Vulnerabilities > Microsoft > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-13 | CVE-2017-8715 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Windows Security Feature Bypass". | 5.3 |
2017-10-13 | CVE-2017-8703 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 10 1703 The Microsoft Windows Subsystem for Linux on Microsoft Windows 10 1703 allows a denial of service vulnerability when it improperly handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability". | 5.5 |
2017-10-13 | CVE-2017-8693 | Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016 The Microsoft Graphics Component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Microsoft Graphics Information Disclosure Vulnerability". | 5.5 |
2017-10-13 | CVE-2017-11829 | Files or Directories Accessible to External Parties vulnerability in Microsoft Windows 10 and Windows Server 2016 Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions. | 5.5 |
2017-10-13 | CVE-2017-11823 | Race Condition vulnerability in Microsoft Windows 10 and Windows Server 2016 The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Microsoft Windows Security Feature Bypass". | 6.7 |
2017-10-13 | CVE-2017-11820 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016 Microsoft SharePoint Enterprise Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an attacker to exploit a cross-site scripting (XSS) vulnerability by sending a specially crafted request to an affected SharePoint server, due to how SharePoint Server sanitizes web requests, aka "Microsoft Office SharePoint XSS Vulnerability". | 5.4 |
2017-10-13 | CVE-2017-11818 | 7PK - Security Features vulnerability in Microsoft products The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka "Windows Storage Security Feature Bypass Vulnerability". | 4.5 |
2017-10-13 | CVE-2017-11817 | Information Exposure vulnerability in Microsoft products The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly validates objects in memory, aka "Windows Information Disclosure Vulnerability". | 4.7 |
2017-10-13 | CVE-2017-11816 | Information Exposure vulnerability in Microsoft products The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Windows GDI Information Disclosure Vulnerability". | 5.5 |
2017-10-13 | CVE-2017-11815 | Information Exposure vulnerability in Microsoft products The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it handles certain requests, aka "Windows SMB Information Disclosure Vulnerability". | 5.3 |