Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2018-0921

    Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE... Read more

    Affected Products : sharepoint_enterprise_server
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0920

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-... Read more

    Affected Products : excel
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2018-0919

    Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0917

    Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE... Read more

    Affected Products : sharepoint_enterprise_server
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0916

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0915

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0914

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0913

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0912

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0911

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0910

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0909

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-0908

    Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM 2016 server, aka "Microsoft Identity Manager XSS Elevati... Read more

    Affected Products : identity_manager
    • Published: Feb. 26, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-0907

    Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2016 Click-to-Run and Microsoft Office 2016 for Mac allow a security feature bypass vulnerability due to how macro settings are enforced, ... Read more

    Affected Products : office excel
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2018-0904

    The Windows kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-0903

    Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Access Remote Code Execution Vulnerabi... Read more

    Affected Products : office access
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-0902

    The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709. Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver v... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2018-0901

    The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2018-0900

    The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2018-0899

    The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information ... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293609 Results