VYPR

Vendor CVEs

Microsoft

All CVEs

14,319 total · sorted by risk
  • CVE-2017-0274MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.07

    Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…

  • CVE-2017-0273MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.06

    The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0280.

  • CVE-2017-0271MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.13

    Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…

  • CVE-2017-0270MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.07

    Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…

  • CVE-2017-0269MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.06

    The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280.

  • CVE-2017-0268MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.07

    Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…

  • CVE-2017-0267MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.13

    Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…

  • CVE-2017-0171MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.04

    Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 are configured to answer version queries, aka "Windows DNS Server Denial of Service Vulnerability".

  • CVE-2017-0167MedApr 12, 2017
    risk 0.39cvss 5.5epss 0.06

    An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain…

  • CVE-2017-0045MedMar 17, 2017
    risk 0.39cvss 5.5epss 0.07

    Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise a target system, aka "Windows DVD Maker Cross-Site Request Forgery…

  • CVE-2016-7216MedNov 10, 2016
    risk 0.39cvss 5.5epss 0.04

    The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."

  • CVE-2016-0075MedOct 14, 2016
    risk 0.39cvss 5.5epss 0.07

    The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel…

  • CVE-2016-0149MedMay 11, 2016
    risk 0.39cvss 5.9epss 0.08

    Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows man-in-the-middle attackers to obtain sensitive cleartext information via vectors involving injection of cleartext data into the client-server data stream, aka "TLS/SSL Information Disclosure…

  • CVE-2012-2993MedSep 18, 2012
    risk 0.39cvss 5.9epss 0.04

    Microsoft Windows Phone 7 does not verify the domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL server for the (1) POP3, (2) IMAP, or (3) SMTP protocol via an arbitrary valid certificate.

  • CVE-2006-2374MedJun 13, 2006
    risk 0.39cvss 5.5epss 0.02

    The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device,…

  • CVE-2026-46538MedMay 27, 2026
    risk 0.38cvss 5.9epss 0.00

    Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by session_id only and does not verify that a TASK_END message came from the device that…

  • CVE-2026-45498MedKEVMay 20, 2026
    risk 0.38cvss 4.0epss 0.63

    Microsoft Defender Denial of Service Vulnerability

  • CVE-2026-32226MedApr 14, 2026
    risk 0.38cvss 5.9epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.

  • CVE-2025-48823MedJul 8, 2025
    risk 0.38cvss 5.9epss 0.01

    Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.

  • CVE-2025-29954MedMay 13, 2025
    risk 0.38cvss 5.9epss 0.01

    Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

  • CVE-2025-27471MedApr 8, 2025
    risk 0.38cvss 5.9epss 0.01

    Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.

  • CVE-2025-21242MedJan 14, 2025
    risk 0.38cvss 5.9epss 0.02

    Windows Kerberos Information Disclosure Vulnerability

  • CVE-2025-21225MedJan 14, 2025
    risk 0.38cvss 5.9epss 0.01

    Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

  • CVE-2024-38264MedNov 12, 2024
    risk 0.38cvss 5.9epss 0.01

    Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability

  • CVE-2024-49023MedOct 18, 2024
    risk 0.38cvss 5.9epss 0.01

    Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

  • CVE-2024-43587MedOct 17, 2024
    risk 0.38cvss 5.9epss 0.01

    Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

  • CVE-2024-37985MedSep 17, 2024
    risk 0.38cvss 5.9epss 0.01

    Windows Kernel Information Disclosure Vulnerability

  • CVE-2024-43472MedAug 16, 2024
    risk 0.38cvss 5.8epss 0.00

    Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

  • CVE-2024-38103MedJul 25, 2024
    risk 0.38cvss 5.9epss 0.00

    Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

  • CVE-2024-38099MedJul 9, 2024
    risk 0.38cvss 5.9epss 0.01

    Windows Remote Desktop Licensing Service Denial of Service Vulnerability

  • CVE-2024-21344MedFeb 13, 2024
    risk 0.38cvss 5.9epss 0.02

    Windows Network Address Translation (NAT) Denial of Service Vulnerability

  • CVE-2024-21343MedFeb 13, 2024
    risk 0.38cvss 5.9epss 0.02

    Windows Network Address Translation (NAT) Denial of Service Vulnerability

  • CVE-2024-21306MedJan 9, 2024
    risk 0.38cvss 5.7epss 0.06

    Microsoft Bluetooth Driver Spoofing Vulnerability

  • CVE-2022-35747MedMay 31, 2023
    risk 0.38cvss 5.9epss 0.02

    Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability

  • CVE-2023-24900MedMay 9, 2023
    risk 0.38cvss 5.9epss 0.01

    Windows NTLM Security Support Provider Information Disclosure Vulnerability

  • CVE-2022-41116MedNov 9, 2022
    risk 0.38cvss 5.9epss 0.01

    Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability

  • CVE-2022-41090MedNov 9, 2022
    risk 0.38cvss 5.9epss 0.01

    Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability

  • CVE-2022-41064MedNov 9, 2022
    risk 0.38cvss 5.8epss 0.01

    .NET Framework Information Disclosure Vulnerability

  • CVE-2022-37965MedOct 11, 2022
    risk 0.38cvss 5.9epss 0.01

    Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability

  • CVE-2022-23278MedMar 9, 2022
    risk 0.38cvss 5.9epss 0.02

    Microsoft Defender for Endpoint Spoofing Vulnerability

  • CVE-2022-23255MedFeb 9, 2022
    risk 0.38cvss 5.9epss 0.01

    Microsoft OneDrive for Android Security Feature Bypass Vulnerability

  • CVE-2020-1152MedSep 11, 2020
    risk 0.38cvss 5.8epss 0.01

    An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would have to log…

  • CVE-2019-1262MedSep 11, 2019
    risk 0.38cvss 5.4epss 0.03

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

  • CVE-2019-0723MedAug 14, 2019
    risk 0.38cvss 5.8epss 0.05

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…

  • CVE-2019-0718MedAug 14, 2019
    risk 0.38cvss 5.8epss 0.05

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…

  • CVE-2019-0717MedAug 14, 2019
    risk 0.38cvss 5.8epss 0.05

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…

  • CVE-2019-0716MedAug 14, 2019
    risk 0.38cvss 5.8epss 0.04

    A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected…

  • CVE-2019-0715MedAug 14, 2019
    risk 0.38cvss 5.8epss 0.05

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…

  • CVE-2019-0714MedAug 14, 2019
    risk 0.38cvss 5.8epss 0.05

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…

  • CVE-2019-1040MedJun 12, 2019
    risk 0.38cvss 5.3epss 0.48

    A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security…

Page 164 of 287