VYPR

Vendor CVEs

Microsoft

All CVEs

14,318 total · sorted by risk
  • CVE-2022-24512MedMar 9, 2022
    risk 0.34cvss 6.3epss 0.02

    .NET and Visual Studio Remote Code Execution Vulnerability

  • CVE-2021-41346MedOct 13, 2021
    risk 0.34cvss 5.3epss 0.00

    Console Window Host Security Feature Bypass Vulnerability

  • CVE-2019-1009MedJun 12, 2019
    risk 0.34cvss 4.7epss 0.48

    An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an…

  • CVE-2018-8468MedSep 13, 2018
    risk 0.34cvss 4.7epss 0.12

    An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016,…

  • CVE-2018-0901MedMar 14, 2018
    risk 0.34cvss 4.7epss 0.02

    The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability…

  • CVE-2018-0897MedMar 14, 2018
    risk 0.34cvss 4.7epss 0.02

    The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability…

  • CVE-2018-0895MedMar 14, 2018
    risk 0.34cvss 4.7epss 0.03

    The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability…

  • CVE-2018-0894MedMar 14, 2018
    risk 0.34cvss 4.7epss 0.02

    The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability…

  • CVE-2018-0832MedFeb 15, 2018
    risk 0.34cvss 4.7epss 0.02

    The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows…

  • CVE-2018-0745MedJan 4, 2018
    risk 0.34cvss 4.7epss 0.03

    The Windows kernel in Windows 10 version 1703. Windows 10 version 1709, and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Windows Information Disclosure Vulnerability". This CVE ID is unique from…

  • CVE-2017-11831MedNov 15, 2017
    risk 0.34cvss 4.7epss 0.03

    Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a…

  • CVE-2017-8708MedSep 13, 2017
    risk 0.34cvss 4.7epss 0.04

    The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it…

  • CVE-2017-0259MedMay 12, 2017
    risk 0.34cvss 4.7epss 0.10

    The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information…

  • CVE-2017-0258MedMay 12, 2017
    risk 0.34cvss 4.7epss 0.07

    The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a…

  • CVE-2017-0245MedMay 12, 2017
    risk 0.34cvss 4.7epss 0.08

    The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability."

  • CVE-2017-0220MedMay 12, 2017
    risk 0.34cvss 4.7epss 0.07

    The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different…

  • CVE-2017-0175MedMay 12, 2017
    risk 0.34cvss 4.7epss 0.07

    The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0220,…

  • CVE-2017-0058MedApr 12, 2017
    risk 0.34cvss 4.7epss 0.04

    A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k…

  • CVE-2017-0121MedMar 17, 2017
    risk 0.34cvss 4.3epss 0.42

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from…

  • CVE-2026-45502MedJun 9, 2026
    risk 0.33cvss 5.0epss 0.00

    Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.

  • CVE-2026-35199MedApr 6, 2026
    risk 0.33cvss 6.1epss 0.00

    SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height…

  • CVE-2026-0385MedMar 16, 2026
    risk 0.33cvss 5.0epss 0.00

    Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

  • CVE-2025-62453MedNov 11, 2025
    risk 0.33cvss 5.0epss 0.00

    Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.

  • CVE-2025-59198MedOct 14, 2025
    risk 0.33cvss 5.0epss 0.00

    Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

  • CVE-2025-55679MedOct 14, 2025
    risk 0.33cvss 5.1epss 0.00

    Improper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally.

  • CVE-2025-33069MedJun 10, 2025
    risk 0.33cvss 5.1epss 0.00

    Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally.

  • CVE-2025-26644MedApr 8, 2025
    risk 0.33cvss 5.1epss 0.01

    Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.

  • CVE-2022-40733MedDec 18, 2024
    risk 0.33cvss 5.0epss 0.01

    An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls…

  • CVE-2022-40732MedDec 18, 2024
    risk 0.33cvss 5.0epss 0.01

    An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls…

  • CVE-2024-43520MedOct 8, 2024
    risk 0.33cvss 5.0epss 0.01

    Windows Kernel Denial of Service Vulnerability

  • CVE-2024-45383MedSep 12, 2024
    risk 0.33cvss 5.0epss 0.02

    A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local…

  • CVE-2024-29991MedApr 19, 2024
    risk 0.33cvss 5.0epss 0.01

    Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

  • CVE-2024-26220MedApr 9, 2024
    risk 0.33cvss 5.0epss 0.01

    Windows Mobile Hotspot Information Disclosure Vulnerability

  • CVE-2024-21448MedMar 12, 2024
    risk 0.33cvss 5.0epss 0.01

    Microsoft Teams for Android Information Disclosure Vulnerability

  • CVE-2024-21374MedFeb 13, 2024
    risk 0.33cvss 5.0epss 0.01

    Microsoft Teams for Android Information Disclosure Vulnerability

  • CVE-2023-23408MedMar 14, 2023
    risk 0.33cvss 4.5epss 0.04

    Azure Apache Ambari Spoofing Vulnerability

  • CVE-2023-21722MedFeb 14, 2023
    risk 0.33cvss 5.0epss 0.01

    .NET Framework Denial of Service Vulnerability

  • CVE-2021-42297MedNov 24, 2021
    risk 0.33cvss 5.0epss 0.01

    Windows 10 Update Assistant Elevation of Privilege Vulnerability

  • CVE-2021-34485MedAug 12, 2021
    risk 0.33cvss 5.0epss 0.01

    .NET Core and Visual Studio Information Disclosure Vulnerability

  • CVE-2021-31944MedJun 8, 2021
    risk 0.33cvss 5.0epss 0.03

    3D Viewer Information Disclosure Vulnerability

  • CVE-2021-28450MedApr 13, 2021
    risk 0.33cvss 5.0epss 0.02

    Microsoft SharePoint Denial of Service Vulnerability

  • CVE-2021-24100MedFeb 25, 2021
    risk 0.33cvss 5.0epss 0.03

    Microsoft Edge for Android Information Disclosure Vulnerability

  • CVE-2021-1684MedJan 12, 2021
    risk 0.33cvss 5.0epss 0.02

    Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that…

  • CVE-2021-1683MedJan 12, 2021
    risk 0.33cvss 5.0epss 0.02

    Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that…

  • CVE-2021-1645MedJan 12, 2021
    risk 0.33cvss 5.0epss 0.07

    Windows Docker Information Disclosure Vulnerability

  • CVE-2020-16950MedOct 16, 2020
    risk 0.33cvss 5.0epss 0.04

    An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the…

  • CVE-2020-16901MedOct 16, 2020
    risk 0.33cvss 5.0epss 0.01

    An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this…

  • CVE-2020-0837MedSep 11, 2020
    risk 0.33cvss 5.0epss 0.01

    An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication…

  • CVE-2020-1483MedAug 17, 2020
    risk 0.33cvss 5.0epss 0.09

    A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on…

  • CVE-2019-1077MedJul 15, 2019
    risk 0.33cvss 5.0epss 0.02

    An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka 'Visual Studio Elevation of Privilege Vulnerability'.

Page 187 of 287