Vendor CVEs
Microsoft
All CVEs
14,323 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-22023 | Med | 0.43 | 6.6 | 0.01 | Jul 12, 2022 | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | ||
| CVE-2022-26911 | Med | 0.43 | 6.5 | 0.03 | Apr 15, 2022 | Skype for Business Information Disclosure Vulnerability | ||
| CVE-2022-26829 | Med | 0.43 | 6.6 | 0.02 | Apr 15, 2022 | Windows DNS Server Remote Code Execution Vulnerability | ||
| CVE-2022-26822 | Med | 0.43 | 6.6 | 0.02 | Apr 15, 2022 | Windows DNS Server Remote Code Execution Vulnerability | ||
| CVE-2022-26821 | Med | 0.43 | 6.6 | 0.02 | Apr 15, 2022 | Windows DNS Server Remote Code Execution Vulnerability | ||
| CVE-2022-26820 | Med | 0.43 | 6.6 | 0.02 | Apr 15, 2022 | Windows DNS Server Remote Code Execution Vulnerability | ||
| CVE-2022-26819 | Med | 0.43 | 6.6 | 0.02 | Apr 15, 2022 | Windows DNS Server Remote Code Execution Vulnerability | ||
| CVE-2022-26818 | Med | 0.43 | 6.6 | 0.02 | Apr 15, 2022 | Windows DNS Server Remote Code Execution Vulnerability | ||
| CVE-2022-26817 | Med | 0.43 | 6.6 | 0.02 | Apr 15, 2022 | Windows DNS Server Remote Code Execution Vulnerability | ||
| CVE-2022-26814 | Med | 0.43 | 6.6 | 0.02 | Apr 15, 2022 | Windows DNS Server Remote Code Execution Vulnerability | ||
| CVE-2022-23271 | Med | 0.43 | 6.5 | 0.04 | Feb 9, 2022 | Microsoft Dynamics GP Elevation Of Privilege Vulnerability | ||
| CVE-2021-43216 | Med | 0.43 | 6.5 | 0.03 | Dec 15, 2021 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | ||
| CVE-2021-42305 | Med | 0.43 | 6.5 | 0.08 | Nov 10, 2021 | Microsoft Exchange Server Spoofing Vulnerability | ||
| CVE-2021-42304 | Med | 0.43 | 6.6 | 0.01 | Nov 10, 2021 | Azure RTOS Elevation of Privilege Vulnerability | ||
| CVE-2021-42303 | Med | 0.43 | 6.6 | 0.01 | Nov 10, 2021 | Azure RTOS Elevation of Privilege Vulnerability | ||
| CVE-2021-42302 | Med | 0.43 | 6.6 | 0.01 | Nov 10, 2021 | Azure RTOS Elevation of Privilege Vulnerability | ||
| CVE-2021-30621 | Med | 0.43 | 6.5 | 0.03 | Sep 3, 2021 | Chromium: CVE-2021-30621 UI Spoofing in Autofill | ||
| CVE-2021-30619 | Med | 0.43 | 6.5 | 0.03 | Sep 3, 2021 | Chromium: CVE-2021-30619 UI Spoofing in Autofill | ||
| CVE-2021-30617 | Med | 0.43 | 6.5 | 0.04 | Sep 3, 2021 | Chromium: CVE-2021-30617 Policy bypass in Blink | ||
| CVE-2021-30615 | Med | 0.43 | 6.5 | 0.06 | Sep 3, 2021 | Chromium: CVE-2021-30615 Cross-origin data leak in Navigation | ||
| CVE-2021-28442 | Med | 0.43 | 6.5 | 0.06 | Apr 13, 2021 | Windows TCP/IP Information Disclosure Vulnerability | ||
| CVE-2021-28323 | Med | 0.43 | 6.5 | 0.04 | Apr 13, 2021 | Windows DNS Information Disclosure Vulnerability | ||
| CVE-2021-24085 | Med | 0.43 | 6.5 | 0.05 | Feb 25, 2021 | Microsoft Exchange Server Spoofing Vulnerability | ||
| CVE-2021-1721 | Med | 0.43 | 6.5 | 0.03 | Feb 25, 2021 | .NET Core and Visual Studio Denial of Service Vulnerability | ||
| CVE-2021-1679 | Med | 0.43 | 6.5 | 0.03 | Jan 12, 2021 | Windows CryptoAPI Denial of Service Vulnerability | ||
| CVE-2021-1646 | Med | 0.43 | 6.6 | 0.01 | Jan 12, 2021 | Windows WLAN Service Elevation of Privilege Vulnerability | ||
| CVE-2020-17133 | Med | 0.43 | 6.5 | 0.04 | Dec 10, 2020 | Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability | ||
| CVE-2020-17119 | Med | 0.43 | 6.5 | 0.04 | Dec 10, 2020 | Microsoft Outlook Information Disclosure Vulnerability | ||
| CVE-2020-16953 | Med | 0.43 | 6.5 | 0.04 | Oct 16, 2020 | An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the… | ||
| CVE-2020-16948 | Med | 0.43 | 6.5 | 0.04 | Oct 16, 2020 | An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the… | ||
| CVE-2020-1590 | Med | 0.43 | 6.6 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the… | ||
| CVE-2020-1159 | Med | 0.43 | 6.6 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a… | ||
| CVE-2020-1146 | Med | 0.43 | 6.6 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to… | ||
| CVE-2020-1130 | Med | 0.43 | 6.6 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this… | ||
| CVE-2020-1097 | Med | 0.43 | 6.5 | 0.05 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple… | ||
| CVE-2020-1091 | Med | 0.43 | 6.5 | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple… | ||
| CVE-2020-0856 | Med | 0.43 | 6.5 | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system. To… | ||
| CVE-2020-0664 | Med | 0.43 | 6.5 | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system. To… | ||
| CVE-2020-1468 | Med | 0.43 | 6.5 | 0.05 | Jul 14, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | ||
| CVE-2020-1433 | Med | 0.43 | 6.5 | 0.05 | Jul 14, 2020 | An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Information Disclosure Vulnerability'. | ||
| CVE-2020-1397 | Med | 0.43 | 6.5 | 0.06 | Jul 14, 2020 | An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'. | ||
| CVE-2020-1348 | Med | 0.43 | 6.5 | 0.05 | Jun 9, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | ||
| CVE-2020-1322 | Med | 0.43 | 6.5 | 0.05 | Jun 9, 2020 | An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'. | ||
| CVE-2020-1284 | Med | 0.43 | 6.5 | 0.07 | Jun 9, 2020 | A denial of service vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Denial of Service Vulnerability'. | ||
| CVE-2020-1283 | Med | 0.43 | 6.5 | 0.09 | Jun 9, 2020 | A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. | ||
| CVE-2020-1232 | Med | 0.43 | 6.5 | 0.06 | Jun 9, 2020 | An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. | ||
| CVE-2020-1179 | Med | 0.43 | 6.5 | 0.06 | May 21, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0963, CVE-2020-1141, CVE-2020-1145. | ||
| CVE-2020-0963 | Med | 0.43 | 6.5 | 0.06 | May 21, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1141, CVE-2020-1145, CVE-2020-1179. | ||
| CVE-2020-0993 | Med | 0.43 | 6.5 | 0.05 | Apr 15, 2020 | A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka 'Windows DNS Denial of Service Vulnerability'. | ||
| CVE-2020-0970 | Hig | 0.43 | 7.5 | 0.13 | Apr 15, 2020 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0968. |
- risk 0.43cvss 6.6epss 0.01
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
- risk 0.43cvss 6.5epss 0.03
Skype for Business Information Disclosure Vulnerability
- risk 0.43cvss 6.6epss 0.02
Windows DNS Server Remote Code Execution Vulnerability
- risk 0.43cvss 6.6epss 0.02
Windows DNS Server Remote Code Execution Vulnerability
- risk 0.43cvss 6.6epss 0.02
Windows DNS Server Remote Code Execution Vulnerability
- risk 0.43cvss 6.6epss 0.02
Windows DNS Server Remote Code Execution Vulnerability
- risk 0.43cvss 6.6epss 0.02
Windows DNS Server Remote Code Execution Vulnerability
- risk 0.43cvss 6.6epss 0.02
Windows DNS Server Remote Code Execution Vulnerability
- risk 0.43cvss 6.6epss 0.02
Windows DNS Server Remote Code Execution Vulnerability
- risk 0.43cvss 6.6epss 0.02
Windows DNS Server Remote Code Execution Vulnerability
- risk 0.43cvss 6.5epss 0.04
Microsoft Dynamics GP Elevation Of Privilege Vulnerability
- risk 0.43cvss 6.5epss 0.03
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.08
Microsoft Exchange Server Spoofing Vulnerability
- risk 0.43cvss 6.6epss 0.01
Azure RTOS Elevation of Privilege Vulnerability
- risk 0.43cvss 6.6epss 0.01
Azure RTOS Elevation of Privilege Vulnerability
- risk 0.43cvss 6.6epss 0.01
Azure RTOS Elevation of Privilege Vulnerability
- risk 0.43cvss 6.5epss 0.03
Chromium: CVE-2021-30621 UI Spoofing in Autofill
- risk 0.43cvss 6.5epss 0.03
Chromium: CVE-2021-30619 UI Spoofing in Autofill
- risk 0.43cvss 6.5epss 0.04
Chromium: CVE-2021-30617 Policy bypass in Blink
- risk 0.43cvss 6.5epss 0.06
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation
- risk 0.43cvss 6.5epss 0.06
Windows TCP/IP Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.04
Windows DNS Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.05
Microsoft Exchange Server Spoofing Vulnerability
- risk 0.43cvss 6.5epss 0.03
.NET Core and Visual Studio Denial of Service Vulnerability
- risk 0.43cvss 6.5epss 0.03
Windows CryptoAPI Denial of Service Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows WLAN Service Elevation of Privilege Vulnerability
- risk 0.43cvss 6.5epss 0.04
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.04
Microsoft Outlook Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.04
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the…
- risk 0.43cvss 6.5epss 0.04
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the…
- risk 0.43cvss 6.6epss 0.01
An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the…
- risk 0.43cvss 6.6epss 0.01
An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a…
- risk 0.43cvss 6.6epss 0.01
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to…
- risk 0.43cvss 6.6epss 0.01
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this…
- risk 0.43cvss 6.5epss 0.05
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple…
- risk 0.43cvss 6.5epss 0.04
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple…
- risk 0.43cvss 6.5epss 0.04
An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system. To…
- risk 0.43cvss 6.5epss 0.04
An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system. To…
- risk 0.43cvss 6.5epss 0.05
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.
- risk 0.43cvss 6.5epss 0.05
An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Information Disclosure Vulnerability'.
- risk 0.43cvss 6.5epss 0.06
An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.
- risk 0.43cvss 6.5epss 0.05
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.
- risk 0.43cvss 6.5epss 0.05
An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.
- risk 0.43cvss 6.5epss 0.07
A denial of service vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Denial of Service Vulnerability'.
- risk 0.43cvss 6.5epss 0.09
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.
- risk 0.43cvss 6.5epss 0.06
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
- risk 0.43cvss 6.5epss 0.06
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0963, CVE-2020-1141, CVE-2020-1145.
- risk 0.43cvss 6.5epss 0.06
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1141, CVE-2020-1145, CVE-2020-1179.
- risk 0.43cvss 6.5epss 0.05
A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka 'Windows DNS Denial of Service Vulnerability'.
- risk 0.43cvss 7.5epss 0.13
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0968.
Page 147 of 287