Vulnerabilities > Microsoft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-14 | CVE-2018-0914 | Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". | 8.8 |
| 2018-03-14 | CVE-2018-0913 | Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". | 8.8 |
| 2018-03-14 | CVE-2018-0912 | Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". | 8.8 |
| 2018-03-14 | CVE-2018-0911 | Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". | 8.8 |
| 2018-03-14 | CVE-2018-0910 | Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". | 8.8 |
| 2018-03-14 | CVE-2018-0909 | Cross-site Scripting vulnerability in Microsoft Project Server and Sharepoint Enterprise Server Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". | 8.8 |
| 2018-03-14 | CVE-2018-0907 | Unspecified vulnerability in Microsoft Excel and Office Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2016 Click-to-Run and Microsoft Office 2016 for Mac allow a security feature bypass vulnerability due to how macro settings are enforced, aka "Microsoft Office Excel Security Feature Bypass". | 7.8 |
| 2018-03-14 | CVE-2018-0903 | Unspecified vulnerability in Microsoft Access and Office Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Access Remote Code Execution Vulnerability". | 7.8 |
| 2018-03-14 | CVE-2018-0902 | Unspecified vulnerability in Microsoft Windows 10, Windows Server and Windows Server 2016 The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709. | 7.8 |
| 2018-03-14 | CVE-2018-0893 | Out-of-bounds Write vulnerability in Microsoft Edge Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". | 7.5 |