VYPR

Vendor CVEs

Microsoft

All CVEs

14,318 total · sorted by risk
  • CVE-2022-35798LowMay 18, 2023
    risk 0.21cvss 3.3epss 0.00

    Azure Arc Jumpstart Information Disclosure Vulnerability

  • CVE-2023-29333LowMay 9, 2023
    risk 0.21cvss 3.3epss 0.01

    Microsoft Access Denial of Service Vulnerability

  • CVE-2023-21759LowJan 10, 2023
    risk 0.21cvss 3.3epss 0.01

    Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability

  • CVE-2022-38022LowOct 11, 2022
    risk 0.21cvss 3.3epss 0.01

    Windows Kernel Elevation of Privilege Vulnerability

  • CVE-2019-1051MedJun 12, 2019
    risk 0.21cvss 4.2epss 0.04

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-0992MedJun 12, 2019
    risk 0.21cvss 4.2epss 0.03

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-0648MedMar 5, 2019
    risk 0.21cvss 4.3epss 0.05

    An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.To exploit the vulnerability, an attacker must know the memory address…

  • CVE-2018-8482LowOct 10, 2018
    risk 0.21cvss 3.1epss 0.05

    An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server…

  • CVE-2018-8481LowOct 10, 2018
    risk 0.21cvss 3.1epss 0.05

    An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server…

  • CVE-2018-8452MedSep 13, 2018
    risk 0.21cvss 4.3epss 0.06

    An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.

  • CVE-2018-8366LowSep 13, 2018
    risk 0.21cvss 3.1epss 0.05

    An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

  • CVE-2018-8315MedSep 13, 2018
    risk 0.21cvss 4.2epss 0.03

    An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10.

  • CVE-2018-8370LowAug 15, 2018
    risk 0.21cvss 3.1epss 0.05

    A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

  • CVE-2018-0763LowFeb 15, 2018
    risk 0.21cvss 3.1epss 0.05

    Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0839.

  • CVE-2017-11833LowNov 15, 2017
    risk 0.21cvss 3.1epss 0.05

    Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to determine the origin of all webpages in the affected browser, due to how Microsoft Edge handles cross-origin requests, aka "Microsoft…

  • CVE-2017-11791LowNov 15, 2017
    risk 0.21cvss 3.1epss 0.05

    ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows…

  • CVE-2017-8659MedAug 8, 2017
    risk 0.21cvss 4.3epss 0.06

    Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system due to the Chakra scripting engine not properly handling objects in memory, aka "Scripting Engine Information Disclosure Vulnerability".

  • CVE-2016-7239LowNov 10, 2016
    risk 0.21cvss 3.1epss 0.12

    The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser Information Disclosure…

  • CVE-2016-7227LowNov 10, 2016
    risk 0.21cvss 3.1epss 0.12

    The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."

  • CVE-2016-7204LowNov 10, 2016
    risk 0.21cvss 3.1epss 0.11

    Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."

  • CVE-2016-7199LowNov 10, 2016
    risk 0.21cvss 3.1epss 0.13

    Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."

  • CVE-2016-3276LowJul 13, 2016
    risk 0.21cvss 3.1epss 0.07

    Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."

  • CVE-2016-3274LowJul 13, 2016
    risk 0.21cvss 3.1epss 0.08

    Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."

  • CVE-2016-0125LowMar 9, 2016
    risk 0.21cvss 3.1epss 0.12

    Microsoft Edge mishandles the Referer policy, which allows remote attackers to obtain sensitive browser-history and request information via a crafted HTTPS web site, aka "Microsoft Edge Information Disclosure Vulnerability."

  • CVE-2025-59280LowOct 14, 2025
    risk 0.20cvss 3.1epss 0.00

    Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network.

  • CVE-2025-49731LowJul 8, 2025
    risk 0.20cvss 3.1epss 0.00

    Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.

  • CVE-2023-38158LowAug 21, 2023
    risk 0.20cvss 3.1epss 0.01

    Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

  • CVE-2022-29147LowJun 29, 2023
    risk 0.20cvss 3.1epss 0.01

    Microsoft Edge (Chromium-based) Spoofing Vulnerability

  • CVE-2023-32024LowJun 14, 2023
    risk 0.20cvss 3.0epss 0.01

    Microsoft Power Apps Spoofing Vulnerability

  • CVE-2023-23395LowMar 14, 2023
    risk 0.20cvss 3.1epss 0.01

    Microsoft SharePoint Server Spoofing Vulnerability

  • CVE-2021-43220LowNov 24, 2021
    risk 0.20cvss 3.1epss 0.01

    Microsoft Edge for iOS Spoofing Vulnerability

  • CVE-2021-42308LowNov 24, 2021
    risk 0.20cvss 3.1epss 0.01

    Microsoft Edge (Chromium-based) Spoofing Vulnerability

  • CVE-2019-1197MedAug 14, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1196MedAug 14, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1195MedAug 14, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1141MedAug 14, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1139MedAug 14, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1131MedAug 14, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1052MedJun 12, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1024MedJun 12, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1003MedJun 12, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-0993MedJun 12, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-0991MedJun 12, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-0989MedJun 12, 2019
    risk 0.20cvss 4.2epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2017-11874LowNov 15, 2017
    risk 0.20cvss 3.1epss 0.04

    Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard (CFG) to run arbitrary code on a target system, due to how Microsoft Edge handles accessing memory in code compiled by the Edge…

  • CVE-2021-43890HigKEVDec 15, 2021
    risk 0.19cvss 7.1epss 0.10

    We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as…

  • CVE-2024-27086LowApr 16, 2024
    risk 0.18cvss 3.9epss 0.00

    The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android (e.g., MAUI) using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. A malicious application…

  • CVE-2018-0942LowMar 14, 2018
    risk 0.17cvss 2.6epss 0.03

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow elevation of privilege, due to how Internet Explorer handles zone…

  • CVE-2017-11768LowNov 15, 2017
    risk 0.17cvss 2.5epss 0.06

    Windows Media Player in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows remote attackers to test for the presence of…

  • CVE-2017-0096LowMar 17, 2017
    risk 0.17cvss 2.6epss 0.02

    Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to obtain sensitive information from host OS memory via a crafted…

Page 198 of 287