VYPR

Vendor CVEs

Microsoft

All CVEs

14,319 total · sorted by risk
  • CVE-2021-36928MedAug 26, 2021
    risk 0.39cvss 6.0epss 0.01

    Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

  • CVE-2021-26430MedAug 12, 2021
    risk 0.39cvss 6.0epss 0.01

    Azure Sphere Denial of Service Vulnerability

  • CVE-2021-33764MedJul 14, 2021
    risk 0.39cvss 5.9epss 0.03

    Windows Key Distribution Center Information Disclosure Vulnerability

  • CVE-2021-31957MedJun 8, 2021
    risk 0.39cvss 5.9epss 0.05

    ASP.NET Core Denial of Service Vulnerability

  • CVE-2020-1343MedJun 9, 2020
    risk 0.39cvss 5.9epss 0.03

    An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure Vulnerability'.

  • CVE-2020-1195MedMay 21, 2020
    risk 0.39cvss 5.9epss 0.03

    An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'.

  • CVE-2020-0751MedFeb 11, 2020
    risk 0.39cvss 6.0epss 0.01

    A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,…

  • CVE-2020-0617MedJan 14, 2020
    risk 0.39cvss 6.0epss 0.01

    A denial of service vulnerability exists when Microsoft Hyper-V Virtual PCI on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Hyper-V Denial of Service Vulnerability'.

  • CVE-2019-1345MedOct 10, 2019
    risk 0.39cvss 5.5epss 0.03

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1334.

  • CVE-2019-1344MedOct 10, 2019
    risk 0.39cvss 5.5epss 0.03

    An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory, aka 'Windows Code Integrity Module Information Disclosure Vulnerability'.

  • CVE-2019-1338MedOct 10, 2019
    risk 0.39cvss 5.9epss 0.03

    A security feature bypass vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLMv2 protection if a client is also sending LMv2 responses, aka 'Windows NTLM Security Feature Bypass Vulnerability'.

  • CVE-2019-1318MedOct 10, 2019
    risk 0.39cvss 5.9epss 0.03

    A spoofing vulnerability exists when Transport Layer Security (TLS) accesses non- Extended Master Secret (EMS) sessions, aka 'Microsoft Windows Transport Layer Security Spoofing Vulnerability'.

  • CVE-2019-1231MedSep 11, 2019
    risk 0.39cvss 5.9epss 0.02

    An information disclosure vulnerability exists in the way Rome SDK handles server SSL/TLS certificate validation, aka 'Rome SDK Information Disclosure Vulnerability'.

  • CVE-2019-1153MedAug 14, 2019
    risk 0.39cvss 5.5epss 0.03

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this…

  • CVE-2019-1148MedAug 14, 2019
    risk 0.39cvss 5.5epss 0.03

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this…

  • CVE-2019-1029MedJun 12, 2019
    risk 0.39cvss 5.9epss 0.05

    A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's…

  • CVE-2019-1008MedMay 16, 2019
    risk 0.39cvss 5.9epss 0.03

    A security feature bypass vulnerability exists in Dynamics On Premise, aka 'Microsoft Dynamics On-Premise Security Feature Bypass'.

  • CVE-2019-0932MedMay 16, 2019
    risk 0.39cvss 5.9epss 0.05

    An information disclosure vulnerability exists in Skype for Android, aka 'Skype for Android Information Disclosure Vulnerability'.

  • CVE-2019-0796MedApr 9, 2019
    risk 0.39cvss 5.5epss 0.04

    An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.

  • CVE-2019-0683MedApr 9, 2019
    risk 0.39cvss 5.9epss 0.03

    An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.

  • CVE-2019-0657MedMar 5, 2019
    risk 0.39cvss 5.9epss 0.05

    A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.

  • CVE-2019-0641MedMar 5, 2019
    risk 0.39cvss 5.9epss 0.03

    A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.

  • CVE-2018-8546MedNov 14, 2018
    risk 0.39cvss 5.9epss 0.05

    A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Lync, Skype.

  • CVE-2018-8444MedSep 13, 2018
    risk 0.39cvss 5.9epss 0.06

    An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka "Windows SMB Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 10, Windows 8.1, Windows RT 8.1,…

  • CVE-2018-8304MedJul 11, 2018
    risk 0.39cvss 5.9epss 0.12

    A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008,…

  • CVE-2018-0975MedApr 12, 2018
    risk 0.39cvss 5.5epss 0.03

    An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows…

  • CVE-2018-0974MedApr 12, 2018
    risk 0.39cvss 5.5epss 0.04

    An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows…

  • CVE-2018-0973MedApr 12, 2018
    risk 0.39cvss 5.5epss 0.04

    An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows…

  • CVE-2018-0972MedApr 12, 2018
    risk 0.39cvss 5.5epss 0.04

    An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows…

  • CVE-2018-0971MedApr 12, 2018
    risk 0.39cvss 5.5epss 0.04

    An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows…

  • CVE-2018-0970MedApr 12, 2018
    risk 0.39cvss 5.5epss 0.04

    An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows…

  • CVE-2018-0969MedApr 12, 2018
    risk 0.39cvss 5.5epss 0.04

    An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows…

  • CVE-2018-0968MedApr 12, 2018
    risk 0.39cvss 5.5epss 0.04

    An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows…

  • CVE-2018-4863MedApr 5, 2018
    risk 0.39cvss 5.5epss 0.01

    Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key.

  • CVE-2018-0753MedJan 4, 2018
    risk 0.39cvss 5.9epss 0.09

    Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a denial of service vulnerability due to the way objects are handled in memory, aka "Windows IPSec Denial of Service…

  • CVE-2017-11906MedDec 12, 2017
    risk 0.39cvss 5.3epss 0.25

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the…

  • CVE-2017-11785MedOct 13, 2017
    risk 0.39cvss 5.5epss 0.03

    The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability…

  • CVE-2017-8687MedSep 13, 2017
    risk 0.39cvss 5.5epss 0.04

    The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it…

  • CVE-2017-8685MedSep 13, 2017
    risk 0.39cvss 5.5epss 0.03

    Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8684 and CVE-2017-8688.

  • CVE-2017-8684MedSep 13, 2017
    risk 0.39cvss 5.5epss 0.04

    Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability".…

  • CVE-2017-8681MedSep 13, 2017
    risk 0.39cvss 5.5epss 0.04

    The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it…

  • CVE-2017-8680MedSep 13, 2017
    risk 0.39cvss 5.5epss 0.04

    The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Win32k Information…

  • CVE-2017-8678MedSep 13, 2017
    risk 0.39cvss 5.5epss 0.04

    The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it…

  • CVE-2017-8673MedAug 8, 2017
    risk 0.39cvss 5.9epss 0.05

    The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 10 1703 allows an attacker to connect to a target system using RDP and send specially crafted requests, aka "Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability."

  • CVE-2017-8582MedJul 11, 2017
    risk 0.39cvss 5.9epss 0.08

    HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly…

  • CVE-2017-8564MedJul 11, 2017
    risk 0.39cvss 5.5epss 0.03

    Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly…

  • CVE-2017-8469MedJun 15, 2017
    risk 0.39cvss 5.5epss 0.04

    The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted…

  • CVE-2017-0280MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.07

    The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0273.

  • CVE-2017-0276MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.07

    Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…

  • CVE-2017-0275MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.08

    Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…

Page 163 of 287