Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-43228 |
SymCrypt Denial of Service Vulnerability Published: December 15, 2021; 10:15:09 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2021-38505 |
Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account. *This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. Published: December 08, 2021; 5:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-26414 |
Windows DCOM Server Security Feature Bypass Published: June 08, 2021; 7:15:08 PM -0400 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-9633 |
Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. Published: June 12, 2020; 10:15:11 AM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2019-7090 |
Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Published: May 24, 2019; 3:29:02 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-0812 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0810, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. Published: April 09, 2019; 5:29:01 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2018-8588 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557. Published: November 13, 2018; 8:29:02 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2018-8564 |
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge. Published: November 13, 2018; 8:29:01 PM -0500 |
V4.0:(not available) V3.0: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-8557 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8588. Published: November 13, 2018; 8:29:01 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2018-8556 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8557, CVE-2018-8588. Published: November 13, 2018; 8:29:01 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2018-8555 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588. Published: November 13, 2018; 8:29:01 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2018-8551 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588. Published: November 13, 2018; 8:29:01 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2018-8543 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8542, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588. Published: November 13, 2018; 8:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2018-8542 |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8541, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588. Published: November 13, 2018; 8:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2018-12368 |
Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the warning, unsuspecting users unfamiliar with this new file type might run an unwanted executable. This also allows a WebExtension with the limited downloads.open permission to execute arbitrary code without user interaction on Windows 10 systems. *Note: this issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. Published: October 18, 2018; 9:29:03 AM -0400 |
V4.0:(not available) V3.0: 8.1 HIGH V2.0: 9.3 HIGH |
CVE-2018-8452 |
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. Published: September 12, 2018; 8:29:05 PM -0400 |
V4.0:(not available) V3.0: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-8315 |
An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. Published: September 12, 2018; 8:29:00 PM -0400 |
V4.0:(not available) V3.0: 4.2 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2018-8385 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8389, CVE-2018-8390. Published: August 15, 2018; 1:29:08 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2018-8355 |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390. Published: August 15, 2018; 1:29:05 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
CVE-2018-4944 |
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Published: May 19, 2018; 1:29:01 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |