CVE-2018-8174
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
CVSS
—
Sin CVSS
EPSS
87.6%
p100
KEV
SÍ
15 feb 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
87.6%EPSS · 30 días87.8%
2026-06-302026-07-16
Producto
Microsoft / Windows
Vulnerabilidad
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
Añadido a KEV
15 feb 2022
Remediar antes de
15 ago 2022
Uso conocido en ransomware
Sí
Descripción resumida
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2018-8174
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2025-59287—100.0%
KEV—80Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability—CVE-2021-34527—100.0%
KEV—80Microsoft Windows Print Spooler Remote Code Execution Vulnerability—CVE-2022-30190—99.9%
KEV—80Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability—CVE-2023-36884—99.9%
KEV—80Microsoft Windows Search Remote Code Execution Vulnerability—CVE-2008-4250—99.9%
KEV—80Microsoft Windows Buffer Overflow Vulnerability—CVE-2024-21412—99.9%
KEV—80Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability—