Latest CVE Feed
-
9.3
HIGHCVE-2015-2558
Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3,... Read more
Affected Products : excel_viewer sharepoint_server excel office_compatibility_pack office_sharepoint_server excel_for_mac- Published: Oct. 14, 2015
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2015-2523
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office... Read more
- Published: Sep. 09, 2015
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2015-2456
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Att... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 office lync .net_framework windows_vista +5 more products- Published: Aug. 15, 2015
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2015-2455
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Att... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 office lync .net_framework windows_vista +5 more products- Published: Aug. 15, 2015
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2015-2441
Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2452... Read more
- Published: Aug. 14, 2015
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2018-8531
A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory, aka "Azure IoT Device Client SDK Memory Corruption Vulnerability." This affects Hub Device Client SDK, Azure IoT E... Read more
- Published: Oct. 10, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-1150
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then inst... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +7 more products- Published: Aug. 14, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-1121
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1122... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows windows_11_23h2- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8430
A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file, aka "Word PDF Remote Code Execution Vulnerability." This affects Microsoft Word, Microsoft Office.... Read more
- Published: Sep. 13, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-1035
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security cont... Read more
Affected Products : office office_365_proplus sharepoint_server office_online_server sharepoint_server_2019 office_2019- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2018-8414
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.... Read more
- Actively Exploited
- Published: Aug. 15, 2018
- Modified: Apr. 04, 2025
-
9.3
HIGHCVE-2018-8413
A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Win... Read more
- Published: Oct. 10, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8393
A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 ... Read more
- Published: Sep. 13, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-0953
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.... Read more
- Published: May. 16, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-0945
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2... Read more
- Published: May. 16, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-0909
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2014-9922
The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.... Read more
- Published: Apr. 04, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2019-0891
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0893, ... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: May. 16, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8349
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows R... Read more
- Published: Aug. 15, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-8346
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed, aka "LNK Remote Code Execution Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This ... Read more
- Published: Aug. 15, 2018
- Modified: Nov. 21, 2024