Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-11 CVE-2018-8238 Unspecified vulnerability in Microsoft Lync and Skype for Business
A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync.
local
low complexity
microsoft
7.8
2018-07-11 CVE-2018-8232 Improper Input Validation vulnerability in Microsoft Visual Studio 2017 15.7.5/15.8
A Tampering vulnerability exists when Microsoft Macro Assembler improperly validates code, aka "Microsoft Macro Assembler Tampering Vulnerability." This affects Microsoft Visual Studio.
local
low complexity
microsoft CWE-20
7.8
2018-07-11 CVE-2018-8206 Unspecified vulnerability in Microsoft products
A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol (FTP) connections, aka "Windows FTP Server Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
network
low complexity
microsoft
7.5
2018-07-11 CVE-2018-8202 Unspecified vulnerability in Microsoft .Net Framework
An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
local
low complexity
microsoft
7.8
2018-07-11 CVE-2018-8172 Unspecified vulnerability in Microsoft Expression Blend, Visual Studio and Visual Studio 2017
A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4.
local
low complexity
microsoft
7.8
2018-07-11 CVE-2018-8171 Improper Authentication vulnerability in Microsoft products
A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2.
network
low complexity
microsoft CWE-287
7.5
2018-07-11 CVE-2018-8125 Out-of-bounds Write vulnerability in Microsoft Edge
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.
network
high complexity
microsoft CWE-787
7.5
2018-07-10 CVE-2018-3688 Unquoted Search Path or Element vulnerability in Intel Quartus Prime Programmer and Tools 15.1/18.0
Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.
local
low complexity
intel CWE-428
7.8
2018-07-10 CVE-2018-3687 Unquoted Search Path or Element vulnerability in Intel Quartus II Programmer and Tools 11.0/15.0
Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code.
local
low complexity
intel CWE-428
7.8
2018-07-10 CVE-2018-3684 Unquoted Search Path or Element vulnerability in Intel Quartus II 11.0/15.0
Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code.
local
low complexity
intel CWE-428
7.8