Vendor CVEs
Microsoft
All CVEs
14,319 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-29805 | Hig | 0.49 | 7.5 | 0.01 | Apr 8, 2025 | Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-27486 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-27485 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-27484 | Hig | 0.49 | 7.5 | 0.01 | Apr 8, 2025 | Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network. | ||
| CVE-2025-27479 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-27473 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-27470 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-27469 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-26687 | Hig | 0.49 | 7.5 | 0.01 | Apr 8, 2025 | Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network. | ||
| CVE-2025-26686 | Hig | 0.49 | 7.5 | 0.01 | Apr 8, 2025 | Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network. | ||
| CVE-2025-26682 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-26680 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-26673 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-26668 | Hig | 0.49 | 7.5 | 0.01 | Apr 8, 2025 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||
| CVE-2025-26652 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-26641 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-21174 | Hig | 0.49 | 7.5 | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-29815 | Hig | 0.49 | 7.6 | 0.01 | Apr 4, 2025 | Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network. | ||
| CVE-2025-26634 | Hig | 0.49 | 7.5 | 0.01 | Mar 11, 2025 | Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network. | ||
| CVE-2025-21351 | Hig | 0.49 | 7.5 | 0.02 | Feb 11, 2025 | Windows Active Directory Domain Services API Denial of Service Vulnerability | ||
| CVE-2025-21181 | Hig | 0.49 | 7.5 | 0.03 | Feb 11, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||
| CVE-2025-21389 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2025 | Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to deny service over a network. | ||
| CVE-2025-21343 | Hig | 0.49 | 7.5 | 0.01 | Jan 14, 2025 | Windows Web Threat Defense User Service Information Disclosure Vulnerability | ||
| CVE-2025-21330 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2025 | Windows Remote Desktop Services Denial of Service Vulnerability | ||
| CVE-2025-21300 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2025 | Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability | ||
| CVE-2025-21296 | Hig | 0.49 | 7.5 | 0.01 | Jan 14, 2025 | BranchCache Remote Code Execution Vulnerability | ||
| CVE-2025-21290 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||
| CVE-2025-21289 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||
| CVE-2025-21276 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2025 | Windows MapUrlToZone Denial of Service Vulnerability | ||
| CVE-2025-21270 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||
| CVE-2025-21251 | Hig | 0.49 | 7.5 | 0.03 | Jan 14, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||
| CVE-2025-21231 | Hig | 0.49 | 7.5 | 0.03 | Jan 14, 2025 | IP Helper Denial of Service Vulnerability | ||
| CVE-2025-21230 | Hig | 0.49 | 7.5 | 0.03 | Jan 14, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||
| CVE-2025-21220 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2025 | Microsoft Message Queuing Information Disclosure Vulnerability | ||
| CVE-2025-21218 | Hig | 0.49 | 7.5 | 0.03 | Jan 14, 2025 | Windows Kerberos Denial of Service Vulnerability | ||
| CVE-2025-21207 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2025 | Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability | ||
| CVE-2025-21171 | Hig | 0.49 | 7.5 | 0.02 | Jan 14, 2025 | .NET Remote Code Execution Vulnerability | ||
| CVE-2024-49129 | Hig | 0.49 | 7.5 | 0.01 | Dec 12, 2024 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | ||
| CVE-2024-49121 | Hig | 0.49 | 7.5 | 0.02 | Dec 12, 2024 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | ||
| CVE-2024-49096 | Hig | 0.49 | 7.5 | 0.03 | Dec 12, 2024 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||
| CVE-2024-49075 | Hig | 0.49 | 7.5 | 0.03 | Dec 12, 2024 | Windows Remote Desktop Services Denial of Service Vulnerability | ||
| CVE-2024-49053 | Hig | 0.49 | 7.6 | 0.01 | Nov 26, 2024 | Microsoft Dynamics 365 Sales Spoofing Vulnerability | ||
| CVE-2024-49040 | Hig | 0.49 | 7.5 | 0.08 | Nov 12, 2024 | Microsoft Exchange Server Spoofing Vulnerability | ||
| CVE-2024-49033 | Hig | 0.49 | 7.5 | 0.02 | Nov 12, 2024 | Microsoft Word Security Feature Bypass Vulnerability | ||
| CVE-2024-43499 | Hig | 0.49 | 7.5 | 0.03 | Nov 12, 2024 | .NET and Visual Studio Denial of Service Vulnerability | ||
| CVE-2024-43450 | Hig | 0.49 | 7.5 | 0.01 | Nov 12, 2024 | Windows DNS Spoofing Vulnerability | ||
| CVE-2024-43579 | Hig | 0.49 | 7.6 | 0.01 | Oct 17, 2024 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2024-43578 | Hig | 0.49 | 7.6 | 0.01 | Oct 17, 2024 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2024-43566 | Hig | 0.49 | 7.5 | 0.01 | Oct 17, 2024 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2024-38204 | Hig | 0.49 | 7.5 | 0.01 | Oct 15, 2024 | Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network. |
- risk 0.49cvss 7.5epss 0.01
Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.01
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.
- risk 0.49cvss 7.5epss 0.02
Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.01
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
- risk 0.49cvss 7.5epss 0.01
Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
- risk 0.49cvss 7.5epss 0.02
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.01
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.6epss 0.01
Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.
- risk 0.49cvss 7.5epss 0.01
Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.
- risk 0.49cvss 7.5epss 0.02
Windows Active Directory Domain Services API Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.03
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.02
Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to deny service over a network.
- risk 0.49cvss 7.5epss 0.01
Windows Web Threat Defense User Service Information Disclosure Vulnerability
- risk 0.49cvss 7.5epss 0.02
Windows Remote Desktop Services Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.02
Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.01
BranchCache Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.02
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.02
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.02
Windows MapUrlToZone Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.02
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.03
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.03
IP Helper Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.03
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.02
Microsoft Message Queuing Information Disclosure Vulnerability
- risk 0.49cvss 7.5epss 0.03
Windows Kerberos Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.02
Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.02
.NET Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.01
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.02
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.03
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.03
Windows Remote Desktop Services Denial of Service Vulnerability
- risk 0.49cvss 7.6epss 0.01
Microsoft Dynamics 365 Sales Spoofing Vulnerability
- risk 0.49cvss 7.5epss 0.08
Microsoft Exchange Server Spoofing Vulnerability
- risk 0.49cvss 7.5epss 0.02
Microsoft Word Security Feature Bypass Vulnerability
- risk 0.49cvss 7.5epss 0.03
.NET and Visual Studio Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.01
Windows DNS Spoofing Vulnerability
- risk 0.49cvss 7.6epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.49cvss 7.6epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.01
Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network.
Page 111 of 287