Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-13 | CVE-2018-8434 | Improper Input Validation vulnerability in Microsoft products An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 5.4 |
| 2018-09-13 | CVE-2018-8433 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 4.7 |
| 2018-09-13 | CVE-2018-8431 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. | 5.4 |
| 2018-09-13 | CVE-2018-8429 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. | 5.5 |
| 2018-09-13 | CVE-2018-8428 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. | 5.4 |
| 2018-09-13 | CVE-2018-8426 | Cross-site Scripting vulnerability in Microsoft products A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. | 5.4 |
| 2018-09-13 | CVE-2018-8425 | Authentication Bypass by Spoofing vulnerability in Microsoft Edge A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. | 4.3 |
| 2018-09-13 | CVE-2018-8424 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 6.5 |
| 2018-09-13 | CVE-2018-8422 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2008 R2. | 6.5 |
| 2018-09-13 | CVE-2018-8419 | Improper Initialization vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 5.5 |