Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-08 | CVE-2017-8659 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system due to the Chakra scripting engine not properly handling objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". | 4.3 |
| 2017-08-08 | CVE-2017-8654 | Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2010 Microsoft SharePoint Server 2010 Service Pack 2 allows a cross-site scripting (XSS) vulnerability when it does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability". | 5.4 |
| 2017-08-08 | CVE-2017-8652 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". | 6.5 |
| 2017-08-08 | CVE-2017-8650 | Origin Validation Error vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exploit a security feature bypass due to Microsoft Edge not properly enforcing same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability". | 5.4 |
| 2017-08-08 | CVE-2017-8644 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to disclose information due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". | 4.3 |
| 2017-08-08 | CVE-2017-8642 | Cross-site Scripting vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to elevate privileges due to the way that Microsoft Edge validates JavaScript under specific conditions, aka "Microsoft Edge Elevation of Privilege Vulnerability". | 6.1 |
| 2017-08-08 | CVE-2017-8637 | Unspecified vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to bypass Arbitrary Code Guard (ACG) due to how Microsoft Edge accesses memory in code compiled by the Edge Just-In-Time (JIT) compiler, aka "Scripting Engine Security Feature Bypass Vulnerability". | 5.3 |
| 2017-08-08 | CVE-2017-8627 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 10 1703 Windows Subsystem for Linux in Windows 10 1703, allows a denial of service vulnerability due to the way it handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability". | 4.7 |
| 2017-08-08 | CVE-2017-8623 | Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016 Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability". | 6.8 |
| 2017-08-08 | CVE-2017-0174 | Unspecified vulnerability in Microsoft products Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it improperly handles NetBIOS packets, aka "Windows NetBIOS Denial of Service Vulnerability". low complexity microsoft | 6.5 |