Vendor CVEs
Microsoft
All CVEs
14,324 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1108 | Hig | 0.49 | 7.5 | 0.08 | May 11, 2016 | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | ||
| CVE-2016-1107 | Hig | 0.49 | 7.5 | 0.08 | May 11, 2016 | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | ||
| CVE-2016-1097 | Hig | 0.49 | 7.5 | 0.08 | May 11, 2016 | Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064. | ||
| CVE-2016-0169 | Med | 0.49 | 6.5 | 0.43 | May 11, 2016 | GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted document, aka "Windows Graphics… | ||
| CVE-2016-0168 | Med | 0.49 | 6.5 | 0.43 | May 11, 2016 | GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted document, aka "Windows Graphics… | ||
| CVE-2016-0018 | Hig | 0.49 | 7.3 | 0.14 | Jan 13, 2016 | Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." | ||
| CVE-2011-1985 | Hig | 0.49 | 7.1 | 0.02 | Oct 12, 2011 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or… | ||
| CVE-2011-0029 | Hig | 0.49 | 7.4 | 0.07 | Mar 9, 2011 | Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote… | ||
| CVE-2005-1794 | Hig | 0.49 | 7.4 | 0.16 | Jun 1, 2005 | Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks. | ||
| CVE-2002-1872 | Hig | 0.49 | 7.5 | 0.06 | Dec 31, 2002 | Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password. | ||
| CVE-2001-1515 | Hig | 0.49 | 7.5 | 0.04 | Dec 31, 2001 | Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended. | ||
| CVE-2001-0667 | Hig | 0.49 | 7.3 | 0.15 | Oct 30, 2001 | Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed,… | ||
| CVE-2001-0006 | Hig | 0.49 | 7.1 | 0.03 | Feb 12, 2001 | The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex"… | ||
| CVE-2026-42893 | Hig | 0.48 | 7.4 | 0.00 | May 12, 2026 | Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to perform tampering over a network. | ||
| CVE-2026-41107 | Hig | 0.48 | 7.4 | 0.01 | May 12, 2026 | External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2026-40414 | Hig | 0.48 | 7.4 | 0.01 | May 12, 2026 | Windows TCP/IP Denial of Service Vulnerability | ||
| CVE-2026-40413 | Hig | 0.48 | 7.4 | 0.00 | May 12, 2026 | Windows TCP/IP Denial of Service Vulnerability | ||
| CVE-2026-32156 | Hig | 0.48 | 7.4 | 0.00 | Apr 14, 2026 | Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-21524 | Hig | 0.48 | 7.4 | 0.01 | Jan 22, 2026 | Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2026-21521 | Hig | 0.48 | 7.4 | 0.01 | Jan 22, 2026 | Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2026-20853 | Hig | 0.48 | 7.4 | 0.00 | Jan 13, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2026-20844 | Hig | 0.48 | 7.4 | 0.00 | Jan 13, 2026 | Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2026-20805 | Med | 0.48 | 5.5 | 0.05 | KEV | Jan 13, 2026 | Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally. | |
| CVE-2025-59210 | Hig | 0.48 | 7.4 | 0.00 | Oct 14, 2025 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | ||
| CVE-2025-59206 | Hig | 0.48 | 7.4 | 0.00 | Oct 14, 2025 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | ||
| CVE-2025-59189 | Hig | 0.48 | 7.4 | 0.00 | Oct 14, 2025 | Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-55693 | Hig | 0.48 | 7.4 | 0.02 | Oct 14, 2025 | Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-55687 | Hig | 0.48 | 7.4 | 0.00 | Oct 14, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS) allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-55335 | Hig | 0.48 | 7.4 | 0.00 | Oct 14, 2025 | Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-48004 | Hig | 0.48 | 7.4 | 0.02 | Oct 14, 2025 | Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-54103 | Hig | 0.48 | 7.4 | 0.00 | Sep 9, 2025 | Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-59033 | Hig | 0.48 | 7.4 | 0.00 | Sep 8, 2025 | The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control (WDAC) policy. Entries that specify only the to-be-signed (TBS) part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash… | ||
| CVE-2022-50238 | Hig | 0.48 | 7.4 | 0.00 | Sep 8, 2025 | The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows… | ||
| CVE-2025-49690 | Hig | 0.48 | 7.4 | 0.00 | Jul 8, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-30384 | Hig | 0.48 | 7.4 | 0.01 | May 13, 2025 | Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-29838 | Hig | 0.48 | 7.4 | 0.00 | May 13, 2025 | Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2025-29826 | Hig | 0.48 | 7.3 | 0.01 | May 13, 2025 | Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network. | ||
| CVE-2025-29804 | Hig | 0.48 | 7.3 | 0.01 | Apr 8, 2025 | Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29802 | Hig | 0.48 | 7.3 | 0.01 | Apr 8, 2025 | Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29793 | Hig | 0.48 | 7.2 | 0.22 | Apr 8, 2025 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||
| CVE-2025-29792 | Hig | 0.48 | 7.3 | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-26628 | Hig | 0.48 | 7.3 | 0.01 | Apr 8, 2025 | Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclose information locally. | ||
| CVE-2025-24994 | Hig | 0.48 | 7.3 | 0.01 | Mar 11, 2025 | Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-24991 | Med | 0.48 | 5.5 | 0.02 | KEV | Mar 11, 2025 | Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | |
| CVE-2025-24042 | Hig | 0.48 | 7.3 | 0.01 | Feb 11, 2025 | Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability | ||
| CVE-2025-24039 | Hig | 0.48 | 7.3 | 0.01 | Feb 11, 2025 | Visual Studio Code Elevation of Privilege Vulnerability | ||
| CVE-2025-21206 | Hig | 0.48 | 7.3 | 0.01 | Feb 11, 2025 | Visual Studio Installer Elevation of Privilege Vulnerability | ||
| CVE-2025-21183 | Hig | 0.48 | 7.4 | 0.01 | Feb 11, 2025 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | ||
| CVE-2025-21182 | Hig | 0.48 | 7.4 | 0.01 | Feb 11, 2025 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | ||
| CVE-2025-21399 | Hig | 0.48 | 7.4 | 0.01 | Jan 17, 2025 | Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability |
- risk 0.49cvss 7.5epss 0.08
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- risk 0.49cvss 7.5epss 0.08
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- risk 0.49cvss 7.5epss 0.08
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
- risk 0.49cvss 6.5epss 0.43
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted document, aka "Windows Graphics…
- risk 0.49cvss 6.5epss 0.43
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted document, aka "Windows Graphics…
- risk 0.49cvss 7.3epss 0.14
Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
- risk 0.49cvss 7.1epss 0.02
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or…
- risk 0.49cvss 7.4epss 0.07
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote…
- risk 0.49cvss 7.4epss 0.16
Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks.
- risk 0.49cvss 7.5epss 0.06
Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password.
- risk 0.49cvss 7.5epss 0.04
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended.
- risk 0.49cvss 7.3epss 0.15
Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed,…
- risk 0.49cvss 7.1epss 0.03
The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex"…
- risk 0.48cvss 7.4epss 0.00
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to perform tampering over a network.
- risk 0.48cvss 7.4epss 0.01
External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
- risk 0.48cvss 7.4epss 0.01
Windows TCP/IP Denial of Service Vulnerability
- risk 0.48cvss 7.4epss 0.00
Windows TCP/IP Denial of Service Vulnerability
- risk 0.48cvss 7.4epss 0.00
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.
- risk 0.48cvss 7.4epss 0.01
Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network.
- risk 0.48cvss 7.4epss 0.01
Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose information over a network.
- risk 0.48cvss 7.4epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally.
- risk 0.48cvss 7.4epss 0.00
Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally.
- risk 0.48cvss 5.5epss 0.05
Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.
- risk 0.48cvss 7.4epss 0.00
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
- risk 0.48cvss 7.4epss 0.00
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
- risk 0.48cvss 7.4epss 0.00
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
- risk 0.48cvss 7.4epss 0.02
Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.
- risk 0.48cvss 7.4epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS) allows an unauthorized attacker to elevate privileges locally.
- risk 0.48cvss 7.4epss 0.00
Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
- risk 0.48cvss 7.4epss 0.02
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
- risk 0.48cvss 7.4epss 0.00
Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally.
- risk 0.48cvss 7.4epss 0.00
The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control (WDAC) policy. Entries that specify only the to-be-signed (TBS) part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash…
- risk 0.48cvss 7.4epss 0.00
The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows…
- risk 0.48cvss 7.4epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally.
- risk 0.48cvss 7.4epss 0.01
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
- risk 0.48cvss 7.4epss 0.00
Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally.
- risk 0.48cvss 7.3epss 0.01
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
- risk 0.48cvss 7.3epss 0.01
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
- risk 0.48cvss 7.3epss 0.01
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
- risk 0.48cvss 7.2epss 0.22
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
- risk 0.48cvss 7.3epss 0.01
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
- risk 0.48cvss 7.3epss 0.01
Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclose information locally.
- risk 0.48cvss 7.3epss 0.01
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
- risk 0.48cvss 5.5epss 0.02
Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
- risk 0.48cvss 7.3epss 0.01
Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability
- risk 0.48cvss 7.3epss 0.01
Visual Studio Code Elevation of Privilege Vulnerability
- risk 0.48cvss 7.3epss 0.01
Visual Studio Installer Elevation of Privilege Vulnerability
- risk 0.48cvss 7.4epss 0.01
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
- risk 0.48cvss 7.4epss 0.01
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
- risk 0.48cvss 7.4epss 0.01
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
Page 124 of 287