Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-15 | CVE-2018-0869 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2016 SharePoint Server 2016 allows an elevation of privilege vulnerability due to how web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". | 5.4 |
| 2018-02-15 | CVE-2018-0864 | Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2013/2016 SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 allow an information disclosure vulnerability due to how web requests are handled, aka "Microsoft SharePoint Information Disclosure Vulnerability". | 5.4 |
| 2018-02-15 | CVE-2018-0855 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008 The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". | 4.3 |
| 2018-02-15 | CVE-2018-0850 | Unspecified vulnerability in Microsoft Office and Outlook Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka "Microsoft Outlook Elevation of Privilege Vulnerability". | 6.5 |
| 2018-02-15 | CVE-2018-0847 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11 Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Information Disclosure Vulnerability". | 4.3 |
| 2018-02-15 | CVE-2018-0843 | Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016 The Windows kernel in Windows 10 version 1709 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Kernel Information Disclosure Vulnerability". | 4.7 |
| 2018-02-15 | CVE-2018-0839 | Information Exposure vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". | 4.3 |
| 2018-02-15 | CVE-2018-0833 | NULL Pointer Dereference vulnerability in Microsoft Windows 8.1, Windows RT 8.1 and Windows Server 2012 The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests are handled, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability". | 5.3 |
| 2018-02-15 | CVE-2018-0832 | Memory Leak vulnerability in Microsoft products The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". | 4.7 |
| 2018-02-15 | CVE-2018-0830 | Information Exposure vulnerability in Microsoft products The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". | 4.7 |