VYPR

Vendor CVEs

Microsoft

All CVEs

14,173 total · sorted by risk
  • CVE-2024-21326CriJan 26, 2024
    risk 0.62cvss 9.6epss 0.01

    Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

  • CVE-2023-38180HigKEVAug 8, 2023
    risk 0.62cvss 7.5epss 0.16

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2023-21742HigJan 10, 2023
    risk 0.62cvss 8.8epss 0.56

    Microsoft SharePoint Server Remote Code Execution Vulnerability

  • CVE-2021-36779CriDec 17, 2021
    risk 0.62cvss 9.6epss 0.01

    A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions…

  • CVE-2021-27059HigKEVMar 11, 2021
    risk 0.62cvss 7.6epss 0.03

    Microsoft Office Remote Code Execution Vulnerability

  • CVE-2021-26412CriMar 3, 2021
    risk 0.62cvss 9.1epss 0.30

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2020-1300HigJun 9, 2020
    risk 0.62cvss 8.8epss 0.60

    A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into…

  • CVE-2019-1128HigJul 15, 2019
    risk 0.62cvss 8.8epss 0.17

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,…

  • CVE-2019-1127HigJul 15, 2019
    risk 0.62cvss 8.8epss 0.21

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,…

  • CVE-2019-1124HigJul 15, 2019
    risk 0.62cvss 8.8epss 0.18

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,…

  • CVE-2019-1123HigJul 15, 2019
    risk 0.62cvss 8.8epss 0.17

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122,…

  • CVE-2019-1122HigJul 15, 2019
    risk 0.62cvss 8.8epss 0.17

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1123,…

  • CVE-2019-1121HigJul 15, 2019
    risk 0.62cvss 8.8epss 0.17

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1122, CVE-2019-1123,…

  • CVE-2019-1120HigJul 15, 2019
    risk 0.62cvss 8.8epss 0.17

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,…

  • CVE-2019-1119HigJul 15, 2019
    risk 0.62cvss 8.8epss 0.19

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,…

  • CVE-2019-1118HigJul 15, 2019
    risk 0.62cvss 8.8epss 0.24

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,…

  • CVE-2019-1117HigJul 15, 2019
    risk 0.62cvss 8.8epss 0.24

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123,…

  • CVE-2019-0566HigJan 8, 2019
    risk 0.62cvss 8.8epss 0.19

    An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge.

  • CVE-2016-3351MedKEVSep 14, 2016
    risk 0.62cvss 6.5epss 0.26

    Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

  • CVE-2016-3324HigSep 14, 2016
    risk 0.62cvss 8.8epss 0.28

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

  • CVE-2016-4135HigJun 16, 2016
    risk 0.62cvss 8.8epss 0.17

    Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

  • CVE-2016-0100HigMar 9, 2016
    risk 0.62cvss 8.4epss 0.58

    Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."

  • CVE-2013-7331MedKEVFeb 26, 2014
    risk 0.62cvss 6.5epss 0.58

    The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and…

  • CVE-2023-33157HigJul 11, 2023
    risk 0.61cvss 8.8epss 0.44

    Microsoft SharePoint Remote Code Execution Vulnerability

  • CVE-2023-33131HigJun 14, 2023
    risk 0.61cvss 8.8epss 0.06

    Microsoft Outlook Remote Code Execution Vulnerability

  • CVE-2022-37961HigSep 13, 2022
    risk 0.61cvss 8.8epss 0.50

    Microsoft SharePoint Server Remote Code Execution Vulnerability

  • CVE-2022-35823HigSep 13, 2022
    risk 0.61cvss 8.8epss 0.53

    Microsoft SharePoint Remote Code Execution Vulnerability

  • CVE-2022-26904HigKEVApr 15, 2022
    risk 0.61cvss 7.0epss 0.10

    Windows User Profile Service Elevation of Privilege Vulnerability

  • CVE-2021-34481HigJul 16, 2021
    risk 0.61cvss 8.8epss 0.45

    A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install…

  • CVE-2021-31962CriJun 8, 2021
    risk 0.61cvss 9.4epss 0.04

    Kerberos AppContainer Security Feature Bypass Vulnerability

  • CVE-2021-28474HigMay 11, 2021
    risk 0.61cvss 8.8epss 0.51

    Microsoft SharePoint Server Remote Code Execution Vulnerability

  • CVE-2021-27068HigMay 11, 2021
    risk 0.61cvss 8.8epss 0.54

    Visual Studio Remote Code Execution Vulnerability

  • CVE-2021-27080CriMar 11, 2021
    risk 0.61cvss 9.3epss 0.01

    Azure Sphere Unsigned Code Execution Vulnerability

  • CVE-2021-27078CriMar 3, 2021
    risk 0.61cvss 9.1epss 0.18

    Microsoft Exchange Server Remote Code Execution Vulnerability

  • CVE-2021-24093HigFeb 25, 2021
    risk 0.61cvss 8.8epss 0.44

    Windows Graphics Component Remote Code Execution Vulnerability

  • CVE-2020-16875HigSep 11, 2020
    risk 0.61cvss 8.4epss 0.47

    A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the…

  • CVE-2019-1152HigAug 14, 2019
    risk 0.61cvss 8.8epss 0.13

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…

  • CVE-2019-1151HigAug 14, 2019
    risk 0.61cvss 8.8epss 0.15

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…

  • CVE-2019-1149HigAug 14, 2019
    risk 0.61cvss 8.8epss 0.14

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…

  • CVE-2019-1145HigAug 14, 2019
    risk 0.61cvss 8.8epss 0.13

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…

  • CVE-2019-1144HigAug 14, 2019
    risk 0.61cvss 8.8epss 0.13

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…

  • CVE-2019-1068HigJul 15, 2019
    risk 0.61cvss 8.8epss 0.45

    A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'.

  • CVE-2018-8420HigSep 13, 2018
    risk 0.61cvss 8.8epss 0.49

    A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,…

  • CVE-2018-1026HigApr 12, 2018
    risk 0.61cvss 8.8epss 0.41

    A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030.

  • CVE-2016-0088CriApr 12, 2016
    risk 0.61cvss 9.3epss 0.08

    Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability."

  • CVE-2014-2815HigAug 12, 2014
    risk 0.61cvss 8.8epss 0.44

    Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."

  • CVE-2012-0003HigJan 10, 2012
    risk 0.61cvss 8.1epss 0.69

    Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote…

  • CVE-2009-2493HigJul 29, 2009
    risk 0.61cvss 8.8epss 0.43

    The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2;…

  • CVE-2009-0901HigJul 29, 2009
    risk 0.61cvss 8.8epss 0.42

    The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does…

  • CVE-2026-41090CriMay 22, 2026
    risk 0.60cvss 9.3epss 0.00

    Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.

Page 11 of 284