Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Total 17139 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-41057 1 Microsoft 9 Windows 10, Windows 11, Windows 7 and 6 more 2023-02-03 N/A 7.8 HIGH
Windows HTTP.sys Elevation of Privilege Vulnerability.
CVE-2020-9715 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2023-02-03 9.3 HIGH 7.8 HIGH
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2022-38775 2 Elastic, Microsoft 2 Endpoint Security, Windows 2023-02-03 N/A 7.8 HIGH
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
CVE-2022-38774 2 Elastic, Microsoft 3 Endgame, Endpoint Security, Windows 2023-02-03 N/A 7.8 HIGH
An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
CVE-2016-1014 5 Adobe, Apple, Google and 2 more 13 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 10 more 2023-02-03 6.9 MEDIUM 7.3 HIGH
Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory.
CVE-2018-3997 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-03 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2018-3940 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused. An attacker needs to trick the user to open the malicious file to trigger.
CVE-2018-3939 2 Foxitsoftware, Microsoft 3 Foxit Reader, Phantompdf, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2018-3941 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability.
CVE-2018-3942 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability.
CVE-2018-3944 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2018-3943 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2018-3945 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability.
CVE-2018-3946 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2018-3996 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2018-3994 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2018-3995 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2018-3993 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2018-3992 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2023-02-02 6.8 MEDIUM 8.8 HIGH
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
CVE-2016-4447 8 Apple, Canonical, Debian and 5 more 12 Iphone Os, Itunes, Mac Os X and 9 more 2023-02-02 5.0 MEDIUM 7.5 HIGH
CVE-2016-4447 libxml2: Heap-based buffer underreads due to xmlParseName