Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-24891 | Med | 0.35 | 5.4 | 0.01 | Mar 14, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2023-24879 | Med | 0.35 | 5.4 | 0.01 | Mar 14, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2023-21720 | Med | 0.35 | 5.3 | 0.01 | Feb 14, 2023 | Microsoft Edge (Chromium-based) Tampering Vulnerability | ||
| CVE-2023-21699 | Med | 0.35 | 5.3 | 0.01 | Feb 14, 2023 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | ||
| CVE-2023-21573 | Med | 0.35 | 5.4 | 0.01 | Feb 14, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2023-21571 | Med | 0.35 | 5.4 | 0.01 | Feb 14, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2023-21570 | Med | 0.35 | 5.4 | 0.01 | Feb 14, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2023-21743 | Med | 0.35 | 5.3 | 0.01 | Jan 10, 2023 | Microsoft SharePoint Server Security Feature Bypass Vulnerability | ||
| CVE-2023-21682 | Med | 0.35 | 5.3 | 0.01 | Jan 10, 2023 | Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability | ||
| CVE-2023-21525 | Med | 0.35 | 5.3 | 0.02 | Jan 10, 2023 | Remote Procedure Call Runtime Denial of Service Vulnerability | ||
| CVE-2022-41035 | Med | 0.35 | 5.3 | 0.01 | Oct 11, 2022 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2022-34692 | Med | 0.35 | 5.3 | 0.01 | Aug 9, 2022 | Microsoft Exchange Server Information Disclosure Vulnerability | ||
| CVE-2022-30154 | Med | 0.35 | 5.3 | 0.02 | Jun 15, 2022 | Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability | ||
| CVE-2022-26910 | Med | 0.35 | 5.3 | 0.02 | Apr 15, 2022 | Skype for Business and Lync Spoofing Vulnerability | ||
| CVE-2022-24503 | Med | 0.35 | 5.4 | 0.02 | Mar 9, 2022 | Remote Desktop Protocol Client Information Disclosure Vulnerability | ||
| CVE-2022-23280 | Med | 0.35 | 5.3 | 0.02 | Feb 9, 2022 | Microsoft Outlook for Mac Security Feature Bypass Vulnerability | ||
| CVE-2022-23269 | Med | 0.35 | 5.4 | 0.01 | Feb 9, 2022 | Microsoft Dynamics GP Spoofing Vulnerability | ||
| CVE-2022-23261 | Med | 0.35 | 5.3 | 0.02 | Feb 7, 2022 | Microsoft Edge (Chromium-based) Tampering Vulnerability | ||
| CVE-2022-21925 | Med | 0.35 | 5.3 | 0.03 | Jan 11, 2022 | Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability | ||
| CVE-2022-21924 | Med | 0.35 | 5.3 | 0.03 | Jan 11, 2022 | Workstation Service Remote Protocol Security Feature Bypass Vulnerability | ||
| CVE-2022-21913 | Med | 0.35 | 5.3 | 0.03 | Jan 11, 2022 | Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass | ||
| CVE-2021-33850 | Med | 0.35 | 5.4 | 0.02 | Nov 19, 2021 | There is a Cross-Site Scripting vulnerability in Microsoft Clarity version 0.3. The XSS payload executes whenever the user changes the clarity configuration in Microsoft Clarity version 0.3. The payload is stored on the configuring project Id page. | ||
| CVE-2021-41361 | Med | 0.35 | 5.4 | 0.01 | Oct 13, 2021 | Active Directory Federation Server Spoofing Vulnerability | ||
| CVE-2021-41354 | Med | 0.35 | 5.4 | 0.01 | Oct 13, 2021 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2021-41353 | Med | 0.35 | 5.4 | 0.01 | Oct 13, 2021 | Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability | ||
| CVE-2021-40482 | Med | 0.35 | 5.3 | 0.02 | Oct 13, 2021 | Microsoft SharePoint Server Information Disclosure Vulnerability | ||
| CVE-2021-40456 | Med | 0.35 | 5.3 | 0.02 | Oct 13, 2021 | Windows AD FS Security Feature Bypass Vulnerability | ||
| CVE-2021-40440 | Med | 0.35 | 5.4 | 0.01 | Sep 15, 2021 | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | ||
| CVE-2021-36930 | Med | 0.35 | 5.3 | 0.01 | Sep 2, 2021 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2021-36950 | Med | 0.35 | 5.4 | 0.01 | Aug 12, 2021 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2021-36946 | Med | 0.35 | 5.4 | 0.01 | Aug 12, 2021 | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | ||
| CVE-2021-34451 | Med | 0.35 | 5.3 | 0.02 | Jul 16, 2021 | Microsoft Office Online Server Spoofing Vulnerability | ||
| CVE-2021-34519 | Med | 0.35 | 5.3 | 0.04 | Jul 14, 2021 | Microsoft SharePoint Server Information Disclosure Vulnerability | ||
| CVE-2021-34517 | Med | 0.35 | 5.3 | 0.02 | Jul 14, 2021 | Microsoft SharePoint Server Spoofing Vulnerability | ||
| CVE-2021-33757 | Med | 0.35 | 5.3 | 0.03 | Jul 14, 2021 | Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability | ||
| CVE-2021-33744 | Med | 0.35 | 5.3 | 0.01 | Jul 14, 2021 | Windows Secure Kernel Mode Security Feature Bypass Vulnerability | ||
| CVE-2021-26414 | Med | 0.35 | 4.8 | 0.50 | Jun 8, 2021 | Windows DCOM Server Security Feature Bypass | ||
| CVE-2021-31173 | Med | 0.35 | 5.3 | 0.02 | May 11, 2021 | Microsoft SharePoint Server Information Disclosure Vulnerability | ||
| CVE-2021-27052 | Med | 0.35 | 5.3 | 0.03 | Mar 11, 2021 | Microsoft SharePoint Server Information Disclosure Vulnerability | ||
| CVE-2021-24113 | Med | 0.35 | 5.4 | 0.01 | Feb 25, 2021 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | ||
| CVE-2021-24071 | Med | 0.35 | 5.3 | 0.03 | Feb 25, 2021 | Microsoft SharePoint Information Disclosure Vulnerability | ||
| CVE-2021-1730 | Med | 0.35 | 5.4 | 0.02 | Feb 25, 2021 | A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user. This update addresses this vulnerability. To prevent these types of attacks, Microsoft recommends customers… | ||
| CVE-2020-17145 | Med | 0.35 | 5.4 | 0.01 | Dec 10, 2020 | Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | ||
| CVE-2020-17120 | Med | 0.35 | 5.3 | 0.03 | Dec 10, 2020 | Microsoft SharePoint Information Disclosure Vulnerability | ||
| CVE-2020-1325 | Med | 0.35 | 5.4 | 0.02 | Nov 11, 2020 | Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | ||
| CVE-2020-17090 | Med | 0.35 | 5.3 | 0.03 | Nov 11, 2020 | Microsoft Defender for Endpoint Security Feature Bypass Vulnerability | ||
| CVE-2020-17060 | Med | 0.35 | 5.4 | 0.02 | Nov 11, 2020 | Microsoft SharePoint Server Spoofing Vulnerability | ||
| CVE-2020-17021 | Med | 0.35 | 5.4 | 0.01 | Nov 11, 2020 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2020-17018 | Med | 0.35 | 5.4 | 0.01 | Nov 11, 2020 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2020-17017 | Med | 0.35 | 5.3 | 0.04 | Nov 11, 2020 | Microsoft SharePoint Information Disclosure Vulnerability |
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.3epss 0.01
Microsoft Edge (Chromium-based) Tampering Vulnerability
- risk 0.35cvss 5.3epss 0.01
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.3epss 0.01
Microsoft SharePoint Server Security Feature Bypass Vulnerability
- risk 0.35cvss 5.3epss 0.01
Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.02
Remote Procedure Call Runtime Denial of Service Vulnerability
- risk 0.35cvss 5.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.35cvss 5.3epss 0.01
Microsoft Exchange Server Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.02
Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability
- risk 0.35cvss 5.3epss 0.02
Skype for Business and Lync Spoofing Vulnerability
- risk 0.35cvss 5.4epss 0.02
Remote Desktop Protocol Client Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.02
Microsoft Outlook for Mac Security Feature Bypass Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics GP Spoofing Vulnerability
- risk 0.35cvss 5.3epss 0.02
Microsoft Edge (Chromium-based) Tampering Vulnerability
- risk 0.35cvss 5.3epss 0.03
Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability
- risk 0.35cvss 5.3epss 0.03
Workstation Service Remote Protocol Security Feature Bypass Vulnerability
- risk 0.35cvss 5.3epss 0.03
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass
- risk 0.35cvss 5.4epss 0.02
There is a Cross-Site Scripting vulnerability in Microsoft Clarity version 0.3. The XSS payload executes whenever the user changes the clarity configuration in Microsoft Clarity version 0.3. The payload is stored on the configuring project Id page.
- risk 0.35cvss 5.4epss 0.01
Active Directory Federation Server Spoofing Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability
- risk 0.35cvss 5.3epss 0.02
Microsoft SharePoint Server Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.02
Windows AD FS Security Feature Bypass Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
- risk 0.35cvss 5.3epss 0.01
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
- risk 0.35cvss 5.3epss 0.02
Microsoft Office Online Server Spoofing Vulnerability
- risk 0.35cvss 5.3epss 0.04
Microsoft SharePoint Server Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.02
Microsoft SharePoint Server Spoofing Vulnerability
- risk 0.35cvss 5.3epss 0.03
Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability
- risk 0.35cvss 5.3epss 0.01
Windows Secure Kernel Mode Security Feature Bypass Vulnerability
- risk 0.35cvss 4.8epss 0.50
Windows DCOM Server Security Feature Bypass
- risk 0.35cvss 5.3epss 0.02
Microsoft SharePoint Server Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.03
Microsoft SharePoint Server Information Disclosure Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
- risk 0.35cvss 5.3epss 0.03
Microsoft SharePoint Information Disclosure Vulnerability
- risk 0.35cvss 5.4epss 0.02
A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user. This update addresses this vulnerability. To prevent these types of attacks, Microsoft recommends customers…
- risk 0.35cvss 5.4epss 0.01
Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
- risk 0.35cvss 5.3epss 0.03
Microsoft SharePoint Information Disclosure Vulnerability
- risk 0.35cvss 5.4epss 0.02
Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
- risk 0.35cvss 5.3epss 0.03
Microsoft Defender for Endpoint Security Feature Bypass Vulnerability
- risk 0.35cvss 5.4epss 0.02
Microsoft SharePoint Server Spoofing Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.3epss 0.04
Microsoft SharePoint Information Disclosure Vulnerability
Page 181 of 287