Dynamics 365 (on-premises)
by Microsoft
CVEs (70)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42898 | Cri | 0.64 | 9.9 | 0.01 | May 12, 2026 | Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network. | ||
| CVE-2018-8609 | Hig | 0.58 | 8.8 | 0.09 | Nov 14, 2018 | A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability." This… | ||
| CVE-2022-35805 | Hig | 0.57 | 8.8 | 0.02 | Sep 13, 2022 | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | ||
| CVE-2022-34700 | Hig | 0.57 | 8.8 | 0.03 | Sep 13, 2022 | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | ||
| CVE-2022-23259 | Hig | 0.57 | 8.8 | 0.03 | Apr 15, 2022 | Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | ||
| CVE-2021-42316 | Hig | 0.57 | 8.8 | 0.02 | Nov 10, 2021 | Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | ||
| CVE-2020-17147 | Hig | 0.57 | 8.7 | 0.01 | Dec 10, 2020 | Dynamics CRM Webclient Cross-site Scripting Vulnerability | ||
| CVE-2024-21395 | Hig | 0.53 | 8.2 | 0.01 | Feb 13, 2024 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2023-35335 | Hig | 0.53 | 8.2 | 0.01 | Jul 11, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2023-33171 | Hig | 0.53 | 8.2 | 0.01 | Jul 11, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2021-34524 | Hig | 0.53 | 8.1 | 0.03 | Aug 12, 2021 | Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | ||
| CVE-2020-1022 | Hig | 0.53 | 8.0 | 0.07 | Apr 15, 2020 | A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. | ||
| CVE-2020-0905 | Hig | 0.53 | 8.0 | 0.11 | Mar 12, 2020 | An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. | ||
| CVE-2024-21328 | Hig | 0.50 | 7.6 | 0.01 | Feb 13, 2024 | Dynamics 365 Sales Spoofing Vulnerability | ||
| CVE-2024-21419 | Hig | 0.49 | 7.6 | 0.01 | Mar 12, 2024 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2024-21396 | Hig | 0.49 | 7.6 | 0.01 | Feb 13, 2024 | Dynamics 365 Sales Spoofing Vulnerability | ||
| CVE-2024-21394 | Hig | 0.49 | 7.6 | 0.01 | Feb 13, 2024 | Dynamics 365 Field Service Spoofing Vulnerability | ||
| CVE-2024-21393 | Hig | 0.49 | 7.6 | 0.01 | Feb 13, 2024 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2024-21389 | Hig | 0.49 | 7.6 | 0.01 | Feb 13, 2024 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2023-36020 | Hig | 0.49 | 7.6 | 0.01 | Dec 12, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
- risk 0.64cvss 9.9epss 0.01
Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network.
- risk 0.58cvss 8.8epss 0.09
A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability." This…
- risk 0.57cvss 8.8epss 0.02
Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.03
Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.03
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
- risk 0.57cvss 8.8epss 0.02
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
- risk 0.57cvss 8.7epss 0.01
Dynamics CRM Webclient Cross-site Scripting Vulnerability
- risk 0.53cvss 8.2epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.53cvss 8.2epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.53cvss 8.2epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.53cvss 8.1epss 0.03
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
- risk 0.53cvss 8.0epss 0.07
A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.
- risk 0.53cvss 8.0epss 0.11
An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.
- risk 0.50cvss 7.6epss 0.01
Dynamics 365 Sales Spoofing Vulnerability
- risk 0.49cvss 7.6epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.49cvss 7.6epss 0.01
Dynamics 365 Sales Spoofing Vulnerability
- risk 0.49cvss 7.6epss 0.01
Dynamics 365 Field Service Spoofing Vulnerability
- risk 0.49cvss 7.6epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.49cvss 7.6epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.49cvss 7.6epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Page 1 of 4