Vendor CVEs
Microsoft
All CVEs
14,324 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-26442 | Hig | 0.46 | 7.0 | 0.01 | Oct 13, 2021 | Windows HTTP.sys Elevation of Privilege Vulnerability | ||
| CVE-2021-38634 | Hig | 0.46 | 7.1 | 0.01 | Sep 15, 2021 | Microsoft Windows Update Client Elevation of Privilege Vulnerability | ||
| CVE-2021-36949 | Hig | 0.46 | 7.1 | 0.01 | Aug 12, 2021 | Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability | ||
| CVE-2021-34487 | Hig | 0.46 | 7.0 | 0.01 | Aug 12, 2021 | Windows Event Tracing Elevation of Privilege Vulnerability | ||
| CVE-2021-33762 | Hig | 0.46 | 7.0 | 0.00 | Aug 12, 2021 | Azure CycleCloud Elevation of Privilege Vulnerability | ||
| CVE-2021-26426 | Hig | 0.46 | 7.0 | 0.01 | Aug 12, 2021 | Windows User Account Profile Picture Elevation of Privilege Vulnerability | ||
| CVE-2021-34462 | Hig | 0.46 | 7.0 | 0.01 | Jul 16, 2021 | Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | ||
| CVE-2021-34449 | Hig | 0.46 | 7.0 | 0.02 | Jul 16, 2021 | Win32k Elevation of Privilege Vulnerability | ||
| CVE-2021-34468 | Hig | 0.46 | 7.1 | 0.02 | Jul 14, 2021 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2021-33774 | Hig | 0.46 | 7.0 | 0.01 | Jul 14, 2021 | Windows Event Tracing Elevation of Privilege Vulnerability | ||
| CVE-2021-33751 | Hig | 0.46 | 7.0 | 0.01 | Jul 14, 2021 | Storage Spaces Controller Elevation of Privilege Vulnerability | ||
| CVE-2021-31963 | Hig | 0.46 | 7.1 | 0.02 | Jun 8, 2021 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2021-31201 | Med | 0.46 | 5.2 | 0.03 | KEV | Jun 8, 2021 | Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | |
| CVE-2021-31199 | Med | 0.46 | 5.2 | 0.03 | KEV | Jun 8, 2021 | Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | |
| CVE-2021-26420 | Hig | 0.46 | 7.1 | 0.03 | Jun 8, 2021 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2021-31182 | Hig | 0.46 | 7.1 | 0.01 | May 11, 2021 | Microsoft Bluetooth Driver Spoofing Vulnerability | ||
| CVE-2021-31172 | Hig | 0.46 | 7.1 | 0.02 | May 11, 2021 | Microsoft SharePoint Server Spoofing Vulnerability | ||
| CVE-2021-28477 | Hig | 0.46 | 7.0 | 0.02 | Apr 13, 2021 | Visual Studio Code Remote Code Execution Vulnerability | ||
| CVE-2021-28452 | Hig | 0.46 | 7.1 | 0.01 | Apr 13, 2021 | Microsoft Outlook Memory Corruption Vulnerability | ||
| CVE-2021-28446 | Hig | 0.46 | 7.1 | 0.01 | Apr 13, 2021 | Windows Portmapping Information Disclosure Vulnerability | ||
| CVE-2021-28440 | Hig | 0.46 | 7.0 | 0.01 | Apr 13, 2021 | Windows Installer Elevation of Privilege Vulnerability | ||
| CVE-2021-27072 | Hig | 0.46 | 7.0 | 0.01 | Apr 13, 2021 | Win32k Elevation of Privilege Vulnerability | ||
| CVE-2021-27055 | Hig | 0.46 | 7.0 | 0.02 | Mar 11, 2021 | Microsoft Visio Security Feature Bypass Vulnerability | ||
| CVE-2021-26873 | Hig | 0.46 | 7.0 | 0.01 | Mar 11, 2021 | Windows User Profile Service Elevation of Privilege Vulnerability | ||
| CVE-2021-26866 | Hig | 0.46 | 7.1 | 0.01 | Mar 11, 2021 | Windows Update Service Elevation of Privilege Vulnerability | ||
| CVE-2021-26863 | Hig | 0.46 | 7.0 | 0.12 | Mar 11, 2021 | Windows Win32k Elevation of Privilege Vulnerability | ||
| CVE-2021-26862 | Hig | 0.46 | 7.0 | 0.01 | Mar 11, 2021 | Windows Installer Elevation of Privilege Vulnerability | ||
| CVE-2021-24095 | Hig | 0.46 | 7.0 | 0.01 | Mar 11, 2021 | DirectX Elevation of Privilege Vulnerability | ||
| CVE-2021-1729 | Hig | 0.46 | 7.1 | 0.01 | Mar 11, 2021 | Windows Update Stack Setup Elevation of Privilege Vulnerability | ||
| CVE-2021-24087 | Hig | 0.46 | 7.0 | 0.00 | Feb 25, 2021 | Azure IoT CLI extension Elevation of Privilege Vulnerability | ||
| CVE-2021-1639 | Hig | 0.46 | 7.0 | 0.02 | Feb 25, 2021 | Visual Studio Code Remote Code Execution Vulnerability | ||
| CVE-2021-1709 | Hig | 0.46 | 7.0 | 0.01 | Jan 12, 2021 | Windows Win32k Elevation of Privilege Vulnerability | ||
| CVE-2021-1682 | Hig | 0.46 | 7.0 | 0.01 | Jan 12, 2021 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2020-17089 | Hig | 0.46 | 7.1 | 0.03 | Dec 10, 2020 | Microsoft SharePoint Elevation of Privilege Vulnerability | ||
| CVE-2020-17057 | Hig | 0.46 | 7.0 | 0.02 | Nov 11, 2020 | Windows Win32k Elevation of Privilege Vulnerability | ||
| CVE-2020-17007 | Hig | 0.46 | 7.0 | 0.01 | Nov 11, 2020 | Windows Error Reporting Elevation of Privilege Vulnerability | ||
| CVE-2020-16998 | Hig | 0.46 | 7.0 | 0.01 | Nov 11, 2020 | DirectX Elevation of Privilege Vulnerability | ||
| CVE-2020-16977 | Hig | 0.46 | 7.0 | 0.03 | Oct 16, 2020 | A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads a Jupyter notebook file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on… | ||
| CVE-2020-16969 | Hig | 0.46 | 7.1 | 0.03 | Oct 16, 2020 | An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an… | ||
| CVE-2020-16934 | Hig | 0.46 | 7.0 | 0.03 | Oct 16, 2020 | An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to… | ||
| CVE-2020-16933 | Hig | 0.46 | 7.0 | 0.03 | Oct 16, 2020 | A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.… | ||
| CVE-2020-16900 | Hig | 0.46 | 7.0 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | ||
| CVE-2020-16877 | Hig | 0.46 | 7.1 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions. To exploit… | ||
| CVE-2020-16876 | Hig | 0.46 | 7.1 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an… | ||
| CVE-2020-1308 | Hig | 0.46 | 7.0 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or… | ||
| CVE-2020-1245 | Hig | 0.46 | 7.0 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,… | ||
| CVE-2020-16862 | Hig | 0.46 | 7.1 | 0.03 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the… | ||
| CVE-2020-16857 | Hig | 0.46 | 7.1 | 0.02 | Sep 11, 2020 | A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim… | ||
| CVE-2020-16853 | Hig | 0.46 | 7.1 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status. To exploit this… | ||
| CVE-2020-16852 | Hig | 0.46 | 7.1 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status. To exploit this… |
- risk 0.46cvss 7.0epss 0.01
Windows HTTP.sys Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.01
Microsoft Windows Update Client Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.01
Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Event Tracing Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.00
Azure CycleCloud Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows User Account Profile Picture Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.02
Win32k Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.02
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Event Tracing Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
Storage Spaces Controller Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.02
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.46cvss 5.2epss 0.03
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
- risk 0.46cvss 5.2epss 0.03
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.03
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.46cvss 7.1epss 0.01
Microsoft Bluetooth Driver Spoofing Vulnerability
- risk 0.46cvss 7.1epss 0.02
Microsoft SharePoint Server Spoofing Vulnerability
- risk 0.46cvss 7.0epss 0.02
Visual Studio Code Remote Code Execution Vulnerability
- risk 0.46cvss 7.1epss 0.01
Microsoft Outlook Memory Corruption Vulnerability
- risk 0.46cvss 7.1epss 0.01
Windows Portmapping Information Disclosure Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Installer Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
Win32k Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.02
Microsoft Visio Security Feature Bypass Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows User Profile Service Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.01
Windows Update Service Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.12
Windows Win32k Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Installer Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
DirectX Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.01
Windows Update Stack Setup Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.00
Azure IoT CLI extension Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.02
Visual Studio Code Remote Code Execution Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Win32k Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.03
Microsoft SharePoint Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.02
Windows Win32k Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Error Reporting Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
DirectX Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.03
A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads a Jupyter notebook file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on…
- risk 0.46cvss 7.1epss 0.03
An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an…
- risk 0.46cvss 7.0epss 0.03
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to…
- risk 0.46cvss 7.0epss 0.03
A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- risk 0.46cvss 7.1epss 0.01
An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions. To exploit…
- risk 0.46cvss 7.1epss 0.01
An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…
- risk 0.46cvss 7.1epss 0.03
A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the…
- risk 0.46cvss 7.1epss 0.02
A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim…
- risk 0.46cvss 7.1epss 0.01
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status. To exploit this…
- risk 0.46cvss 7.1epss 0.01
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status. To exploit this…
Page 138 of 287