VIR Vulnerability Intelligence Relay

Search

Found 2,269 results in 211ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-0010 high 7.5 7.5 windows windows microsoft 9y ago A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory i…
CVE-2017-0009 medium 4.3 4.3 microsoft 9y ago Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." Th…
CVE-2017-0008 medium 4.3 4.3 microsoft 9y ago Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability…
CVE-2017-0006 high 7.8 7.8 microsoft 9y ago Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (…
CVE-2016-5720 high 7.8 7.8 microsoft 10y ago Multiple untrusted search path vulnerabilities in Microsoft Skype allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) msi.dll, (2) dpapi.dll, or (3) c…
CVE-2017-0003 high 7.8 7.8 microsoft 10y ago Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2017-0002 high 8.8 8.8 microsoft 10y ago Microsoft Edge allows remote attackers to bypass the Same Origin Policy via vectors involving the about:blank URL and data: URLs, aka "Microsoft Edge Elevation of Privilege Vulnerability."
CVE-2016-7300 high 7.8 7.8 microsoft 10y ago Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft (MAU) Office Elevation of Privilege Vuln…
CVE-2016-7298 high 7.8 7.8 microsoft 10y ago Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption)…
CVE-2016-7297 high 7.5 7.5 microsoft 10y ago The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corrupti…
CVE-2016-7296 high 7.5 7.5 microsoft 10y ago The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corrupti…
CVE-2016-7291 high 7.1 7.1 microsoft 10y ago Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow r…
CVE-2016-7290 high 7.1 7.1 microsoft 10y ago Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow r…
CVE-2016-7289 high 7.8 7.8 microsoft 10y ago Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnera…
CVE-2016-7288 high 7.5 8.5 EXP microsoft 10y ago The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corrupti…
CVE-2016-7287 high 7.5 8.5 EXP microsoft 10y ago The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, ak…
CVE-2016-7286 high 7.5 8.5 EXP microsoft 10y ago The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corrupti…
CVE-2016-7284 medium 4.3 4.3 microsoft 10y ago Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
CVE-2016-7283 high 8.8 8.8 microsoft 10y ago Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
CVE-2016-7282 medium 6.1 6.1 microsoft 10y ago Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Mi…
CVE-2016-7281 medium 5.3 5.3 microsoft 10y ago The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Sec…
CVE-2016-7280 medium 6.1 6.1 microsoft 10y ago Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerabi…
CVE-2016-7279 high 7.5 7.5 microsoft 10y ago Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Br…
CVE-2016-7278 medium 5.3 5.3 microsoft 10y ago Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosu…
CVE-2016-7277 critical 9.6 9.6 microsoft 10y ago Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2016-7276 high 7.1 7.1 microsoft 10y ago Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial …
CVE-2016-7275 high 7.8 7.8 microsoft 10y ago Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loadin…
CVE-2016-7270 high 7.5 7.5 microsoft 10y ago The Data Provider for SQL Server in Microsoft .NET Framework 4.6.2 mishandles a developer-supplied key, which allows remote attackers to bypass the Always Encrypted protection mechanism and obtain se…
CVE-2016-7268 high 7.1 7.1 microsoft 10y ago Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 201…
CVE-2016-7267 medium 5.5 5.5 microsoft 10y ago Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses file formats, which makes it easier for remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Se…
CVE-2016-7266 high 7.8 7.8 microsoft 10y ago Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel 2016 for Mac mishandle a registry check, which allows u…
CVE-2016-7265 high 7.1 7.1 microsoft 10y ago Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services …
CVE-2016-7264 high 7.1 7.1 microsoft 10y ago Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a…
CVE-2016-7263 high 7.8 7.8 microsoft 10y ago Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Mem…
CVE-2016-7257 medium 6.5 6.5 windows windows microsoft 10y ago The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive informati…
CVE-2016-7206 medium 6.1 6.1 microsoft 10y ago Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerabi…
CVE-2016-7181 high 7.5 7.5 microsoft 10y ago Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
CVE-2016-2887 high 8.1 8.1 ibmmicrosoft 10y ago IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .NET allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-7254 high 8.8 8.8 microsoft 10y ago Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS E…
CVE-2016-7253 high 8.8 8.8 microsoft 10y ago The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecif…
CVE-2016-7252 medium 6.5 6.5 microsoft 10y ago Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Analysis Services Information Disclosure Vulnera…
CVE-2016-7251 medium 6.1 6.1 microsoft 10y ago Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "MDS API XSS Vuln…
CVE-2016-7250 high 8.8 8.8 microsoft 10y ago Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL …
CVE-2016-7249 high 8.8 8.8 microsoft 10y ago Microsoft SQL Server 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation o…
CVE-2016-7245 high 7.8 7.8 microsoft 10y ago Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, and Office 2016 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office …
CVE-2016-7244 medium 5.5 5.5 microsoft 10y ago Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."
CVE-2016-7243 high 7.5 7.5 microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-7242 high 7.5 7.5 microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-7241 high 7.5 8.5 EXP microsoft 10y ago Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memo…
CVE-2016-7240 high 7.5 8.5 EXP microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-7239 low 3.1 3.1 microsoft 10y ago The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information…
CVE-2016-7236 high 7.8 7.8 microsoft 10y ago Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka …
CVE-2016-7235 high 7.8 7.8 microsoft 10y ago Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office doc…
CVE-2016-7234 high 7.8 7.8 microsoft 10y ago Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Excel for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services…
CVE-2016-7233 medium 6.5 6.5 microsoft 10y ago Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Off…
CVE-2016-7232 high 7.8 7.8 microsoft 10y ago Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsof…
CVE-2016-7231 high 7.8 7.8 microsoft 10y ago Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Mem…
CVE-2016-7230 high 7.8 7.8 microsoft 10y ago Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption …
CVE-2016-7229 high 7.8 7.8 microsoft 10y ago Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers…
CVE-2016-7228 high 7.8 7.8 microsoft 10y ago Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute ar…
CVE-2016-7227 low 3.1 3.1 microsoft 10y ago The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser I…
CVE-2016-7213 high 7.8 7.8 microsoft 10y ago Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute ar…
CVE-2016-7209 medium 5.3 5.3 microsoft 10y ago Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."
CVE-2016-7208 high 7.5 7.5 microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-7204 low 3.1 3.1 microsoft 10y ago Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."
CVE-2016-7203 high 7.5 8.5 EXP microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-7202 high 7.5 8.5 EXP microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-7199 low 3.1 3.1 microsoft 10y ago Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsof…
CVE-2016-7198 high 7.5 7.5 microsoft 10y ago Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Br…
CVE-2016-7196 high 7.5 7.5 microsoft 10y ago Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Brows…
CVE-2016-7195 high 7.5 7.5 microsoft 10y ago Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Br…
CVE-2016-7194 high 7.5 8.5 EXP microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-7190 high 7.5 8.5 EXP microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-7189 high 7.5 8.5 EXP microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-7182 critical 9.8 10.0 EXP windows windows microsoft 10y ago The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607…
CVE-2016-3396 high 7.8 7.8 windows windows microsoft 10y ago Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10…
CVE-2016-3392 medium 5.3 5.3 microsoft 10y ago The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents, which allows remote attackers to bypass intended access restrictions via a crafted web site, aka "Micr…
CVE-2016-3391 medium 5.3 5.3 microsoft 10y ago Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure…
CVE-2016-3390 high 7.5 7.5 microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-3389 high 7.5 7.5 microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-3388 medium 5.3 6.3 EXP microsoft 10y ago Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsof…
CVE-2016-3387 high 7.5 8.5 EXP microsoft 10y ago Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsof…
CVE-2016-3386 high 7.5 8.5 EXP microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-3385 high 7.5 7.5 microsoft 10y ago The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Script…
CVE-2016-3384 high 7.5 7.5 microsoft 10y ago Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
CVE-2016-3383 high 7.5 7.5 microsoft 10y ago Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corrupti…
CVE-2016-3382 high 7.5 7.5 microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-3331 high 7.5 7.5 microsoft 10y ago Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memo…
CVE-2016-3267 medium 5.3 5.3 microsoft 10y ago Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosur…
CVE-2016-3263 medium 5.5 5.5 windows windows microsoft 10y ago Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10…
CVE-2016-3262 medium 5.5 5.5 windows windows microsoft 10y ago Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10…
CVE-2016-3209 medium 5.5 6.5 EXP windows windows microsoft 10y ago Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10…
CVE-2016-7191 high 8.1 8.1 microsoft 10y ago Authentication Bypass in passport-azure-ad
CVE-2015-8960 high 8.1 8.1 sles ietfapplegoogle 10y ago The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute t…
CVE-2016-3381 high 7.8 7.8 microsoft 10y ago Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted…
CVE-2016-3379 medium 6.1 6.1 microsoft 10y ago Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2 allows remote attackers to inject arbitrary web script or HTML via a meeting-invitation request, a…
CVE-2016-3378 high 7.4 7.4 microsoft 10y ago Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers…
CVE-2016-3377 high 7.5 7.5 microsoft 10y ago ChakraCore RCE Vulnerability
CVE-2016-3375 high 7.5 7.5 windows windows microsoft 10y ago The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Serv…
CVE-2016-3374 medium 6.5 6.5 windows windows microsoft 10y ago The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a craf…