CVSS: 9.3EPSS: 7%CPEs: 15EXPL: 0CVE-2018-8628 – Microsoft Office PowerPoint PPT File Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8628
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft PowerPoint cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como "Microsoft PowerPoint Remote Code Execution Vulnerability". Esto afecta a Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server y Microsoft SharePoint Server. • http://www.securityfocus.com/bid/106104 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628 •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8572
https://notcve.org/view.php?id=CVE-2018-8572
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8568. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability." • http://www.securityfocus.com/bid/105831 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8572 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-8568
https://notcve.org/view.php?id=CVE-2018-8568
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8572. Existe una vulnerabilidad de elevación de privilegios de elevación de privilegios cuando Microsoft SharePoint Server no sanea correctamente una petición web especialmente manipulada enviada a un servidor SharePoint afectado. Esto también se conoce como "Microsoft SharePoint Elevation of Privilege Vulnerability." • http://www.securityfocus.com/bid/105829 http://www.securitytracker.com/id/1042136 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8568 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 15%CPEs: 12EXPL: 0CVE-2018-8504
https://notcve.org/view.php?id=CVE-2018-8504
A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Word cuando no gestiona correctamente objetos en vista protegida. Esto también se conoce como "Microsoft Word Remote Code Execution Vulnerability". Esto afecta a Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office y Microsoft Word. • http://www.securityfocus.com/bid/105499 http://www.securitytracker.com/id/1041840 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8504 •