Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-14 CVE-2018-8208 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
local
high complexity
microsoft
7.0
2018-06-14 CVE-2018-8169 Improper Resource Shutdown or Release vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
high complexity
microsoft CWE-404
7.0
2018-06-14 CVE-2018-8111 Out-of-bounds Write vulnerability in Microsoft Edge
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.
network
high complexity
microsoft CWE-787
7.5
2018-06-14 CVE-2018-8110 Out-of-bounds Write vulnerability in Microsoft Edge
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.
network
high complexity
microsoft CWE-787
7.5
2018-06-14 CVE-2018-1036 Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft products
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
high complexity
microsoft CWE-732
7.0
2018-06-14 CVE-2018-0982 Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft Windows 10 and Windows Server 2016
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
local
high complexity
microsoft CWE-732
7.0
2018-06-14 CVE-2018-0978 Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.
network
high complexity
microsoft CWE-787
7.5
2018-06-13 CVE-2018-12354 Cross-Site Request Forgery (CSRF) vulnerability in Knowage-Suite Knowage 6.1.1
Knowage (formerly SpagoBI) 6.1.1 allows CSRF via every form, as demonstrated by a /knowage/restful-services/2.0/analyticalDrivers/ POST request.
network
low complexity
knowage-suite CWE-352
8.8
2018-06-13 CVE-2018-12019 Improper Verification of Cryptographic Signature vulnerability in Enigmail
The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.
network
low complexity
enigmail CWE-347
7.5
2018-06-13 CVE-2018-10408 Improper Certificate Validation vulnerability in Virustotal
An issue was discovered in VirusTotal.
local
low complexity
virustotal CWE-295
7.8