Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-12 | CVE-2018-8650 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2016 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. | 5.4 |
| 2018-12-12 | CVE-2018-8652 | Cross-site Scripting vulnerability in Microsoft Windows Azure Pack Rollup 13.1 A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input, aka "Windows Azure Pack Cross Site Scripting Vulnerability." This affects Windows Azure Pack Rollup 13.1. | 5.4 |
| 2018-12-12 | CVE-2018-8651 | Cross-site Scripting vulnerability in Microsoft Dynamics NAV 2016/2017 A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV. | 5.4 |
| 2018-12-12 | CVE-2018-8649 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019 A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 10, Windows Server 2019. | 5.5 |
| 2018-12-12 | CVE-2018-8638 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019 An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 10, Windows Server 2019. | 5.5 |
| 2018-12-12 | CVE-2018-8637 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass, aka "Win32k Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. | 5.5 |
| 2018-12-12 | CVE-2018-8627 | Use of Uninitialized Resource vulnerability in Microsoft products An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. | 5.5 |
| 2018-12-12 | CVE-2018-8622 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2. | 5.5 |
| 2018-12-12 | CVE-2018-8621 | Unspecified vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Server 2012 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 7, Windows Server 2008 R2. | 5.5 |
| 2018-12-12 | CVE-2018-8612 | Improper Input Validation vulnerability in Microsoft products A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values, aka "Connected User Experiences and Telemetry Service Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. | 5.5 |