cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2017-8611,https://securityvulnerability.io/vulnerability/CVE-2017-8611,Spoofing Vulnerability in Microsoft Edge on Windows 10 and Windows Server,"A vulnerability in Microsoft Edge allows remote attackers to impersonate legitimate web content by crafting specific websites. This can lead to users being misled into providing sensitive information or interacting with malicious elements without their knowledge. The affected versions include Microsoft Edge on Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016. Users are advised to update their systems to mitigate the risks associated with this vulnerability.",Microsoft,"Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",6.5,MEDIUM,0.01769999973475933,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8463,https://securityvulnerability.io/vulnerability/CVE-2017-8463,Remote Code Execution Vulnerability in Microsoft Windows Products,"This vulnerability allows an attacker to execute arbitrary code on a vulnerable system due to improper handling of executable files and shares during rename operations. Exploiting this issue could enable an attacker to gain control over the affected system, leading to severe security breaches and data loss.",Microsoft,"Windows Server 2008 Sp2 And R2 Sp1, Windows 7 Sp1, Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, 1703, And Windows Server 2016",7.8,HIGH,0.717170000076294,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8467,https://securityvulnerability.io/vulnerability/CVE-2017-8467,Elevation of Privilege Vulnerability in Microsoft Windows Products,"An elevation of privilege vulnerability exists in the way Microsoft Windows handles objects in memory. This flaw can allow an attacker to execute arbitrary code with elevated permissions, potentially compromising the system's security. Systems affected include various versions of Windows from Windows 7 to Windows 10, as well as multiple Windows Server iterations. Proper mitigation through updates and patches is essential to protect against potential exploitation.",Microsoft,"Microsoft Windows 7 Sp1, Windows Server 2008 Sp2 And R2 Sp1, Windows 8.1 And Windows Rt 8.1, Windows Server 2012 And R2, Windows 10 Gold, 1511, 1607, 1703, And Windows Server 2016.",7,HIGH,0.010300000198185444,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8486,https://securityvulnerability.io/vulnerability/CVE-2017-8486,Information Disclosure Vulnerability in Microsoft Windows Products,"This vulnerability in Microsoft Windows allows attackers to access sensitive information due to improper handling of objects in memory. It affects multiple Windows versions, including Windows 7, 8.1, and Windows 10, posing risks for users by potentially exposing confidential data to unauthorized parties. The issue stems from flaws in the win32k.sys component, which can be exploited to retrieve information from the system's memory.",Microsoft,"Microsoft Windows 7 Sp1, Windows Server 2008 Sp2 And R2 Sp1, Windows 8.1 And Windows Rt 8.1, Windows Server 2012 And R2, Windows 10 Gold, 1511, 1607, 1703, And Windows Server 2016.",4.7,MEDIUM,0.014069999568164349,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8556,https://securityvulnerability.io/vulnerability/CVE-2017-8556,Elevation of Privilege Vulnerability in Microsoft Windows Graphics Component,"Microsoft Windows Graphics Component presents a vulnerability that enables an attacker to elevate privileges due to improper handling of objects in memory. This issue impacts multiple versions of Windows, including server and client systems, exposing them to potential exploitation by malicious parties. The vulnerability demonstrates how critical it is to ensure proper memory management to protect system integrity and user privacy.",Microsoft,"Windows Server 2008 Sp2 And R2 Sp1, Windows 7 Sp1, Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",7,HIGH,0.006219999864697456,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8557,https://securityvulnerability.io/vulnerability/CVE-2017-8557,Information Disclosure Vulnerability in Windows System Information Console by Microsoft,"The Windows System Information Console across several Microsoft Windows operating systems is vulnerable to information disclosure due to improper parsing of XML input containing references to external entities. This vulnerability allows unauthorized access to sensitive information, potentially enabling attackers to exploit this weakness. Proper validation and restrictions on XML inputs are critical to mitigating this risk.",Microsoft,"Windows Server 2008 Sp2 And R2 Sp1, Windows 7 Sp1, Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, 1703, And Windows Server 2016",5.5,MEDIUM,0.017419999465346336,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8580,https://securityvulnerability.io/vulnerability/CVE-2017-8580,Elevated Privileges Vulnerability in Microsoft Windows Products,"The vulnerability is found in the Win32k component of multiple Microsoft Windows operating systems, which fails to properly manage objects in memory. This flaw allows an attacker to elevate their privileges, potentially leading to unauthorized access and control over affected systems. The vulnerability affects various versions of Windows, including Windows 7 through Windows 10, and multiple Server editions, highlighting the importance of patching for security compliance.",Microsoft,"Microsoft Windows Server 2008 Sp2 And R2 Sp1, Windows 7 Sp1, Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",7,HIGH,0.010300000198185444,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8582,https://securityvulnerability.io/vulnerability/CVE-2017-8582,Information Disclosure Vulnerability in Microsoft Windows HTTP.sys,"The HTTP.sys component in various versions of Microsoft Windows has a vulnerability that could allow an attacker to access sensitive information. This occurs due to the improper handling of objects in memory, which may lead to data leaks. Affected versions include Windows Server 2008 SP2, Windows 7 SP1, and several others, making it crucial for users to apply the appropriate security updates to mitigate the risk of unauthorized data exposure.",Microsoft,"Microsoft Windows Server 2008 Sp2 And R2 Sp1, Windows 7 Sp1, Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",5.9,MEDIUM,0.011909999884665012,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8588,https://securityvulnerability.io/vulnerability/CVE-2017-8588,Remote Code Execution Vulnerability in Microsoft WordPad for Windows Platforms,A remote code execution vulnerability exists in Microsoft WordPad due to improper parsing of specially crafted files. An attacker who successfully exploits this vulnerability could execute arbitrary code on the affected system. Users should be cautious when opening files from untrusted sources and ensure that their systems are updated with the latest security patches to mitigate risks associated with this vulnerability.,Microsoft,"Windows Server 2008 Sp2 And R2 Sp1, Windows 7 Sp1, Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, 1703, And Windows Server 2016",7,HIGH,0.7110900282859802,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8590,https://securityvulnerability.io/vulnerability/CVE-2017-8590,Elevation of Privilege Vulnerability in Microsoft Windows Products,"Microsoft Windows products, including various versions of Windows 7, 8.1, 10, and Server editions, contain a vulnerability that allows an attacker to elevate privileges. This issue arises from the handling of objects in memory by the Windows Common Log File System (CLFS) driver, potentially allowing unauthorized access to sensitive system resources. Proper mitigation measures are essential to prevent exploitation of this security flaw.",Microsoft,"Microsoft Windows 7 Sp1, Windows Server 2008 Sp2 And R2 Sp1, Windows 8.1 And Windows Rt 8.1, Windows Server 2012 And R2, Windows 10 Gold, 1511, 1607, 1703, And Windows Server 2016.",8.8,HIGH,0.004889999981969595,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8595,https://securityvulnerability.io/vulnerability/CVE-2017-8595,Memory Corruption Vulnerability in Microsoft Edge on Windows 10 and Server 2016,"Microsoft Edge in Windows 10 and Windows Server 2016 has a security flaw where the JavaScript engine improperly handles memory objects. This can lead to execution of arbitrary code within the context of the current user. Attackers may exploit this vulnerability to execute harmful scripts on affected systems, impacting user security and data integrity.",Microsoft,"Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",7.5,HIGH,0.0906200036406517,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8598,https://securityvulnerability.io/vulnerability/CVE-2017-8598,Scripting Engine Memory Corruption Vulnerability in Microsoft Edge,"The vulnerability exists in the JavaScript engine of Microsoft Edge where improper memory handling can lead to arbitrary code execution. When the engine fails to render objects in memory correctly, it creates an opportunity for attackers to exploit the issue, potentially executing malicious code under the context of the current user. This vulnerability affects multiple versions of Microsoft Edge across Windows 10 and Windows Server 2016, posing significant security risks.",Microsoft,"Microsoft Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",7.5,HIGH,0.0906200036406517,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8599,https://securityvulnerability.io/vulnerability/CVE-2017-8599,Microsoft Edge Security Feature Bypass in Windows 10 and Windows Server,"A vulnerability in Microsoft Edge allows an attacker to exploit a failure in the Content Security Policy (CSP) validation process. This weakness enables malicious actors to trick users into loading harmful web pages by delivering specially crafted documents. The issue affects various versions of Windows 10, including Gold, 1511, 1607, and 1703, as well as Windows Server 2016, posing a risk to system integrity and user trust.",Microsoft,"Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",6.5,MEDIUM,0.00791999977082014,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8601,https://securityvulnerability.io/vulnerability/CVE-2017-8601,Scripting Engine Memory Corruption in Microsoft Edge on Windows 10 and Server 2016,"In Microsoft Edge, a memory corruption issue exists in how the JavaScript engine handles certain objects. A successful exploitation of this vulnerability allows an attacker to execute arbitrary code in the context of the currently logged-in user, potentially leading to system compromise. This vulnerability highlights the importance of keeping software updated to mitigate risks associated with memory corruption within web applications.",Microsoft,"Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",7.5,HIGH,0.8266699910163879,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8602,https://securityvulnerability.io/vulnerability/CVE-2017-8602,Spoofing Vulnerability in Microsoft Browsers on Windows Platforms,"A spoofing vulnerability exists in Microsoft browsers, which arises from the improper parsing of HTTP content. An attacker exploiting this vulnerability could potentially deceive users by altering the presentation of web content, misleading them regarding the legitimacy of a site. This impact can result in unauthorized actions being taken on behalf of the users, making it crucial for organizations to ensure that they are using patched versions of affected Windows systems.",Microsoft,"Windows 7 Sp1, Windows Server 2008 R2 Sp1, Windows 8.1 And Windows Rt 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",6.5,MEDIUM,0.019990000873804092,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8495,https://securityvulnerability.io/vulnerability/CVE-2017-8495,Kerberos SNAME Security Feature Bypass in Microsoft Windows Products,"This vulnerability in Microsoft Windows products allows attackers to bypass Extended Protection for Authentication during Kerberos ticket exchanges. It particularly affects the handling of the SNAME field, potentially enabling unauthorized access and manipulation of authentication processes across various Windows operating systems. Mitigation should be prioritized to safeguard against exploitation.",Microsoft,"Microsoft Windows 7 Sp1, Windows Server 2008 Sp2 And R2 Sp1, Windows 8.1 And Windows Rt 8.1, Windows Server 2012 And R2, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016.",7.5,HIGH,0.0027699999045580626,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8565,https://securityvulnerability.io/vulnerability/CVE-2017-8565,Remote Code Execution Vulnerability in Windows PowerShell by Microsoft,"In Windows PowerShell, a vulnerability exists that permits remote code execution when a PSObject wraps a CIM Instance. This issue affects several versions of Microsoft Windows and can allow an attacker to execute arbitrary code remotely, potentially compromising the affected systems. Proper patches and mitigation measures are essential to protect systems from exploitation.",Microsoft,"Windows Server 2008 Sp2 And R2 Sp1, Windows 7 Sp1, Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, 1703, And Windows Server 2016",8.1,HIGH,0.5659700036048889,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8607,https://securityvulnerability.io/vulnerability/CVE-2017-8607,Scripting Engine Memory Corruption in Microsoft Browsers on Windows Platforms,"This vulnerability allows an attacker to execute arbitrary code in the context of the current user due to a failure in the JavaScript engines of Microsoft browsers when handling objects in memory. The flaw impacts various versions of Windows, presenting significant security risks as it can be exploited to gain unauthorized access and control over affected systems.",Microsoft,"Windows 7, Windows Server 2008 And R2, Windows 8.1 And Windows Rt 8.1, Windows Server 2012 And R2, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",7.5,HIGH,0.4784199893474579,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8561,https://securityvulnerability.io/vulnerability/CVE-2017-8561,Elevation of Privilege Vulnerability in Microsoft Windows Kernel,"The vulnerability in the Windows kernel allows attackers to elevate their privileges by leveraging the improper handling of objects in memory. This flaw affects multiple versions of Microsoft Windows, including specific editions of Windows 10 and Windows Server. Attackers exploiting this vulnerability could gain unauthorized access to system resources and execute arbitrary code with higher privileges. To mitigate risk, it is crucial for users to apply the latest security patches provided by Microsoft and follow best practices for system security.",Microsoft,"Windows Kernel In Microsoft Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",7,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8581,https://securityvulnerability.io/vulnerability/CVE-2017-8581,Elevation of Privilege Vulnerability in Microsoft Windows Products,"The vulnerability in Microsoft Windows products arises from an improper handling of objects in memory within the Win32k component. This allows an attacker to elevate their privileges on affected systems, potentially granting them unauthorized access to sensitive system resources and user data. Exploitation of this vulnerability may lead to significant security threats, enabling malicious actors to execute arbitrary code or gain additional privileges, thereby compromising the overall security of the affected environments.",Microsoft,"Microsoft Windows Server 2008 Sp2 And R2 Sp1, Windows 7 Sp1, Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",7,HIGH,0.006219999864697456,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8589,https://securityvulnerability.io/vulnerability/CVE-2017-8589,Remote Code Execution Vulnerability in Microsoft Windows Products,"A vulnerability exists within Microsoft's Windows Search feature that can allow an attacker to execute arbitrary code on a target system. The flaw arises from improper handling of objects in memory, which could be exploited by sending specially crafted requests. If successful, an attacker could gain the same user rights as the logged-on user, potentially leading to unauthorized access and system control. Affected users are encouraged to apply the recommended security updates to mitigate the risks associated with this vulnerability.",Microsoft,"Microsoft Windows 7 Sp1, Windows Server 2008 Sp2 And R2 Sp1, Windows 8.1 And Windows Rt 8.1, Windows Server 2012 And R2, Windows 10 Gold, 1511, 1607, 1703, And Windows Server 2016.",9.8,CRITICAL,0.6297399997711182,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8592,https://securityvulnerability.io/vulnerability/CVE-2017-8592,Security Feature Bypass in Microsoft Browsers on Multiple Windows Versions,"This vulnerability affects multiple Microsoft browser versions on various Windows operating systems, allowing attackers to bypass security features due to improper handling of redirect requests. This could potentially enable unauthorized actions or data exposure, compromising the integrity of web interactions. Users of affected Windows versions are advised to apply security updates and implement best practices to mitigate potential risks.",Microsoft,"Windows 7 Sp1, Windows Server 2008 R2 Sp1, Windows 8.1, Windows Rt 8.1, And Windows Server 2012 And R2, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",6.5,MEDIUM,0.006810000166296959,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8563,https://securityvulnerability.io/vulnerability/CVE-2017-8563,Elevation of Privilege Vulnerability in Microsoft Windows Products,"Microsoft Windows products exhibit an elevation of privilege vulnerability stemming from a fallback to the NT LAN Manager (NTLM) Authentication Protocol via Kerberos. This situation can potentially allow an attacker to gain elevated access privileges within the affected systems, compromising the integrity and confidentiality of the environment. It is crucial for organizations using affected Windows versions to apply the necessary patches and updates to mitigate this risk.",Microsoft,"Microsoft Windows 7 Sp1, Windows Server 2008 Sp2 And R2 Sp1, Windows 8.1 And Windows Rt 8.1, Windows Server 2012 And R2, Windows 10 Gold, 1511, 1607, 1703, And Windows Server 2016.",8.1,HIGH,0.0021299999207258224,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8564,https://securityvulnerability.io/vulnerability/CVE-2017-8564,Windows Kernel Information Disclosure Vulnerability in Microsoft Products,"The Windows kernel of various Microsoft operating systems is susceptible to an information disclosure vulnerability. This issue arises from improper initialization of a memory address, which could potentially allow unauthorized access to sensitive data. Such vulnerabilities can expose critical system information, increasing the risk for exploitation if left unpatched. Administrators are encouraged to review the security advisory by Microsoft and apply recommended updates to safeguard their systems and mitigate this vulnerability.",Microsoft,"Microsoft Windows Server 2008 Sp2 And R2 Sp1, Windows 7 Sp1, Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",5.5,MEDIUM,0.5089899897575378,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0
CVE-2017-8573,https://securityvulnerability.io/vulnerability/CVE-2017-8573,Elevation of Privilege Vulnerability in Microsoft Windows Graphics Components,"This vulnerability exists due to improper handling of objects in memory within the Microsoft Graphics Component of various Windows Operating Systems. Successful exploitation could allow an attacker to elevate privileges, potentially leading to unauthorized access and manipulation of system operations. It affects multiple versions of Windows, making systems vulnerable if not patched promptly.",Microsoft,"Microsoft Windows Server 2008 Sp2 And R2 Sp1, Windows 7 Sp1, Windows 8.1, Windows Server 2012 Gold And R2, Windows Rt 8.1, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016",7,HIGH,0.006219999864697456,false,,false,false,false,,,false,false,,2017-07-11T00:00:00.000Z,0