Vulnerabilidades en microsoft
8667 resultadosCVE-2018-8429—An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel InEPSS 12.3%CVE-2019-0605—A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'ScriptinEPSS 12.2%CVE-2021-26863HIGHWindows Win32k Elevation of Privilege VulnerabilityEPSS 12.2%CVE-2023-36424HIGHWindows Common Log File System Driver Elevation of Privilege VulnerabilityEPSS 12.2%KEVCVE-2024-43491CRITICALMicrosoft Windows Update Remote Code Execution VulnerabilityEPSS 12.1%CVE-2023-21715HIGHMicrosoft Publisher Security Feature Bypass VulnerabilityEPSS 12.1%KEVCVE-2022-29104HIGHWindows Print Spooler Elevation of Privilege VulnerabilityEPSS 12.1%CVE-2019-1245—An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite InformatioEPSS 12.1%CVE-2023-36900HIGHWindows Common Log File System Driver Elevation of Privilege VulnerabilityEPSS 12.1%CVE-2019-0639—A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting EnginEPSS 12.0%CVE-2020-17083MEDIUMMicrosoft Exchange Server Remote Code Execution VulnerabilityEPSS 12.0%CVE-2023-36033HIGHWindows DWM Core Library Elevation of Privilege VulnerabilityEPSS 12.0%KEVCVE-2021-43883HIGHWindows Installer Elevation of Privilege VulnerabilityEPSS 12.0%CVE-2019-1441—A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k EPSS 12.0%CVE-2023-41772HIGHWin32k Elevation of Privilege VulnerabilityEPSS 11.8%CVE-2019-1246—A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database EnEPSS 11.8%CVE-2018-8304—A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka EPSS 11.8%CVE-2023-0755CRITICAL
The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remoteEPSS 11.8%CVE-2020-1286—A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.An attacker who successfully exploEPSS 11.8%CVE-2018-8468—An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." EPSS 11.8%