Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-07-13 | CVE-2016-3279 | 7PK - Security Features vulnerability in Microsoft products Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted XLA file, aka "Microsoft Office Remote Code Execution Vulnerability." | 5.5 |
2016-07-13 | CVE-2016-3277 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 5.3 |
2016-07-13 | CVE-2016-3273 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | 5.3 |
2016-07-13 | CVE-2016-3271 | Information Exposure vulnerability in Microsoft Edge The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." | 6.5 |
2016-07-13 | CVE-2016-3261 | Information Exposure vulnerability in Microsoft Internet Explorer 11 Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." | 5.3 |
2016-07-13 | CVE-2016-3258 | Race Condition vulnerability in Microsoft products Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanism and write to files by leveraging unspecified object-manager features, aka "Windows File System Security Feature Bypass." | 4.7 |
2016-07-13 | CVE-2016-3256 | Information Exposure vulnerability in Microsoft Windows 10 1511 Microsoft Windows 10 Gold and 1511 allows local users to bypass the Secure Kernel Mode protection mechanism and obtain sensitive information via a crafted application, aka "Windows Secure Kernel Mode Information Disclosure Vulnerability." | 5.0 |
2016-07-13 | CVE-2016-3245 | Improper Access Control vulnerability in Microsoft Internet Explorer 10/11/9 Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass Vulnerability." | 6.5 |
2016-07-13 | CVE-2016-3244 | Improper Access Control vulnerability in Microsoft Edge Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass." | 4.3 |
2016-07-12 | CVE-2016-5850 | Cross-site Scripting vulnerability in Huawei Public Cloud Solution 1.0.0 Cross-site scripting (XSS) vulnerability in the volume backup service module in Huawei Public Cloud Solution before 1.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |