Skip to main content
CVE-2017-8464 HIGH POC KEV PATCH THREAT Act Now

Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Microsoft RCE
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
93.9%
Threat
7.6
CVE-2017-8543 CRITICAL KEV PATCH THREAT Act Now

Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 83.8%.

Microsoft RCE
NVD
CVSS 3.1
9.8
EPSS
83.8%
Threat
6.0
CVE-2017-8548 HIGH POC PATCH THREAT Act Now

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 75.0%.

Buffer Overflow Microsoft Edge
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
75.0%
Threat
5.2
CVE-2017-8487 HIGH POC PATCH THREAT Act Now

Windows OLE in Windows XP and Windows Server 2003 allows an attacker to execute code when a victim opens a specially crafted file or program aka "Windows olecnv32.dll Remote Code Execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 69.3%.

RCE Microsoft Windows Server 2003 Windows Xp
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
69.3%
Threat
5.1
CVE-2017-0283 HIGH POC PATCH THREAT Act Now

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 56.0%.

RCE Microsoft Lync Office Office Word Viewer +8
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
56.0%
Threat
4.9
CVE-2017-8496 HIGH POC PATCH THREAT Act Now

Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 55.9%.

Buffer Overflow RCE Microsoft Edge
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
55.9%
Threat
4.7
CVE-2017-9675 HIGH POC THREAT Act Now

On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 30.9%.

D-Link Information Disclosure Dir 605l Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
30.9%
CVE-2017-8461 HIGH POC PATCH Act Now

Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

RCE Microsoft Windows Server 2003 Windows Xp
NVD
CVSS 3.1
7.8
EPSS
8.4%
CVE-2017-8510 HIGH PATCH Act Now

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 36.4%.

RCE Microsoft Excel Office Word
NVD
CVSS 3.0
8.8
EPSS
36.4%
CVE-2017-7876 CRITICAL POC Act Now

This command injection vulnerability in QTS allows attackers to run arbitrary commands in the compromised application. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Qnap Command Injection Qts
NVD
CVSS 3.1
10.0
EPSS
6.7%
CVE-2017-8513 HIGH PATCH Act Now

A remote code execution vulnerability exists in Microsoft PowerPoint when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 36.5%.

Buffer Overflow RCE Microsoft Powerpoint Sharepoint Server
NVD
CVSS 3.0
7.8
EPSS
36.5%
CVE-2017-8506 HIGH PATCH Act Now

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 33.9%.

RCE Microsoft Outlook
NVD
CVSS 3.0
7.8
EPSS
33.9%
CVE-2017-8527 HIGH PATCH Act Now

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 28.8%.

Buffer Overflow RCE Microsoft Lync Office +9
NVD
CVSS 3.0
8.8
EPSS
28.8%
CVE-2017-0215 MEDIUM PATCH This Month

Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Epss exploitation probability 45.0%.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.0
5.3
EPSS
45.0%
CVE-2017-8528 HIGH PATCH Act Now

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 26.8%.

Buffer Overflow RCE Microsoft Office Windows 7 +4
NVD
CVSS 3.0
8.8
EPSS
26.8%
CVE-2017-0294 HIGH PATCH Act Now

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 28.7%.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
28.7%
CVE-2017-0291 HIGH PATCH Act Now

Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 28.7%.

RCE Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
7.8
EPSS
28.7%
CVE-2017-0292 HIGH PATCH Act Now

Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 28.4%.

RCE Microsoft Word Windows 10 Windows 8 1 +3
NVD
CVSS 3.0
7.8
EPSS
28.4%
CVE-2017-0260 HIGH PATCH Act Now

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 28.4%.

RCE Microsoft Office Windows 7 Windows Server 2008
NVD
CVSS 3.0
7.8
EPSS
28.4%
CVE-2017-9673 HIGH POC This Week

In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account (via the index.php/user/new URI) or change its settings (via the index.php/user/1 URI), including its password. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Simplece
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-8507 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way Microsoft Office software parses specially crafted email messages, aka "Microsoft Office Memory Corruption Vulnerability". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 22.8%.

Buffer Overflow RCE Microsoft Outlook
NVD
CVSS 3.0
7.8
EPSS
22.8%
CVE-2017-8480 MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 15.7%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
15.7%
CVE-2017-8476 MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 15.7%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
15.7%
CVE-2017-8472 MEDIUM POC PATCH THREAT This Month

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 15.7%.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Server 2012
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
15.7%
CVE-2017-8470 MEDIUM POC PATCH THREAT This Month

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 15.7%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
15.7%
CVE-2017-8492 MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
14.8%
CVE-2017-8488 MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Microsoft Information Disclosure Windows 7 Windows 8 1 Windows Rt 8 1 +2
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
14.8%
CVE-2017-8484 MEDIUM POC PATCH THREAT This Month

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
14.8%
CVE-2017-8482 MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
14.8%
CVE-2017-8478 MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
14.8%
CVE-2017-8462 MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
14.8%
CVE-2017-0282 MEDIUM POC PATCH THREAT This Month

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.0%.

Microsoft Information Disclosure Office Windows 10 Windows 7 +5
NVD Exploit-DB
CVSS 3.1
5.0
EPSS
13.0%
CVE-2017-8529 MEDIUM PATCH This Month

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to detect specific files on the user's. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 25.2%.

Buffer Overflow Microsoft Information Disclosure Internet Explorer Edge
NVD
CVSS 3.1
6.5
EPSS
25.2%
CVE-2017-8533 MEDIUM PATCH This Month

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 24.5%.

Microsoft Information Disclosure Office Windows 10 Windows 7 +5
NVD
CVSS 3.0
6.5
EPSS
24.5%
CVE-2017-8550 MEDIUM POC PATCH This Month

A remote code execution vulnerability exists in Skype for Business when the software fails to sanitize specially crafted content, aka "Skype for Business Remote Code Execution Vulnerability". Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

XSS RCE Office
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
9.6%
CVE-2017-0285 MEDIUM POC PATCH THREAT This Month

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 11.4%.

Microsoft Information Disclosure Office Office Word Viewer Windows 10 +6
NVD Exploit-DB
CVSS 3.1
5.0
EPSS
11.4%
CVE-2017-0284 MEDIUM POC PATCH THREAT This Month

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 11.4%.

Microsoft Information Disclosure Office Windows 10 Windows 7 +5
NVD Exploit-DB
CVSS 3.1
5.0
EPSS
11.4%
CVE-2017-0288 MEDIUM POC PATCH THREAT This Month

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.6%.

Microsoft Information Disclosure Office Windows 10 Windows 7 +5
NVD Exploit-DB
CVSS 3.1
5.0
EPSS
10.6%
CVE-2017-0286 MEDIUM POC PATCH THREAT This Month

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.6%.

Microsoft Information Disclosure Office Windows 7 Windows Server 2008
NVD Exploit-DB
CVSS 3.1
5.0
EPSS
10.6%
CVE-2017-8469 MEDIUM POC PATCH This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows 8 1 Windows Rt 8 1 +2
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
7.9%
CVE-2017-8532 MEDIUM PATCH This Month

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 21.6%.

Microsoft Information Disclosure Office Windows 10 Windows 7 +5
NVD
CVSS 3.0
6.5
EPSS
21.6%
CVE-2017-0287 MEDIUM POC PATCH This Month

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Office Windows 10 Windows 7 +5
NVD Exploit-DB
CVSS 3.1
5.0
EPSS
8.9%
CVE-2017-8490 MEDIUM POC PATCH This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
8.8%
CVE-2017-0300 MEDIUM POC PATCH This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +3
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
8.8%
CVE-2017-8520 HIGH PATCH Act Now

Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.2%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.2%
CVE-2017-8499 HIGH PATCH Act Now

Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.2%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.2%
CVE-2017-8497 HIGH PATCH Act Now

Microsoft Edge in Windows 10 1607 and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user when Microsoft Edge improperly accesses objects in memory,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.2%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.2%
CVE-2017-8481 MEDIUM POC PATCH This Month

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
8.5%
CVE-2017-8549 HIGH PATCH Act Now

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.9%.

Buffer Overflow Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
15.9%
CVE-2017-8521 HIGH PATCH Act Now

Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user when the Edge JavaScript scripting engine fails to handle objects in memory, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.9%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
15.9%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy