Vulnerabilities > Microsoft > High

DATE CVE VULNERABILITY TITLE RISK
2018-01-10 CVE-2018-0786 Improper Certificate Validation vulnerability in Microsoft .Net Core, .Net Framework and Powershell Core
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability."
network
low complexity
microsoft CWE-295
7.5
7.5
2018-01-10 CVE-2018-0784 Unspecified vulnerability in Microsoft Asp.Net Core 2.0
ASP.NET Core 1.0.
network
low complexity
microsoft
8.8
8.8
2018-01-10 CVE-2018-0764 Unspecified vulnerability in Microsoft .Net Core, .Net Framework and Powershell Core
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0.
network
low complexity
microsoft
7.5
7.5
2018-01-04 CVE-2018-0788 Unspecified vulnerability in Microsoft products
The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 and R2 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "OpenType Font Driver Elevation of Privilege Vulnerability".
local
high complexity
microsoft
7.0
7.0
2018-01-04 CVE-2018-0781 Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
network
high complexity
microsoft CWE-787
7.5
7.5
2018-01-04 CVE-2018-0778 Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
network
high complexity
microsoft CWE-787
7.5
7.5
2018-01-04 CVE-2018-0777 Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
network
high complexity
microsoft CWE-787
7.5
7.5
2018-01-04 CVE-2018-0776 Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
network
high complexity
microsoft CWE-787
7.5
7.5
2018-01-04 CVE-2018-0775 Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
network
high complexity
microsoft CWE-787
7.5
7.5
2018-01-04 CVE-2018-0774 Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability".
network
high complexity
microsoft CWE-787
7.5
7.5