Total CVEs

63

Critical

18

Important

38

Exploited

2

Publicly Disclosed

2

All CVEs this month 63

CVE Title Severity CVSS Product Exploited Disclosed Diffed
CVE-2018-8204 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability Important 5.3 Device Guard - - -
CVE-2018-8253 Microsoft Cortana Elevation of Privilege Vulnerability Important 4 Windows Shell - - -
CVE-2018-8266 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - - -
CVE-2018-8316 Internet Explorer Remote Code Execution Vulnerability Important 7.5 Internet Explorer - - -
ADV180018 Microsoft Guidance to mitigate L1TF variant Important 7.1 Microsoft Windows - - -
CVE-2018-8358 Microsoft Edge Security Feature Bypass Vulnerability Important 4.7 Microsoft Edge - - -
CVE-2018-8360 .NET Framework Information Disclosure Vulnerability Important - .NET Framework - - -
CVE-2018-8370 Microsoft Edge Information Disclosure Vulnerability Important 3.1 Microsoft Edge - - -
CVE-2018-8371 Scripting Engine Memory Corruption Vulnerability Moderate 7.5 Microsoft Scripting Engine - - -
CVE-2018-8372 Scripting Engine Memory Corruption Vulnerability Critical 7.5 Microsoft Scripting Engine - - -
CVE-2018-8373 Scripting Engine Memory Corruption Vulnerability Moderate 7.5 Microsoft Scripting Engine Yes Yes -
CVE-2018-8375 Microsoft Excel Remote Code Execution Vulnerability Important - Microsoft Office - - -
CVE-2018-8376 Microsoft PowerPoint Remote Code Execution Vulnerability Important - Microsoft Office - - -
CVE-2018-8377 Microsoft Edge Memory Corruption Vulnerability Critical 4.2 Microsoft Edge - - -
CVE-2018-8380 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - - -
CVE-2018-8381 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - - -
CVE-2018-8383 Microsoft Edge Spoofing Vulnerability Important 4.3 Microsoft Edge - - -
CVE-2018-8384 Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - - -
CVE-2018-8385 Scripting Engine Memory Corruption Vulnerability Critical 7.5 Microsoft Scripting Engine - - -
CVE-2018-8388 Microsoft Edge Spoofing Vulnerability Low 5.4 Microsoft Edge - - -
CVE-2018-8389 Scripting Engine Memory Corruption Vulnerability Important 7.5 Microsoft Scripting Engine - - -
CVE-2018-8390 Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - - -
CVE-2018-8394 Windows GDI Information Disclosure Vulnerability Important 4.7 Microsoft Graphics Component - - -
CVE-2018-8396 Windows GDI Information Disclosure Vulnerability Important 4.7 Microsoft Graphics Component - - -
CVE-2018-8397 GDI+ Remote Code Execution Vulnerability Critical 8.8 Microsoft Graphics Component - - -
CVE-2018-8398 Windows GDI Information Disclosure Vulnerability Important 4.7 Microsoft Graphics Component - - -
CVE-2018-8399 Win32k Elevation of Privilege Vulnerability Important 7 Windows Kernel - - -
CVE-2018-8400 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important 7 Microsoft Graphics Component - - -
CVE-2018-8401 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important 7 Microsoft Graphics Component - - -
CVE-2018-8403 Microsoft Browser Memory Corruption Vulnerability Moderate 4.2 Microsoft Browsers - - -
CVE-2018-8404 Win32k Elevation of Privilege Vulnerability Important 7 Windows Kernel - - -
CVE-2018-8405 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important 7 Microsoft Graphics Component - - -
CVE-2018-8406 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important 7 Microsoft Graphics Component - - -
ADV180020 August 2018 Adobe Flash Security Update Critical - Adobe Flash Player - - -
ADV180021 Microsoft Office Defense in Depth Update Unknown - Microsoft Office - - -
CVE-2018-0952 Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability Important 6.7 Windows Diagnostic Hub - - -
CVE-2018-8200 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability Important 5.3 Device Guard - - -
CVE-2018-8273 Microsoft SQL Server Remote Code Execution Vulnerability Critical - SQL Server - - -
CVE-2018-8302 Microsoft Exchange Memory Corruption Vulnerability Critical - Microsoft Exchange Server - - -
CVE-2018-8339 Windows Installer Elevation of Privilege Vulnerability Important 7.4 Windows Installer - - -
CVE-2018-8340 ADFS Security Feature Bypass Vulnerability Important 6.5 Windows Authentication Methods - - -
CVE-2018-8341 Windows Kernel Information Disclosure Vulnerability Important 4.7 Windows Kernel - - -
CVE-2018-8342 Windows NDIS Elevation of Privilege Vulnerability Important 7 Windows RNDIS - - -
CVE-2018-8343 Windows NDIS Elevation of Privilege Vulnerability Important 7 Windows NDIS - - -
CVE-2018-8344 Microsoft Graphics Remote Code Execution Vulnerability Critical 7.8 Microsoft Graphics Component - - -
CVE-2018-8345 LNK Remote Code Execution Vulnerability Critical 7.5 Microsoft Windows - - -
CVE-2018-8346 LNK Remote Code Execution Vulnerability Important 7.5 Microsoft Windows - - -
CVE-2018-8347 Windows Kernel Elevation of Privilege Vulnerability Important 7 Windows Kernel - - -
CVE-2018-8348 Windows Kernel Information Disclosure Vulnerability Important 4.7 Windows Kernel - - -
CVE-2018-8349 Microsoft COM for Windows Remote Code Execution Vulnerability Important 7 Windows COM - - -
CVE-2018-8350 Windows PDF Remote Code Execution Vulnerability Critical 4.2 Microsoft Windows PDF - - -
CVE-2018-8351 Microsoft Browser Information Disclosure Vulnerability Important 4.3 Microsoft Browsers - - -
CVE-2018-8353 Scripting Engine Memory Corruption Vulnerability Low 7.5 Microsoft Scripting Engine - - -
CVE-2018-8355 Scripting Engine Memory Corruption Vulnerability Critical 4.2 Microsoft Scripting Engine - - -
CVE-2018-8357 Microsoft Browser Elevation of Privilege Vulnerability Important 7.5 Microsoft Browsers - - -
CVE-2018-8359 Scripting Engine Memory Corruption Vulnerability Critical 5.3 Microsoft Scripting Engine - - -
CVE-2018-8374 Microsoft Exchange Server Tampering Vulnerability Moderate - Microsoft Exchange Server - - -
CVE-2018-8378 Microsoft Office Information Disclosure Vulnerability Important - Microsoft Office - - -
CVE-2018-8379 Microsoft Excel Remote Code Execution Vulnerability Important - Microsoft Office - - -
CVE-2018-8382 Microsoft Excel Information Disclosure Vulnerability Important - Microsoft Office - - -
CVE-2018-8387 Microsoft Edge Memory Corruption Vulnerability Critical 7.5 Microsoft Edge - - -
CVE-2018-8412 Microsoft (MAU) Office Elevation of Privilege Vulnerability Important - Microsoft Office - - -
CVE-2018-8414 Windows Shell Remote Code Execution Vulnerability Important 4.8 Windows Shell Yes Yes -

Threat Categories 7

Threat Category CVEs Critical
Remote Code Execution 30 18
Elevation of Privilege 14 -
Information Disclosure 11 -
Security Feature Bypass 4 -
Spoofing 2 -
Defense in Depth 1 -
Tampering 1 -

Affected Products 21

Product CVEs Exploited
Microsoft Scripting Engine 13 1
Microsoft Graphics Component 9 -
Microsoft Office 7 -
Microsoft Edge 6 -
Windows Kernel 5 -
Microsoft Browsers 3 -
Microsoft Windows 3 -
Device Guard 2 -
Microsoft Exchange Server 2 -
Windows Shell 2 1
.NET Framework 1 -
Adobe Flash Player 1 -
Internet Explorer 1 -
Microsoft Windows PDF 1 -
SQL Server 1 -
Windows Authentication Methods 1 -
Windows COM 1 -
Windows Diagnostic Hub 1 -
Windows Installer 1 -
Windows NDIS 1 -
Windows RNDIS 1 -