Latest CVE Feed
-
9.3
HIGHCVE-2019-0907
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0906
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0851
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0877, ... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-0791
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0792, CVE-2019-0793, CVE-2019-0795.... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-0790
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0791, CVE-2019-0792, CVE-2019-0793, CVE-2019-0795.... Read more
- Published: Apr. 09, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-0734
An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully decode and replace authentication request using Kerberos, allowing an attacker to be validated as an Administrator.The update add... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: May. 16, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-0597
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0598, ... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: Mar. 05, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-0582
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows ... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 office office_365_proplus windows_server_2019 +2 more products- Published: Jan. 08, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8576
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outloo... Read more
- Published: Nov. 14, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8544
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2... Read more
- Published: Nov. 14, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8524
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outloo... Read more
- Published: Nov. 14, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8494
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Win... Read more
- Published: Oct. 10, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8432
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Microsoft Office Word V... Read more
Affected Products : windows_10 windows_7 windows_server_2008 office excel_viewer office_365_proplus powerpoint_viewer word_viewer windows_server_2019 office_word_viewer +1 more products- Published: Oct. 10, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8420
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Win... Read more
- Published: Sep. 13, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8375
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Micros... Read more
- Published: Aug. 15, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8332
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Windows Server 2012 R2, Wi... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 office office_for_mac windows_server +2 more products- Published: Sep. 13, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2006-6282
members.php in Vikingboard 0.1.2 allows remote attackers to trigger a forced SQL error via an invalid s parameter, a different vector than CVE-2006-4709. NOTE: might only be an exposure if display_errors is enabled, but due to lack of details, even this ... Read more
Affected Products : vikingboard- Published: Dec. 04, 2006
- Modified: Apr. 09, 2025
-
9.3
HIGHCVE-2006-6261
Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a)... Read more
Affected Products : windows_2000 windows_xp windows_95 windows_98 windows_nt windows_me quintessential_player- Published: Dec. 04, 2006
- Modified: Apr. 09, 2025
-
9.3
HIGHCVE-2006-6258
The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack.... Read more
Affected Products : alternc- Published: Dec. 04, 2006
- Modified: Apr. 09, 2025
-
9.3
CRITICALCVE-2025-23016
FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.... Read more
Affected Products : fcgi- Published: Jan. 10, 2025
- Modified: Apr. 24, 2025
- Vuln Type: Memory Corruption