VYPR

Vendor CVEs

Microsoft

All CVEs

14,318 total · sorted by risk
  • CVE-2026-45465MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.01

    Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

  • CVE-2026-45464MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.01

    Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

  • CVE-2026-45453MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.01

    Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

  • CVE-2026-33113MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.01

    Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

  • CVE-2026-45494MedMay 18, 2026
    risk 0.35cvss 5.4epss 0.00

    Microsoft Edge (Chromium-based) Spoofing Vulnerability

  • CVE-2026-45492MedMay 18, 2026
    risk 0.35cvss 5.4epss 0.00

    Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2026-42838MedMay 12, 2026
    risk 0.35cvss 5.4epss 0.00

    Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2026-35423MedMay 12, 2026
    risk 0.35cvss 5.4epss 0.01

    Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-33119MedApr 10, 2026
    risk 0.35cvss 5.4epss 0.00

    User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-34401MedMar 31, 2026
    risk 0.35cvss 6.5epss 0.01

    XML Notepad is a Windows program that provides a simple intuitive User Interface for browsing and editing XML documents. Prior to version 2.9.0.21, XML Notepad does not disable DTD processing by default which means external entities are resolved automatically. There is a well…

  • CVE-2025-49745MedAug 12, 2025
    risk 0.35cvss 5.4epss 0.00

    Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-25007MedAug 12, 2025
    risk 0.35cvss 5.3epss 0.01

    Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-25006MedAug 12, 2025
    risk 0.35cvss 5.3epss 0.01

    Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-7676MedJul 28, 2025
    risk 0.35cvss epss 0.00

    DLL hijacking of all PE32 executables when run on Windows for ARM64 CPU architecture. This allows an attacker to execute code, if the attacker can plant a DLL in the same directory as the executable. Vulnerable versions of Windows 11 for ARM attempt to load Base DLLs that would…

  • CVE-2025-47964MedJul 11, 2025
    risk 0.35cvss 5.4epss 0.00

    Microsoft Edge (Chromium-based) Spoofing Vulnerability

  • CVE-2025-47160MedJun 10, 2025
    risk 0.35cvss 5.4epss 0.01

    Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2025-29956MedMay 13, 2025
    risk 0.35cvss 5.4epss 0.01

    Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.

  • CVE-2025-27472MedApr 8, 2025
    risk 0.35cvss 5.4epss 0.01

    Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2025-24986MedMar 11, 2025
    risk 0.35cvss 6.5epss 0.00

    Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network.

  • CVE-2025-26643MedMar 7, 2025
    risk 0.35cvss 5.4epss 0.01

    The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2025-21259MedFeb 11, 2025
    risk 0.35cvss 5.3epss 0.01

    Microsoft Outlook Spoofing Vulnerability

  • CVE-2025-21253MedFeb 6, 2025
    risk 0.35cvss 5.3epss 0.01

    Microsoft Edge for IOS and Android Spoofing Vulnerability

  • CVE-2025-21262MedJan 24, 2025
    risk 0.35cvss 5.4epss 0.00

    User Interface (UI) Misrepresentation of Critical Information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network

  • CVE-2024-49025MedNov 14, 2024
    risk 0.35cvss 5.4epss 0.01

    Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

  • CVE-2024-43580MedOct 17, 2024
    risk 0.35cvss 5.4epss 0.00

    Microsoft Edge (Chromium-based) Spoofing Vulnerability

  • CVE-2024-35270MedJul 9, 2024
    risk 0.35cvss 5.3epss 0.01

    Windows iSCSI Service Denial of Service Vulnerability

  • CVE-2024-30058MedJun 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Microsoft Edge (Chromium-based) Spoofing Vulnerability

  • CVE-2024-30057MedJun 13, 2024
    risk 0.35cvss 5.4epss 0.00

    Microsoft Edge for iOS Spoofing Vulnerability

  • CVE-2024-30041MedMay 14, 2024
    risk 0.35cvss 5.4epss 0.01

    Microsoft Bing Search Spoofing Vulnerability

  • CVE-2024-30055MedMay 14, 2024
    risk 0.35cvss 5.4epss 0.01

    Microsoft Edge (Chromium-based) Spoofing Vulnerability

  • CVE-2024-29986MedApr 18, 2024
    risk 0.35cvss 5.4epss 0.01

    Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

  • CVE-2024-21387MedJan 26, 2024
    risk 0.35cvss 5.3epss 0.01

    Microsoft Edge for Android Spoofing Vulnerability

  • CVE-2024-21313MedJan 9, 2024
    risk 0.35cvss 5.3epss 0.01

    Windows TCP/IP Information Disclosure Vulnerability

  • CVE-2023-36012MedDec 12, 2023
    risk 0.35cvss 5.3epss 0.02

    DHCP Server Service Information Disclosure Vulnerability

  • CVE-2023-35619MedDec 12, 2023
    risk 0.35cvss 5.3epss 0.01

    Microsoft Outlook for Mac Spoofing Vulnerability

  • CVE-2023-49283MedDec 5, 2023
    risk 0.35cvss 5.4epss 0.02

    microsoft-graph-core the Microsoft Graph Library for PHP. The Microsoft Graph Beta PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at…

  • CVE-2023-49282MedDec 5, 2023
    risk 0.35cvss 5.4epss 0.02

    msgraph-sdk-php is the Microsoft Graph Library for PHP. The Microsoft Graph PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at vendor/microsoft/microsoft-graph/tests/Ge…

  • CVE-2023-36801MedSep 12, 2023
    risk 0.35cvss 5.3epss 0.01

    DHCP Server Service Information Disclosure Vulnerability

  • CVE-2023-35384MedAug 8, 2023
    risk 0.35cvss 5.4epss 0.02

    Windows HTML Platforms Security Feature Bypass Vulnerability

  • CVE-2023-24896MedJul 14, 2023
    risk 0.35cvss 5.4epss 0.01

    Dynamics 365 Finance Spoofing Vulnerability

  • CVE-2023-35373MedJul 11, 2023
    risk 0.35cvss 5.3epss 0.01

    Mono Authenticode Validation Spoofing Vulnerability

  • CVE-2023-32052MedJul 11, 2023
    risk 0.35cvss 5.4epss 0.00

    Microsoft Power Apps (online) Spoofing Vulnerability

  • CVE-2021-34475MedJul 1, 2023
    risk 0.35cvss 5.4epss 0.01

    Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

  • CVE-2023-32013MedJun 14, 2023
    risk 0.35cvss 5.3epss 0.02

    Windows Hyper-V Denial of Service Vulnerability

  • CVE-2023-29355MedJun 14, 2023
    risk 0.35cvss 5.3epss 0.01

    DHCP Server Service Information Disclosure Vulnerability

  • CVE-2023-28290MedMay 9, 2023
    risk 0.35cvss 5.3epss 0.01

    Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability

  • CVE-2023-28226MedApr 11, 2023
    risk 0.35cvss 5.3epss 0.01

    Windows Enroll Engine Security Feature Bypass Vulnerability

  • CVE-2023-24921MedMar 14, 2023
    risk 0.35cvss 5.4epss 0.01

    Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

  • CVE-2023-24920MedMar 14, 2023
    risk 0.35cvss 5.4epss 0.00

    Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

  • CVE-2023-24919MedMar 14, 2023
    risk 0.35cvss 5.4epss 0.01

    Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Page 180 of 287