Vulnerabilities in Microsoft Corporation

865 results
CVE-2017-0063The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2; Windows Server 2008 SP2 and R2; and Windows 7 SPEPSS 35.3%CVE-2017-0023The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attEPSS 34.0%CVE-2017-0073The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows EPSS 33.4%CVE-2017-11779The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold,EPSS 33.1%CVE-2017-0071A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in MicroEPSS 31.9%CVE-2017-0094A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in MicroEPSS 31.7%CVE-2017-0236A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects inEPSS 31.6%CVE-2017-0105Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on ShareEPSS 30.4%CVE-2017-0066Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge SecuEPSS 29.9%CVE-2017-0222HIGHA remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory CorEPSS 29.6%KEVCVE-2017-0042Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; Windows 7 SP1; Windows 2008 SP2 and R2 SP1, Windows SEPSS 29.5%CVE-2017-0149HIGHMicrosoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) vEPSS 29.2%KEVCVE-2017-0140Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge SecuEPSS 28.5%CVE-2017-11937The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1,EPSS 28.4%CVE-2017-0106Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execuEPSS 28.4%CVE-2018-0792Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka EPSS 28.3%CVE-2017-0065Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser InEPSS 27.4%CVE-2017-0010A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in MicroEPSS 27.1%CVE-2018-0893Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting enEPSS 26.8%CVE-2017-0015A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in MicroEPSS 26.4%