Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-43577 | Med | 0.28 | 4.3 | 0.00 | Oct 18, 2024 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2024-38221 | Med | 0.28 | 4.3 | 0.00 | Sep 19, 2024 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2024-38093 | Med | 0.28 | 4.3 | 0.00 | Jun 20, 2024 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2024-38083 | Med | 0.28 | 4.3 | 0.00 | Jun 13, 2024 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2024-29056 | Med | 0.28 | 4.3 | 0.01 | Apr 9, 2024 | Windows Authentication Elevation of Privilege Vulnerability | ||
| CVE-2024-29981 | Med | 0.28 | 4.3 | 0.01 | Apr 4, 2024 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2024-29057 | Med | 0.28 | 4.3 | 0.01 | Mar 22, 2024 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2024-26196 | Med | 0.28 | 4.3 | 0.01 | Mar 21, 2024 | Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability | ||
| CVE-2024-26167 | Med | 0.28 | 4.3 | 0.01 | Mar 7, 2024 | Microsoft Edge for Android Spoofing Vulnerability | ||
| CVE-2024-26188 | Med | 0.28 | 4.3 | 0.01 | Feb 23, 2024 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2024-21382 | Med | 0.28 | 4.3 | 0.01 | Jan 26, 2024 | Microsoft Edge for Android Information Disclosure Vulnerability | ||
| CVE-2023-36878 | Med | 0.28 | 4.3 | 0.01 | Dec 15, 2023 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | ||
| CVE-2023-38174 | Med | 0.28 | 4.3 | 0.02 | Dec 7, 2023 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | ||
| CVE-2023-36026 | Med | 0.28 | 4.3 | 0.01 | Nov 16, 2023 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2023-36029 | Med | 0.28 | 4.3 | 0.01 | Nov 3, 2023 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2023-36767 | Med | 0.28 | 4.3 | 0.03 | Sep 12, 2023 | Microsoft Office Security Feature Bypass Vulnerability | ||
| CVE-2023-38173 | Med | 0.28 | 4.3 | 0.01 | Jul 21, 2023 | Microsoft Edge for Android Spoofing Vulnerability | ||
| CVE-2023-36883 | Med | 0.28 | 4.3 | 0.01 | Jul 14, 2023 | Microsoft Edge for iOS Spoofing Vulnerability | ||
| CVE-2023-33165 | Med | 0.28 | 4.3 | 0.01 | Jul 11, 2023 | Microsoft SharePoint Server Security Feature Bypass Vulnerability | ||
| CVE-2021-42307 | Med | 0.28 | 4.3 | 0.01 | Jul 1, 2023 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | ||
| CVE-2023-29334 | Med | 0.28 | 4.3 | 0.01 | Apr 28, 2023 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2023-28284 | Med | 0.28 | 4.3 | 0.01 | Apr 11, 2023 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | ||
| CVE-2023-21729 | Med | 0.28 | 4.3 | 0.01 | Apr 11, 2023 | Remote Procedure Call Runtime Information Disclosure Vulnerability | ||
| CVE-2023-24911 | Med | 0.28 | 4.3 | 0.01 | Mar 14, 2023 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||
| CVE-2023-21794 | Med | 0.28 | 4.3 | 0.01 | Feb 14, 2023 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2022-44688 | Med | 0.28 | 4.3 | 0.01 | Dec 13, 2022 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2022-45306 | Med | 0.28 | 4.3 | 0.00 | Nov 29, 2022 | Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder. | ||
| CVE-2022-38030 | Med | 0.28 | 4.3 | 0.01 | Oct 11, 2022 | Windows USB Serial Driver Information Disclosure Vulnerability | ||
| CVE-2022-37981 | Med | 0.28 | 4.3 | 0.02 | Oct 11, 2022 | Windows Event Logging Service Denial of Service Vulnerability | ||
| CVE-2022-26905 | Med | 0.28 | 4.3 | 0.02 | Jun 1, 2022 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2022-26907 | Med | 0.28 | 5.3 | 0.02 | Apr 15, 2022 | Azure SDK for .NET Information Disclosure Vulnerability | ||
| CVE-2022-24523 | Med | 0.28 | 4.3 | 0.01 | Apr 5, 2022 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2022-21968 | Med | 0.28 | 4.3 | 0.02 | Feb 9, 2022 | Microsoft SharePoint Server Security Feature Bypass Vulnerability | ||
| CVE-2022-23258 | Med | 0.28 | 4.3 | 0.02 | Jan 25, 2022 | Microsoft Edge for Android Spoofing Vulnerability | ||
| CVE-2021-43908 | Med | 0.28 | 4.3 | 0.03 | Dec 15, 2021 | Visual Studio Code Spoofing Vulnerability | ||
| CVE-2021-41351 | Med | 0.28 | 4.3 | 0.04 | Nov 10, 2021 | Microsoft Edge (Chrome based) Spoofing on IE Mode | ||
| CVE-2021-27066 | Med | 0.28 | 4.3 | 0.03 | Mar 11, 2021 | Windows Admin Center Security Feature Bypass Vulnerability | ||
| CVE-2021-24082 | Med | 0.28 | 4.3 | 0.02 | Feb 25, 2021 | Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability | ||
| CVE-2020-17153 | Med | 0.28 | 4.3 | 0.02 | Dec 10, 2020 | Microsoft Edge for Android Spoofing Vulnerability | ||
| CVE-2020-17015 | Med | 0.28 | 4.3 | 0.02 | Nov 11, 2020 | Microsoft SharePoint Server Spoofing Vulnerability | ||
| CVE-2020-1044 | Med | 0.28 | 4.3 | 0.02 | Sep 11, 2020 | A security feature bypass vulnerability exists in SQL Server Reporting Services (SSRS) when the server improperly validates attachments uploaded to reports. An attacker who successfully exploited this vulnerability could upload file types that were disallowed by an… | ||
| CVE-2020-1567 | Med | 0.28 | 4.2 | 0.04 | Aug 17, 2020 | A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully… | ||
| CVE-2020-1462 | Med | 0.28 | 4.3 | 0.04 | Jul 14, 2020 | An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based), aka 'Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability'. | ||
| CVE-2020-1432 | Med | 0.28 | 4.3 | 0.04 | Jul 14, 2020 | An information disclosure vulnerability exists when Skype for Business is accessed via Internet Explorer, aka 'Skype for Business via Internet Explorer Information Disclosure Vulnerability'. | ||
| CVE-2020-1259 | Med | 0.28 | 4.3 | 0.03 | Jun 9, 2020 | A security feature bypass vulnerability exists when Windows Host Guardian Service improperly handles hashes recorded and logged, aka 'Windows Host Guardian Service Security Feature Bypass Vulnerability'. | ||
| CVE-2020-1229 | Med | 0.28 | 4.3 | 0.04 | Jun 9, 2020 | A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'. | ||
| CVE-2020-1059 | Med | 0.28 | 4.3 | 0.02 | May 21, 2020 | A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'. | ||
| CVE-2019-19677 | Med | 0.28 | 4.3 | 0.01 | Mar 18, 2020 | arxes-tolina 3.0.0 allows User Enumeration. | ||
| CVE-2020-0885 | Med | 0.28 | 4.3 | 0.04 | Mar 12, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. | ||
| CVE-2020-0706 | Med | 0.28 | 4.3 | 0.05 | Feb 11, 2020 | An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'. |
- risk 0.28cvss 4.3epss 0.00
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.00
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.00
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.00
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.01
Windows Authentication Elevation of Privilege Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge for Android Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge for Android Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
- risk 0.28cvss 4.3epss 0.02
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.03
Microsoft Office Security Feature Bypass Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge for Android Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge for iOS Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft SharePoint Server Security Feature Bypass Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
- risk 0.28cvss 4.3epss 0.01
Remote Procedure Call Runtime Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.00
Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder.
- risk 0.28cvss 4.3epss 0.01
Windows USB Serial Driver Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.02
Windows Event Logging Service Denial of Service Vulnerability
- risk 0.28cvss 4.3epss 0.02
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 5.3epss 0.02
Azure SDK for .NET Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.02
Microsoft SharePoint Server Security Feature Bypass Vulnerability
- risk 0.28cvss 4.3epss 0.02
Microsoft Edge for Android Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.03
Visual Studio Code Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.04
Microsoft Edge (Chrome based) Spoofing on IE Mode
- risk 0.28cvss 4.3epss 0.03
Windows Admin Center Security Feature Bypass Vulnerability
- risk 0.28cvss 4.3epss 0.02
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
- risk 0.28cvss 4.3epss 0.02
Microsoft Edge for Android Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.02
Microsoft SharePoint Server Spoofing Vulnerability
- risk 0.28cvss 4.3epss 0.02
A security feature bypass vulnerability exists in SQL Server Reporting Services (SSRS) when the server improperly validates attachments uploaded to reports. An attacker who successfully exploited this vulnerability could upload file types that were disallowed by an…
- risk 0.28cvss 4.2epss 0.04
A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully…
- risk 0.28cvss 4.3epss 0.04
An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based), aka 'Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability'.
- risk 0.28cvss 4.3epss 0.04
An information disclosure vulnerability exists when Skype for Business is accessed via Internet Explorer, aka 'Skype for Business via Internet Explorer Information Disclosure Vulnerability'.
- risk 0.28cvss 4.3epss 0.03
A security feature bypass vulnerability exists when Windows Host Guardian Service improperly handles hashes recorded and logged, aka 'Windows Host Guardian Service Security Feature Bypass Vulnerability'.
- risk 0.28cvss 4.3epss 0.04
A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.
- risk 0.28cvss 4.3epss 0.02
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'.
- risk 0.28cvss 4.3epss 0.01
arxes-tolina 3.0.0 allows User Enumeration.
- risk 0.28cvss 4.3epss 0.04
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'.
- risk 0.28cvss 4.3epss 0.05
An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'.
Page 194 of 287