read more
- Published: Dec. 17, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2018-8392
A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 ... Read more
- Published: Sep. 13, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-4193
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) ... Read more
- Published: Jun. 08, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2016-9587
Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ans... Read more
- Published: Apr. 24, 2018
- Modified: Nov. 21, 2024
-
9.3
CRITICALCVE-2024-40505
Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component.... Read more
- Published: Jul. 16, 2024
- Modified: May. 29, 2025
-
9.3
HIGHCVE-2018-12860
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
- Published: Oct. 12, 2018
- Modified: Nov. 21, 2024