Vendor CVEs
Microsoft
All CVEs
14,173 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-21326 | Cri | 0.62 | 9.6 | 0.01 | Jan 26, 2024 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2023-38180 | Hig | 0.62 | 7.5 | 0.16 | KEV | Aug 8, 2023 | .NET and Visual Studio Denial of Service Vulnerability | |
| CVE-2023-21742 | Hig | 0.62 | 8.8 | 0.56 | Jan 10, 2023 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2021-36779 | Cri | 0.62 | 9.6 | 0.01 | Dec 17, 2021 | A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions… | ||
| CVE-2021-27059 | Hig | 0.62 | 7.6 | 0.03 | KEV | Mar 11, 2021 | Microsoft Office Remote Code Execution Vulnerability | |
| CVE-2021-26412 | Cri | 0.62 | 9.1 | 0.30 | Mar 3, 2021 | Microsoft Exchange Server Remote Code Execution Vulnerability | ||
| CVE-2020-1300 | Hig | 0.62 | 8.8 | 0.60 | Jun 9, 2020 | A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into… | ||
| CVE-2019-1128 | Hig | 0.62 | 8.8 | 0.17 | Jul 15, 2019 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,… | ||
| CVE-2019-1127 | Hig | 0.62 | 8.8 | 0.21 | Jul 15, 2019 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,… | ||
| CVE-2019-1124 | Hig | 0.62 | 8.8 | 0.18 | Jul 15, 2019 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,… | ||
| CVE-2019-1123 | Hig | 0.62 | 8.8 | 0.17 | Jul 15, 2019 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,… | ||
| CVE-2019-1122 | Hig | 0.62 | 8.8 | 0.17 | Jul 15, 2019 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1123,… | ||
| CVE-2019-1121 | Hig | 0.62 | 8.8 | 0.17 | Jul 15, 2019 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1122, CVE-2019-1123,… | ||
| CVE-2019-1120 | Hig | 0.62 | 8.8 | 0.17 | Jul 15, 2019 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,… | ||
| CVE-2019-1119 | Hig | 0.62 | 8.8 | 0.19 | Jul 15, 2019 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,… | ||
| CVE-2019-1118 | Hig | 0.62 | 8.8 | 0.24 | Jul 15, 2019 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,… | ||
| CVE-2019-1117 | Hig | 0.62 | 8.8 | 0.24 | Jul 15, 2019 | A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,… | ||
| CVE-2019-0566 | Hig | 0.62 | 8.8 | 0.19 | Jan 8, 2019 | An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. | ||
| CVE-2016-3351 | Med | 0.62 | 6.5 | 0.26 | KEV | Sep 14, 2016 | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | |
| CVE-2016-3324 | Hig | 0.62 | 8.8 | 0.28 | Sep 14, 2016 | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||
| CVE-2016-4135 | Hig | 0.62 | 8.8 | 0.17 | Jun 16, 2016 | Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||
| CVE-2016-0100 | Hig | 0.62 | 8.4 | 0.58 | Mar 9, 2016 | Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability." | ||
| CVE-2013-7331 | Med | 0.62 | 6.5 | 0.58 | KEV | Feb 26, 2014 | The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and… | |
| CVE-2023-33157 | Hig | 0.61 | 8.8 | 0.44 | Jul 11, 2023 | Microsoft SharePoint Remote Code Execution Vulnerability | ||
| CVE-2023-33131 | Hig | 0.61 | 8.8 | 0.06 | Jun 14, 2023 | Microsoft Outlook Remote Code Execution Vulnerability | ||
| CVE-2022-37961 | Hig | 0.61 | 8.8 | 0.50 | Sep 13, 2022 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2022-35823 | Hig | 0.61 | 8.8 | 0.53 | Sep 13, 2022 | Microsoft SharePoint Remote Code Execution Vulnerability | ||
| CVE-2022-26904 | Hig | 0.61 | 7.0 | 0.10 | KEV | Apr 15, 2022 | Windows User Profile Service Elevation of Privilege Vulnerability | |
| CVE-2021-34481 | Hig | 0.61 | 8.8 | 0.45 | Jul 16, 2021 | A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install… | ||
| CVE-2021-31962 | Cri | 0.61 | 9.4 | 0.04 | Jun 8, 2021 | Kerberos AppContainer Security Feature Bypass Vulnerability | ||
| CVE-2021-28474 | Hig | 0.61 | 8.8 | 0.51 | May 11, 2021 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2021-27068 | Hig | 0.61 | 8.8 | 0.54 | May 11, 2021 | Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2021-27080 | Cri | 0.61 | 9.3 | 0.01 | Mar 11, 2021 | Azure Sphere Unsigned Code Execution Vulnerability | ||
| CVE-2021-27078 | Cri | 0.61 | 9.1 | 0.18 | Mar 3, 2021 | Microsoft Exchange Server Remote Code Execution Vulnerability | ||
| CVE-2021-24093 | Hig | 0.61 | 8.8 | 0.44 | Feb 25, 2021 | Windows Graphics Component Remote Code Execution Vulnerability | ||
| CVE-2020-16875 | Hig | 0.61 | 8.4 | 0.47 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the… | ||
| CVE-2019-1152 | Hig | 0.61 | 8.8 | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | ||
| CVE-2019-1151 | Hig | 0.61 | 8.8 | 0.15 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | ||
| CVE-2019-1149 | Hig | 0.61 | 8.8 | 0.14 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | ||
| CVE-2019-1145 | Hig | 0.61 | 8.8 | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | ||
| CVE-2019-1144 | Hig | 0.61 | 8.8 | 0.13 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | ||
| CVE-2019-1068 | Hig | 0.61 | 8.8 | 0.45 | Jul 15, 2019 | A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'. | ||
| CVE-2018-8420 | Hig | 0.61 | 8.8 | 0.49 | Sep 13, 2018 | A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,… | ||
| CVE-2018-1026 | Hig | 0.61 | 8.8 | 0.41 | Apr 12, 2018 | A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030. | ||
| CVE-2016-0088 | Cri | 0.61 | 9.3 | 0.08 | Apr 12, 2016 | Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability." | ||
| CVE-2014-2815 | Hig | 0.61 | 8.8 | 0.44 | Aug 12, 2014 | Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability." | ||
| CVE-2012-0003 | Hig | 0.61 | 8.1 | 0.69 | Jan 10, 2012 | Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote… | ||
| CVE-2009-2493 | Hig | 0.61 | 8.8 | 0.43 | Jul 29, 2009 | The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2;… | ||
| CVE-2009-0901 | Hig | 0.61 | 8.8 | 0.42 | Jul 29, 2009 | The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does… | ||
| CVE-2026-41090 | Cri | 0.60 | 9.3 | 0.00 | May 22, 2026 | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network. |
- risk 0.62cvss 9.6epss 0.01
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.62cvss 7.5epss 0.16
.NET and Visual Studio Denial of Service Vulnerability
- risk 0.62cvss 8.8epss 0.56
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.62cvss 9.6epss 0.01
A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions…
- risk 0.62cvss 7.6epss 0.03
Microsoft Office Remote Code Execution Vulnerability
- risk 0.62cvss 9.1epss 0.30
Microsoft Exchange Server Remote Code Execution Vulnerability
- risk 0.62cvss 8.8epss 0.60
A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into…
- risk 0.62cvss 8.8epss 0.17
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,…
- risk 0.62cvss 8.8epss 0.21
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,…
- risk 0.62cvss 8.8epss 0.18
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,…
- risk 0.62cvss 8.8epss 0.17
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,…
- risk 0.62cvss 8.8epss 0.17
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1123,…
- risk 0.62cvss 8.8epss 0.17
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1122, CVE-2019-1123,…
- risk 0.62cvss 8.8epss 0.17
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,…
- risk 0.62cvss 8.8epss 0.19
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,…
- risk 0.62cvss 8.8epss 0.24
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,…
- risk 0.62cvss 8.8epss 0.24
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,…
- risk 0.62cvss 8.8epss 0.19
An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge.
- risk 0.62cvss 6.5epss 0.26
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
- risk 0.62cvss 8.8epss 0.28
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
- risk 0.62cvss 8.8epss 0.17
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
- risk 0.62cvss 8.4epss 0.58
Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."
- risk 0.62cvss 6.5epss 0.58
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and…
- risk 0.61cvss 8.8epss 0.44
Microsoft SharePoint Remote Code Execution Vulnerability
- risk 0.61cvss 8.8epss 0.06
Microsoft Outlook Remote Code Execution Vulnerability
- risk 0.61cvss 8.8epss 0.50
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.61cvss 8.8epss 0.53
Microsoft SharePoint Remote Code Execution Vulnerability
- risk 0.61cvss 7.0epss 0.10
Windows User Profile Service Elevation of Privilege Vulnerability
- risk 0.61cvss 8.8epss 0.45
A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install…
- risk 0.61cvss 9.4epss 0.04
Kerberos AppContainer Security Feature Bypass Vulnerability
- risk 0.61cvss 8.8epss 0.51
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.61cvss 8.8epss 0.54
Visual Studio Remote Code Execution Vulnerability
- risk 0.61cvss 9.3epss 0.01
Azure Sphere Unsigned Code Execution Vulnerability
- risk 0.61cvss 9.1epss 0.18
Microsoft Exchange Server Remote Code Execution Vulnerability
- risk 0.61cvss 8.8epss 0.44
Windows Graphics Component Remote Code Execution Vulnerability
- risk 0.61cvss 8.4epss 0.47
A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the…
- risk 0.61cvss 8.8epss 0.13
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- risk 0.61cvss 8.8epss 0.15
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- risk 0.61cvss 8.8epss 0.14
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- risk 0.61cvss 8.8epss 0.13
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- risk 0.61cvss 8.8epss 0.13
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- risk 0.61cvss 8.8epss 0.45
A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'.
- risk 0.61cvss 8.8epss 0.49
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,…
- risk 0.61cvss 8.8epss 0.41
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030.
- risk 0.61cvss 9.3epss 0.08
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability."
- risk 0.61cvss 8.8epss 0.44
Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."
- risk 0.61cvss 8.1epss 0.69
Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote…
- risk 0.61cvss 8.8epss 0.43
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2;…
- risk 0.61cvss 8.8epss 0.42
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does…
- risk 0.60cvss 9.3epss 0.00
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.
Page 11 of 284