VYPR

Vendor CVEs

Microsoft

All CVEs

14,319 total · sorted by risk
  • CVE-2019-0612MedApr 8, 2019
    risk 0.38cvss 5.3epss 0.11

    A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'.

  • CVE-2018-0885MedMar 14, 2018
    risk 0.38cvss 5.8epss 0.05

    The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows a denial of service vulnerability due to…

  • CVE-2017-11830MedNov 15, 2017
    risk 0.38cvss 5.3epss 0.03

    Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to make an unsigned file appear to be signed, due to a security feature bypass, aka "Device Guard Security Feature Bypass Vulnerability".

  • CVE-2017-0194MedApr 12, 2017
    risk 0.38cvss 5.5epss 0.26

    Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office Compatibility Pack SP2 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability."

  • CVE-2017-0191MedApr 12, 2017
    risk 0.38cvss 5.8epss 0.05

    A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could…

  • CVE-2017-0186MedApr 12, 2017
    risk 0.38cvss 5.8epss 0.05

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating…

  • CVE-2017-0185MedApr 12, 2017
    risk 0.38cvss 5.8epss 0.06

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating…

  • CVE-2017-0183MedApr 12, 2017
    risk 0.38cvss 5.8epss 0.04

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating…

  • CVE-2017-0182MedApr 12, 2017
    risk 0.38cvss 5.8epss 0.04

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating…

  • CVE-2017-0179MedApr 12, 2017
    risk 0.38cvss 5.8epss 0.04

    A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service…

  • CVE-2017-0168MedApr 12, 2017
    risk 0.38cvss 5.8epss 0.06

    An information disclosure vulnerability exists when the Windows Hyper-V Network Switch running on a Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 host operating system fails to properly validate input from an…

  • CVE-2017-0105MedMar 17, 2017
    risk 0.38cvss 5.5epss 0.30

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from out-of-bound memory via a…

  • CVE-2016-3263MedOct 14, 2016
    risk 0.38cvss 5.5epss 0.32

    Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for…

  • CVE-2016-3262MedOct 14, 2016
    risk 0.38cvss 5.5epss 0.32

    Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for…

  • CVE-2016-3315MedAug 9, 2016
    risk 0.38cvss 5.5epss 0.30

    Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."

  • CVE-2016-3234MedJun 16, 2016
    risk 0.38cvss 5.5epss 0.24

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1…

  • CVE-2016-3215MedJun 16, 2016
    risk 0.38cvss 5.5epss 0.34

    Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability…

  • CVE-2016-0028MedJun 16, 2016
    risk 0.38cvss 5.5epss 0.23

    Outlook Web Access (OWA) in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML…

  • CVE-2026-42915MedJun 9, 2026
    risk 0.37cvss 5.7epss 0.00

    Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service over an adjacent network.

  • CVE-2026-23670MedApr 14, 2026
    risk 0.37cvss 5.7epss 0.00

    Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

  • CVE-2026-23653MedApr 14, 2026
    risk 0.37cvss 5.7epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an authorized attacker to disclose information over a network.

  • CVE-2025-53719MedAug 12, 2025
    risk 0.37cvss 5.7epss 0.01

    Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

  • CVE-2025-53153MedAug 12, 2025
    risk 0.37cvss 5.7epss 0.01

    Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

  • CVE-2025-53148MedAug 12, 2025
    risk 0.37cvss 5.7epss 0.01

    Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

  • CVE-2025-53138MedAug 12, 2025
    risk 0.37cvss 5.7epss 0.01

    Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

  • CVE-2025-50157MedAug 12, 2025
    risk 0.37cvss 5.7epss 0.01

    Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

  • CVE-2025-50156MedAug 12, 2025
    risk 0.37cvss 5.7epss 0.01

    Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

  • CVE-2025-49722MedJul 8, 2025
    risk 0.37cvss 5.7epss 0.00

    Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.

  • CVE-2025-48002MedJul 8, 2025
    risk 0.37cvss 5.7epss 0.01

    Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network.

  • CVE-2025-29974MedMay 13, 2025
    risk 0.37cvss 5.7epss 0.01

    Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.

  • CVE-2025-29817MedApr 15, 2025
    risk 0.37cvss 5.7epss 0.01

    Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.

  • CVE-2024-43604MedOct 8, 2024
    risk 0.37cvss 5.7epss 0.01

    Outlook for Android Elevation of Privilege Vulnerability

  • CVE-2024-35263MedJun 11, 2024
    risk 0.37cvss 5.7epss 0.02

    Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

  • CVE-2024-26209MedApr 9, 2024
    risk 0.37cvss 5.5epss 0.15

    Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

  • CVE-2024-26160MedMar 12, 2024
    risk 0.37cvss 5.5epss 0.11

    Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability

  • CVE-2024-21430MedMar 12, 2024
    risk 0.37cvss 5.7epss 0.01

    Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability

  • CVE-2024-20695MedFeb 13, 2024
    risk 0.37cvss 5.7epss 0.01

    Skype for Business Information Disclosure Vulnerability

  • CVE-2024-20692MedJan 9, 2024
    risk 0.37cvss 5.7epss 0.01

    Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

  • CVE-2023-28261MedApr 27, 2023
    risk 0.37cvss 5.7epss 0.01

    Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

  • CVE-2023-21693MedFeb 14, 2023
    risk 0.37cvss 5.7epss 0.01

    Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

  • CVE-2022-30223MedJul 12, 2022
    risk 0.37cvss 5.7epss 0.01

    Windows Hyper-V Information Disclosure Vulnerability

  • CVE-2022-22711MedJul 12, 2022
    risk 0.37cvss 5.7epss 0.01

    Windows BitLocker Information Disclosure Vulnerability

  • CVE-2021-42288MedNov 10, 2021
    risk 0.37cvss 5.7epss 0.01

    Windows Hello Security Feature Bypass Vulnerability

  • CVE-2021-38632MedSep 15, 2021
    risk 0.37cvss 5.7epss 0.01

    BitLocker Security Feature Bypass Vulnerability

  • CVE-2021-34466MedJul 16, 2021
    risk 0.37cvss 5.7epss 0.01

    Windows Hello Security Feature Bypass Vulnerability

  • CVE-2021-31965MedJun 8, 2021
    risk 0.37cvss 5.7epss 0.05

    Microsoft SharePoint Server Information Disclosure Vulnerability

  • CVE-2021-31178MedMay 11, 2021
    risk 0.37cvss 5.5epss 0.16

    Microsoft Office Information Disclosure Vulnerability

  • CVE-2021-28444MedApr 13, 2021
    risk 0.37cvss 5.7epss 0.02

    Windows Hyper-V Security Feature Bypass Vulnerability

  • CVE-2021-27079MedApr 13, 2021
    risk 0.37cvss 5.7epss 0.03

    Windows Media Photo Codec Information Disclosure Vulnerability

  • CVE-2021-24114MedFeb 25, 2021
    risk 0.37cvss 5.7epss 0.03

    Microsoft Teams iOS Information Disclosure Vulnerability

Page 165 of 287