Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-09 | CVE-2016-3296 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." | 7.5 |
| 2016-08-09 | CVE-2016-3293 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability." | 7.5 |
| 2016-08-09 | CVE-2016-3290 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3288. | 7.5 |
| 2016-08-09 | CVE-2016-3289 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322. | 7.5 |
| 2016-08-09 | CVE-2016-3288 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Internet Explorer 11 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3290. | 7.5 |
| 2016-08-09 | CVE-2016-3237 | Permissions, Privileges, and Access Controls vulnerability in Microsoft products Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a fallback to NTLM authentication during a domain account password change, aka "Kerberos Security Feature Bypass Vulnerability." | 7.5 |
| 2016-07-13 | CVE-2016-3287 | 7PK - Security Features vulnerability in Microsoft products Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative access to install a crafted policy, aka "Secure Boot Security Feature Bypass." | 4.4 |
| 2016-07-13 | CVE-2016-3286 | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3249, CVE-2016-3252, and CVE-2016-3254. | 7.3 |
| 2016-07-13 | CVE-2016-3284 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | 7.8 |
| 2016-07-13 | CVE-2016-3283 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Word Viewer Microsoft Word Viewer allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | 7.8 |