CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8608
https://notcve.org/view.php?id=CVE-2018-8608
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft Dynamics 365. This CVE ID is unique from CVE-2018-8605, CVE-2018-8606, CVE-2018-8607. Existe una vulnerabilidad Cross-Site Scripting (XSS) cuando Microsoft Dynamics 365 (on-premises), versión 8, no sanea correctamente una petición web especialmente manipulada a un servidor Dynamics afectado. Esto también se conoce como "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability". • http://www.securityfocus.com/bid/105892 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8608 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 4%CPEs: 1EXPL: 0CVE-2018-8609
https://notcve.org/view.php?id=CVE-2018-8609
A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability." This affects Microsoft Dynamics 365. Existe una vulnerabilidad de ejecución remota de código en Microsoft Dynamics 365 (on-premises), versión 8, cuando el servidor no sanea correctamente peticiones web a un servidor Dynamics afectado. Esto también se conoce como "Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability". Esto afecta a Microsoft Dynamics 365. • http://www.securityfocus.com/bid/105894 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8609 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-8427
https://notcve.org/view.php?id=CVE-2018-8427
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer. Existe una vulnerabilidad de divulgación de información cuando el componente Windows Graphics de Microsoft gestiona los objetos en la memoria. Esto también se conoce como "Microsoft Graphics Components Information Disclosure Vulnerability". Esto afecta a Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer y Microsoft Excel Viewer. • http://www.securityfocus.com/bid/105453 http://www.securitytracker.com/id/1041823 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 15%CPEs: 12EXPL: 0CVE-2018-8504
https://notcve.org/view.php?id=CVE-2018-8504
A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Word cuando no gestiona correctamente objetos en vista protegida. Esto también se conoce como "Microsoft Word Remote Code Execution Vulnerability". Esto afecta a Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office y Microsoft Word. • http://www.securityfocus.com/bid/105499 http://www.securitytracker.com/id/1041840 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8504 •
CVSS: 9.3EPSS: 19%CPEs: 10EXPL: 0CVE-2018-8502
https://notcve.org/view.php?id=CVE-2018-8502
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Excel cuando no gestiona correctamente objetos en vista protegida. Esto también se conoce como "Microsoft Excel Remote Code Execution Vulnerability". Esto afecta a Office 365 ProPlus, Microsoft Office y Microsoft Excel. • http://www.securityfocus.com/bid/105498 http://www.securitytracker.com/id/1041839 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8502 •