Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-15 | CVE-2018-0829 | Information Exposure vulnerability in Microsoft products The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". | 4.7 |
| 2018-02-15 | CVE-2018-0827 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 Windows Scripting Host (WSH) in Windows 10 versions 1703 and 1709 and Windows Server, version 1709 allows a Device Guard security feature bypass vulnerability due to the way objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability". | 5.3 |
| 2018-02-15 | CVE-2018-0810 | Improper Initialization vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Server 2012 The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka "Windows Kernel Information Disclosure Vulnerability". | 4.7 |
| 2018-02-15 | CVE-2018-0771 | Unspecified vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handles different-origin requests, aka "Microsoft Edge Security Feature Bypass". | 4.3 |
| 2018-02-15 | CVE-2018-0761 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008 The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". | 5.5 |
| 2018-02-15 | CVE-2018-0760 | Information Exposure vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Server 2012 The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1, Windows Server 2008 R2, and Windows Server 2012 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". | 5.5 |
| 2018-02-15 | CVE-2018-0757 | Unspecified vulnerability in Microsoft products The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Windows Kernel Information Disclosure Vulnerability". | 4.7 |
| 2018-02-15 | CVE-2018-0755 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008 The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". | 5.5 |
| 2018-01-10 | CVE-2018-0819 | Unspecified vulnerability in Microsoft Office 2016 Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for Mac displays encoded email addresses, aka "Spoofing Vulnerability in Microsoft Office for Mac." | 6.5 |
| 2018-01-10 | CVE-2018-0799 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016 Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and Microsoft SharePoint Enterprise Server 2016 allows a cross-site-scripting (XSS) vulnerability due to the way image field values are handled, aka "Microsoft Access Tampering Vulnerability". | 6.1 |