Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-24512 | Med | 0.34 | 6.3 | 0.02 | Mar 9, 2022 | .NET and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2021-41346 | Med | 0.34 | 5.3 | 0.00 | Oct 13, 2021 | Console Window Host Security Feature Bypass Vulnerability | ||
| CVE-2019-1009 | Med | 0.34 | 4.7 | 0.48 | Jun 12, 2019 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an… | ||
| CVE-2018-8468 | Med | 0.34 | 4.7 | 0.12 | Sep 13, 2018 | An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016,… | ||
| CVE-2018-0901 | Med | 0.34 | 4.7 | 0.02 | Mar 14, 2018 | The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability… | ||
| CVE-2018-0897 | Med | 0.34 | 4.7 | 0.02 | Mar 14, 2018 | The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability… | ||
| CVE-2018-0895 | Med | 0.34 | 4.7 | 0.03 | Mar 14, 2018 | The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability… | ||
| CVE-2018-0894 | Med | 0.34 | 4.7 | 0.02 | Mar 14, 2018 | The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability… | ||
| CVE-2018-0832 | Med | 0.34 | 4.7 | 0.02 | Feb 15, 2018 | The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows… | ||
| CVE-2018-0745 | Med | 0.34 | 4.7 | 0.03 | Jan 4, 2018 | The Windows kernel in Windows 10 version 1703. Windows 10 version 1709, and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Windows Information Disclosure Vulnerability". This CVE ID is unique from… | ||
| CVE-2017-11831 | Med | 0.34 | 4.7 | 0.03 | Nov 15, 2017 | Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a… | ||
| CVE-2017-8708 | Med | 0.34 | 4.7 | 0.04 | Sep 13, 2017 | The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it… | ||
| CVE-2017-0259 | Med | 0.34 | 4.7 | 0.10 | May 12, 2017 | The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information… | ||
| CVE-2017-0258 | Med | 0.34 | 4.7 | 0.07 | May 12, 2017 | The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a… | ||
| CVE-2017-0245 | Med | 0.34 | 4.7 | 0.08 | May 12, 2017 | The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability." | ||
| CVE-2017-0220 | Med | 0.34 | 4.7 | 0.07 | May 12, 2017 | The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different… | ||
| CVE-2017-0175 | Med | 0.34 | 4.7 | 0.07 | May 12, 2017 | The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0220,… | ||
| CVE-2017-0058 | Med | 0.34 | 4.7 | 0.04 | Apr 12, 2017 | A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k… | ||
| CVE-2017-0121 | Med | 0.34 | 4.3 | 0.42 | Mar 17, 2017 | Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from… | ||
| CVE-2026-45502 | Med | 0.33 | 5.0 | 0.00 | Jun 9, 2026 | Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network. | ||
| CVE-2026-35199 | Med | 0.33 | 6.1 | 0.00 | Apr 6, 2026 | SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height… | ||
| CVE-2026-0385 | Med | 0.33 | 5.0 | 0.00 | Mar 16, 2026 | Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability | ||
| CVE-2025-62453 | Med | 0.33 | 5.0 | 0.00 | Nov 11, 2025 | Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally. | ||
| CVE-2025-59198 | Med | 0.33 | 5.0 | 0.00 | Oct 14, 2025 | Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally. | ||
| CVE-2025-55679 | Med | 0.33 | 5.1 | 0.00 | Oct 14, 2025 | Improper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally. | ||
| CVE-2025-33069 | Med | 0.33 | 5.1 | 0.00 | Jun 10, 2025 | Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally. | ||
| CVE-2025-26644 | Med | 0.33 | 5.1 | 0.01 | Apr 8, 2025 | Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally. | ||
| CVE-2022-40733 | Med | 0.33 | 5.0 | 0.01 | Dec 18, 2024 | An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls… | ||
| CVE-2022-40732 | Med | 0.33 | 5.0 | 0.01 | Dec 18, 2024 | An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls… | ||
| CVE-2024-43520 | Med | 0.33 | 5.0 | 0.01 | Oct 8, 2024 | Windows Kernel Denial of Service Vulnerability | ||
| CVE-2024-45383 | Med | 0.33 | 5.0 | 0.02 | Sep 12, 2024 | A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local… | ||
| CVE-2024-29991 | Med | 0.33 | 5.0 | 0.01 | Apr 19, 2024 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | ||
| CVE-2024-26220 | Med | 0.33 | 5.0 | 0.01 | Apr 9, 2024 | Windows Mobile Hotspot Information Disclosure Vulnerability | ||
| CVE-2024-21448 | Med | 0.33 | 5.0 | 0.01 | Mar 12, 2024 | Microsoft Teams for Android Information Disclosure Vulnerability | ||
| CVE-2024-21374 | Med | 0.33 | 5.0 | 0.01 | Feb 13, 2024 | Microsoft Teams for Android Information Disclosure Vulnerability | ||
| CVE-2023-23408 | Med | 0.33 | 4.5 | 0.04 | Mar 14, 2023 | Azure Apache Ambari Spoofing Vulnerability | ||
| CVE-2023-21722 | Med | 0.33 | 5.0 | 0.01 | Feb 14, 2023 | .NET Framework Denial of Service Vulnerability | ||
| CVE-2021-42297 | Med | 0.33 | 5.0 | 0.01 | Nov 24, 2021 | Windows 10 Update Assistant Elevation of Privilege Vulnerability | ||
| CVE-2021-34485 | Med | 0.33 | 5.0 | 0.01 | Aug 12, 2021 | .NET Core and Visual Studio Information Disclosure Vulnerability | ||
| CVE-2021-31944 | Med | 0.33 | 5.0 | 0.03 | Jun 8, 2021 | 3D Viewer Information Disclosure Vulnerability | ||
| CVE-2021-28450 | Med | 0.33 | 5.0 | 0.02 | Apr 13, 2021 | Microsoft SharePoint Denial of Service Vulnerability | ||
| CVE-2021-24100 | Med | 0.33 | 5.0 | 0.03 | Feb 25, 2021 | Microsoft Edge for Android Information Disclosure Vulnerability | ||
| CVE-2021-1684 | Med | 0.33 | 5.0 | 0.02 | Jan 12, 2021 | Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that… | ||
| CVE-2021-1683 | Med | 0.33 | 5.0 | 0.02 | Jan 12, 2021 | Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that… | ||
| CVE-2021-1645 | Med | 0.33 | 5.0 | 0.07 | Jan 12, 2021 | Windows Docker Information Disclosure Vulnerability | ||
| CVE-2020-16950 | Med | 0.33 | 5.0 | 0.04 | Oct 16, 2020 | An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the… | ||
| CVE-2020-16901 | Med | 0.33 | 5.0 | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this… | ||
| CVE-2020-0837 | Med | 0.33 | 5.0 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication… | ||
| CVE-2020-1483 | Med | 0.33 | 5.0 | 0.09 | Aug 17, 2020 | A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on… | ||
| CVE-2019-1077 | Med | 0.33 | 5.0 | 0.02 | Jul 15, 2019 | An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka 'Visual Studio Elevation of Privilege Vulnerability'. |
- risk 0.34cvss 6.3epss 0.02
.NET and Visual Studio Remote Code Execution Vulnerability
- risk 0.34cvss 5.3epss 0.00
Console Window Host Security Feature Bypass Vulnerability
- risk 0.34cvss 4.7epss 0.48
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an…
- risk 0.34cvss 4.7epss 0.12
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016,…
- risk 0.34cvss 4.7epss 0.02
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability…
- risk 0.34cvss 4.7epss 0.02
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability…
- risk 0.34cvss 4.7epss 0.03
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability…
- risk 0.34cvss 4.7epss 0.02
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability…
- risk 0.34cvss 4.7epss 0.02
The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows…
- risk 0.34cvss 4.7epss 0.03
The Windows kernel in Windows 10 version 1703. Windows 10 version 1709, and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Windows Information Disclosure Vulnerability". This CVE ID is unique from…
- risk 0.34cvss 4.7epss 0.03
Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a…
- risk 0.34cvss 4.7epss 0.04
The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it…
- risk 0.34cvss 4.7epss 0.10
The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information…
- risk 0.34cvss 4.7epss 0.07
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a…
- risk 0.34cvss 4.7epss 0.08
The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability."
- risk 0.34cvss 4.7epss 0.07
The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different…
- risk 0.34cvss 4.7epss 0.07
The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0220,…
- risk 0.34cvss 4.7epss 0.04
A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k…
- risk 0.34cvss 4.3epss 0.42
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from…
- risk 0.33cvss 5.0epss 0.00
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.
- risk 0.33cvss 6.1epss 0.00
SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height…
- risk 0.33cvss 5.0epss 0.00
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
- risk 0.33cvss 5.0epss 0.00
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.
- risk 0.33cvss 5.0epss 0.00
Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.
- risk 0.33cvss 5.1epss 0.00
Improper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally.
- risk 0.33cvss 5.1epss 0.00
Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally.
- risk 0.33cvss 5.1epss 0.01
Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.
- risk 0.33cvss 5.0epss 0.01
An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls…
- risk 0.33cvss 5.0epss 0.01
An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls…
- risk 0.33cvss 5.0epss 0.01
Windows Kernel Denial of Service Vulnerability
- risk 0.33cvss 5.0epss 0.02
A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local…
- risk 0.33cvss 5.0epss 0.01
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
- risk 0.33cvss 5.0epss 0.01
Windows Mobile Hotspot Information Disclosure Vulnerability
- risk 0.33cvss 5.0epss 0.01
Microsoft Teams for Android Information Disclosure Vulnerability
- risk 0.33cvss 5.0epss 0.01
Microsoft Teams for Android Information Disclosure Vulnerability
- risk 0.33cvss 4.5epss 0.04
Azure Apache Ambari Spoofing Vulnerability
- risk 0.33cvss 5.0epss 0.01
.NET Framework Denial of Service Vulnerability
- risk 0.33cvss 5.0epss 0.01
Windows 10 Update Assistant Elevation of Privilege Vulnerability
- risk 0.33cvss 5.0epss 0.01
.NET Core and Visual Studio Information Disclosure Vulnerability
- risk 0.33cvss 5.0epss 0.03
3D Viewer Information Disclosure Vulnerability
- risk 0.33cvss 5.0epss 0.02
Microsoft SharePoint Denial of Service Vulnerability
- risk 0.33cvss 5.0epss 0.03
Microsoft Edge for Android Information Disclosure Vulnerability
- risk 0.33cvss 5.0epss 0.02
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that…
- risk 0.33cvss 5.0epss 0.02
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that…
- risk 0.33cvss 5.0epss 0.07
Windows Docker Information Disclosure Vulnerability
- risk 0.33cvss 5.0epss 0.04
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the…
- risk 0.33cvss 5.0epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this…
- risk 0.33cvss 5.0epss 0.01
An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication…
- risk 0.33cvss 5.0epss 0.09
A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on…
- risk 0.33cvss 5.0epss 0.02
An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka 'Visual Studio Elevation of Privilege Vulnerability'.
Page 187 of 287