Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2018-0960

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Wi... Read more

    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2018-0959

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows ... Read more

    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2018-0958

    A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique fr... Read more

    Affected Products : windows_10 windows_server_2016
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2018-0957

    An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Window... Read more

    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-0956

    A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 1... Read more

    Affected Products : windows_10 windows_server_2016
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2018-0955

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Expl... Read more

    Affected Products : internet_explorer
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2018-0954

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Micro... Read more

    Affected Products : edge chakracore internet_explorer
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2018-0953

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-... Read more

    Affected Products : edge chakracore
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-0952

    An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10,... Read more

    • Published: Aug. 15, 2018
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2018-0951

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0945, C... Read more

    Affected Products : edge
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-0950

    An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word... Read more

    Affected Products : office word office_compatibility_pack
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-0949

    A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Int... Read more

    • Published: Jul. 11, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0947

    Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability"... Read more

    Affected Products : sharepoint_enterprise_server
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2018-0946

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-... Read more

    Affected Products : edge chakracore
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2018-0945

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-... Read more

    Affected Products : edge chakracore
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0944

    Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2018-0943

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is un... Read more

    Affected Products : edge chakracore
    • Published: May. 09, 2018
    • Modified: Nov. 21, 2024

  • 2.6

    LOW
    CVE-2018-0942

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow elevation of privilege, due to how Interne... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-0941

    Microsoft Exchange Server 2016 Cumulative Update 7 and Microsoft Exchange Server 2016 Cumulative Update 8 allow an information disclosure vulnerability due to how data is imported, aka "Microsoft Exchange Information Disclosure Vulnerability". This CVE is... Read more

    Affected Products : exchange_server
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-0940

    Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service... Read more

    Affected Products : exchange_server
    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293685 Results