CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 0CVE-2018-8470
https://notcve.org/view.php?id=CVE-2018-8470
A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11. Existe una vulnerabilidad de omisión de la característica de seguridad en Internet Explorer debido a la forma en la que se gestionan los scripts que permite una condición de Cross-Site Scripting Universal (UXSS). Esto también se conoce como "Internet Explorer Security Feature Bypass Vulnerability". Esto afecta a Internet Explorer 11. • http://www.securityfocus.com/bid/105267 http://www.securitytracker.com/id/1041632 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8470 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 94%CPEs: 22EXPL: 1CVE-2018-0986 – Microsoft Windows Defender - 'mpengine.dll' Memory Corruption
https://notcve.org/view.php?id=CVE-2018-0986
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection. Existe una vulnerabilidad de ejecución remota de código cuando Microsoft Malware Protection Engine no escanea correctamente un archivo especialmente manipulado. Esto desemboca en una corrupción de memoria, también conocida como "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". Esto afecta a Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center y Microsoft Forefront Endpoint Protection. • https://www.exploit-db.com/exploits/44402 http://www.securityfocus.com/bid/103593 http://www.securitytracker.com/id/1040631 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986 • CWE-787: Out-of-bounds Write •