Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-11790 | Med | 0.28 | 4.3 | 0.06 | Oct 13, 2017 | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's… | ||
| CVE-2017-8754 | Med | 0.28 | 4.2 | 0.03 | Sep 13, 2017 | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents,… | ||
| CVE-2017-8739 | Med | 0.28 | 4.3 | 0.06 | Sep 13, 2017 | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". | ||
| CVE-2017-8735 | Med | 0.28 | 4.3 | 0.04 | Sep 13, 2017 | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user by redirecting the user to a specially crafted website, due to the way that Microsoft Edge parses HTTP content, aka "Microsoft Edge Spoofing Vulnerability".… | ||
| CVE-2017-8733 | Med | 0.28 | 4.3 | 0.05 | Sep 13, 2017 | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into believing that the user was visiting a… | ||
| CVE-2017-8724 | Med | 0.28 | 4.3 | 0.04 | Sep 13, 2017 | Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to trick a user by redirecting the user to a specially crafted website, due to the way that Microsoft Edge parses HTTP content, aka "Microsoft Edge Spoofing Vulnerability". This CVE ID is unique from… | ||
| CVE-2017-8723 | Med | 0.28 | 4.3 | 0.04 | Sep 13, 2017 | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents,… | ||
| CVE-2017-8648 | Med | 0.28 | 4.3 | 0.06 | Sep 13, 2017 | Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from… | ||
| CVE-2017-8643 | Med | 0.28 | 4.3 | 0.06 | Sep 13, 2017 | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to leave a malicious website open during user clipboard activities, due to the way that Microsoft Edge handles clipboard events, aka "Microsoft Edge Information Disclosure… | ||
| CVE-2017-8597 | Med | 0.28 | 4.3 | 0.06 | Sep 13, 2017 | Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique… | ||
| CVE-2017-8662 | Med | 0.28 | 4.3 | 0.06 | Aug 8, 2017 | Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to disclose information due to how strings are validated in specific scenarios, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8644 and CVE-2017-8652. | ||
| CVE-2017-8523 | Med | 0.28 | 4.3 | 0.01 | Jun 15, 2017 | Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser… | ||
| CVE-2017-8504 | Med | 0.28 | 4.3 | 0.05 | Jun 15, 2017 | Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read the URL of a cross-origin request when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID… | ||
| CVE-2017-8498 | Med | 0.28 | 4.3 | 0.05 | Jun 15, 2017 | Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read data not intended to be disclosed when Edge allows JavaScript XML DOM objects to detect installed browser extensions, aka "Microsoft Edge Information Disclosure Vulnerability". This… | ||
| CVE-2017-0231 | Med | 0.28 | 4.3 | 0.04 | May 12, 2017 | A spoofing vulnerability exists when Microsoft browsers render SmartScreen Filter, aka "Microsoft Browser Spoofing Vulnerability." | ||
| CVE-2017-0203 | Med | 0.28 | 4.3 | 0.04 | Apr 12, 2017 | A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could trick a user into loading a web page with malicious content, aka "Microsoft Edge Security Feature Bypass… | ||
| CVE-2017-0192 | Med | 0.28 | 4.3 | 0.06 | Apr 12, 2017 | The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive… | ||
| CVE-2017-0135 | Med | 0.28 | 4.2 | 0.08 | Mar 17, 2017 | Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140. | ||
| CVE-2025-21214 | Med | 0.27 | 4.2 | 0.01 | Jan 14, 2025 | Windows BitLocker Information Disclosure Vulnerability | ||
| CVE-2025-21210 | Med | 0.27 | 4.2 | 0.01 | Jan 14, 2025 | Windows BitLocker Information Disclosure Vulnerability | ||
| CVE-2024-38143 | Med | 0.27 | 4.2 | 0.02 | Aug 13, 2024 | Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability | ||
| CVE-2024-0912 | Med | 0.27 | 4.2 | 0.00 | Jun 6, 2024 | Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions | ||
| CVE-2024-28922 | Med | 0.27 | 4.1 | 0.01 | Apr 9, 2024 | Secure Boot Security Feature Bypass Vulnerability | ||
| CVE-2024-29049 | Med | 0.27 | 4.1 | 0.01 | Apr 4, 2024 | Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability | ||
| CVE-2024-21304 | Med | 0.27 | 4.1 | 0.00 | Feb 13, 2024 | Trusted Compute Base Elevation of Privilege Vulnerability | ||
| CVE-2023-36559 | Med | 0.27 | 4.2 | 0.01 | Oct 13, 2023 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||
| CVE-2022-29127 | Med | 0.27 | 4.2 | 0.01 | May 10, 2022 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2022-24466 | Med | 0.27 | 4.1 | 0.01 | May 10, 2022 | Windows Hyper-V Security Feature Bypass Vulnerability | ||
| CVE-2022-21931 | Med | 0.27 | 4.2 | 0.01 | Jan 11, 2022 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2022-21930 | Med | 0.27 | 4.2 | 0.01 | Jan 11, 2022 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2021-43221 | Med | 0.27 | 4.2 | 0.01 | Nov 24, 2021 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2021-42279 | Med | 0.27 | 4.2 | 0.02 | Nov 10, 2021 | Chakra Scripting Engine Memory Corruption Vulnerability | ||
| CVE-2021-41363 | Med | 0.27 | 4.2 | 0.00 | Oct 13, 2021 | Intune Management Extension Security Feature Bypass Vulnerability | ||
| CVE-2021-31171 | Med | 0.27 | 4.1 | 0.01 | May 11, 2021 | Microsoft SharePoint Information Disclosure Vulnerability | ||
| CVE-2021-28316 | Med | 0.27 | 4.2 | 0.01 | Apr 13, 2021 | Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability | ||
| CVE-2021-1705 | Med | 0.27 | 4.2 | 0.02 | Jan 12, 2021 | Microsoft Edge (HTML-based) Memory Corruption Vulnerability | ||
| CVE-2020-16942 | Med | 0.27 | 4.1 | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the… | ||
| CVE-2020-16941 | Med | 0.27 | 4.1 | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the… | ||
| CVE-2020-16884 | Med | 0.27 | 4.2 | 0.02 | Sep 11, 2020 | A remote code execution vulnerability exists in the way that the IEToEdge Browser Helper Object (BHO) plugin on Internet Explorer handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of… | ||
| CVE-2020-1566 | Med | 0.27 | 4.2 | 0.02 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete… | ||
| CVE-2020-0663 | Med | 0.27 | 4.2 | 0.02 | Feb 11, 2020 | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a… | ||
| CVE-2019-1167 | Med | 0.27 | 4.1 | 0.01 | Jul 19, 2019 | A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. | ||
| CVE-2019-1081 | Med | 0.27 | 4.2 | 0.02 | Jun 12, 2019 | An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a… | ||
| CVE-2019-1002 | Med | 0.27 | 4.2 | 0.02 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current… | ||
| CVE-2018-8435 | Med | 0.27 | 4.2 | 0.01 | Sep 13, 2018 | A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | ||
| CVE-2016-3325 | Low | 0.27 | 3.1 | 0.54 | Sep 14, 2016 | Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." | ||
| CVE-2025-49728 | Med | 0.26 | 4.0 | 0.00 | Sep 16, 2025 | Cleartext storage of sensitive information in Microsoft PC Manager allows an unauthorized attacker to bypass a security feature locally. | ||
| CVE-2025-29839 | Med | 0.26 | 4.0 | 0.00 | May 13, 2025 | Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally. | ||
| CVE-2021-36943 | Med | 0.26 | 4.0 | 0.01 | Aug 12, 2021 | Azure CycleCloud Elevation of Privilege Vulnerability | ||
| CVE-2020-1033 | Med | 0.26 | 4.0 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could… |
- risk 0.28cvss 4.3epss 0.06
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's…
- risk 0.28cvss 4.2epss 0.03
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents,…
- risk 0.28cvss 4.3epss 0.06
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that the Microsoft Edge scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability".
- risk 0.28cvss 4.3epss 0.04
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user by redirecting the user to a specially crafted website, due to the way that Microsoft Edge parses HTTP content, aka "Microsoft Edge Spoofing Vulnerability".…
- risk 0.28cvss 4.3epss 0.05
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into believing that the user was visiting a…
- risk 0.28cvss 4.3epss 0.04
Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to trick a user by redirecting the user to a specially crafted website, due to the way that Microsoft Edge parses HTTP content, aka "Microsoft Edge Spoofing Vulnerability". This CVE ID is unique from…
- risk 0.28cvss 4.3epss 0.04
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page containing malicious content, due to the way that the Edge Content Security Policy (CSP) validates certain specially crafted documents,…
- risk 0.28cvss 4.3epss 0.06
Microsoft Edge in Microsoft Windows Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from…
- risk 0.28cvss 4.3epss 0.06
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to leave a malicious website open during user clipboard activities, due to the way that Microsoft Edge handles clipboard events, aka "Microsoft Edge Information Disclosure…
- risk 0.28cvss 4.3epss 0.06
Microsoft Edge in Microsoft Windows 10 Version 1703 allows an attacker to obtain information to further compromise the user's system, due to the way that Microsoft Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique…
- risk 0.28cvss 4.3epss 0.06
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to disclose information due to how strings are validated in specific scenarios, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8644 and CVE-2017-8652.
- risk 0.28cvss 4.3epss 0.01
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser…
- risk 0.28cvss 4.3epss 0.05
Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read the URL of a cross-origin request when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID…
- risk 0.28cvss 4.3epss 0.05
Microsoft Edge in Windows 10 1607 and 1703, and Windows Server 2016 allows an attacker to read data not intended to be disclosed when Edge allows JavaScript XML DOM objects to detect installed browser extensions, aka "Microsoft Edge Information Disclosure Vulnerability". This…
- risk 0.28cvss 4.3epss 0.04
A spoofing vulnerability exists when Microsoft browsers render SmartScreen Filter, aka "Microsoft Browser Spoofing Vulnerability."
- risk 0.28cvss 4.3epss 0.04
A vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker could trick a user into loading a web page with malicious content, aka "Microsoft Edge Security Feature Bypass…
- risk 0.28cvss 4.3epss 0.06
The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive…
- risk 0.28cvss 4.2epss 0.08
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140.
- risk 0.27cvss 4.2epss 0.01
Windows BitLocker Information Disclosure Vulnerability
- risk 0.27cvss 4.2epss 0.01
Windows BitLocker Information Disclosure Vulnerability
- risk 0.27cvss 4.2epss 0.02
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
- risk 0.27cvss 4.2epss 0.00
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions
- risk 0.27cvss 4.1epss 0.01
Secure Boot Security Feature Bypass Vulnerability
- risk 0.27cvss 4.1epss 0.01
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
- risk 0.27cvss 4.1epss 0.00
Trusted Compute Base Elevation of Privilege Vulnerability
- risk 0.27cvss 4.2epss 0.01
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- risk 0.27cvss 4.2epss 0.01
BitLocker Security Feature Bypass Vulnerability
- risk 0.27cvss 4.1epss 0.01
Windows Hyper-V Security Feature Bypass Vulnerability
- risk 0.27cvss 4.2epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.27cvss 4.2epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.27cvss 4.2epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.27cvss 4.2epss 0.02
Chakra Scripting Engine Memory Corruption Vulnerability
- risk 0.27cvss 4.2epss 0.00
Intune Management Extension Security Feature Bypass Vulnerability
- risk 0.27cvss 4.1epss 0.01
Microsoft SharePoint Information Disclosure Vulnerability
- risk 0.27cvss 4.2epss 0.01
Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
- risk 0.27cvss 4.2epss 0.02
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
- risk 0.27cvss 4.1epss 0.01
An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the…
- risk 0.27cvss 4.1epss 0.01
An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the…
- risk 0.27cvss 4.2epss 0.02
A remote code execution vulnerability exists in the way that the IEToEdge Browser Helper Object (BHO) plugin on Internet Explorer handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of…
- risk 0.27cvss 4.2epss 0.02
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete…
- risk 0.27cvss 4.2epss 0.02
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a…
- risk 0.27cvss 4.1epss 0.01
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.
- risk 0.27cvss 4.2epss 0.02
An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a…
- risk 0.27cvss 4.2epss 0.02
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…
- risk 0.27cvss 4.2epss 0.01
A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
- risk 0.27cvss 3.1epss 0.54
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
- risk 0.26cvss 4.0epss 0.00
Cleartext storage of sensitive information in Microsoft PC Manager allows an unauthorized attacker to bypass a security feature locally.
- risk 0.26cvss 4.0epss 0.00
Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.
- risk 0.26cvss 4.0epss 0.01
Azure CycleCloud Elevation of Privilege Vulnerability
- risk 0.26cvss 4.0epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could…
Page 196 of 287