Vendor CVEs
Microsoft
All CVEs
14,194 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-21241 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21239 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21237 | 0.00 | — | 0.02 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21236 | 0.00 | — | 0.02 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21235 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | |||
| CVE-2025-21234 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | |||
| CVE-2025-21233 | 0.00 | — | 0.02 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21215 | 0.00 | — | 0.01 | Jan 14, 2025 | Secure Boot Security Feature Bypass Vulnerability | |||
| CVE-2025-21214 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows BitLocker Information Disclosure Vulnerability | |||
| CVE-2025-21210 | 0.00 | — | 0.01 | Jan 14, 2025 | Windows BitLocker Information Disclosure Vulnerability | |||
| CVE-2025-21171 | 0.00 | — | 0.02 | Jan 14, 2025 | .NET Remote Code Execution Vulnerability | |||
| CVE-2025-21380 | 0.00 | — | 0.01 | Jan 9, 2025 | Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network. | |||
| CVE-2024-43106 | 0.00 | — | 0.01 | Dec 18, 2024 | A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage Excel's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and… | |||
| CVE-2024-42220 | 0.00 | — | 0.01 | Dec 18, 2024 | A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially crafted library can leverage Outlook's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this… | |||
| CVE-2024-42004 | 0.00 | — | 0.01 | Dec 18, 2024 | A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program… | |||
| CVE-2024-41165 | 0.00 | — | 0.01 | Dec 18, 2024 | A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and… | |||
| CVE-2024-41159 | 0.00 | — | 0.01 | Dec 18, 2024 | A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability… | |||
| CVE-2024-41145 | 0.00 | — | 0.01 | Dec 18, 2024 | A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a… | |||
| CVE-2024-41138 | 0.00 | — | 0.01 | Dec 18, 2024 | A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious… | |||
| CVE-2024-39804 | 0.00 | — | 0.01 | Dec 18, 2024 | A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafted library can leverage PowerPoint's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this… | |||
| CVE-2022-40733 | 0.00 | — | 0.01 | Dec 18, 2024 | An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls… | |||
| CVE-2022-40732 | 0.00 | — | 0.01 | Dec 18, 2024 | An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls… | |||
| CVE-2024-49147 | 0.00 | — | 0.01 | Dec 12, 2024 | Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver. | |||
| CVE-2024-49105 | 0.00 | — | 0.01 | Dec 10, 2024 | Remote Desktop Client Remote Code Execution Vulnerability | |||
| CVE-2024-49128 | 0.00 | — | 0.01 | Dec 10, 2024 | Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. | |||
| CVE-2024-49127 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||
| CVE-2024-49118 | 0.00 | — | 0.01 | Dec 10, 2024 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||
| CVE-2024-49116 | 0.00 | — | 0.10 | Dec 10, 2024 | Windows Remote Desktop Services Remote Code Execution Vulnerability | |||
| CVE-2024-49114 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-49110 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-49109 | 0.00 | — | 0.01 | Dec 10, 2024 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | |||
| CVE-2024-49095 | 0.00 | — | 0.00 | Dec 10, 2024 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | |||
| CVE-2024-49090 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-49088 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-49083 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-49082 | 0.00 | — | 0.02 | Dec 10, 2024 | Windows File Explorer Information Disclosure Vulnerability | |||
| CVE-2024-49081 | 0.00 | — | 0.01 | Dec 10, 2024 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | |||
| CVE-2024-49079 | 0.00 | — | 0.01 | Dec 10, 2024 | Input Method Editor (IME) Remote Code Execution Vulnerability | |||
| CVE-2024-49078 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-49077 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-49076 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | |||
| CVE-2024-49075 | 0.00 | — | 0.03 | Dec 10, 2024 | Windows Remote Desktop Services Denial of Service Vulnerability | |||
| CVE-2024-49072 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Task Scheduler Elevation of Privilege Vulnerability | |||
| CVE-2024-49065 | 0.00 | — | 0.01 | Dec 10, 2024 | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2024-49063 | 0.00 | — | 0.02 | Dec 10, 2024 | Microsoft/Muzic Remote Code Execution Vulnerability | |||
| CVE-2024-49062 | 0.00 | — | 0.03 | Dec 10, 2024 | Microsoft SharePoint Information Disclosure Vulnerability | |||
| CVE-2024-43600 | 0.00 | — | 0.01 | Dec 10, 2024 | Microsoft Office Elevation of Privilege Vulnerability | |||
| CVE-2024-49142 | 0.00 | — | 0.01 | Dec 10, 2024 | Microsoft Access Remote Code Execution Vulnerability | |||
| CVE-2024-49132 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Remote Desktop Services Remote Code Execution Vulnerability | |||
| CVE-2024-49129 | 0.00 | — | 0.01 | Dec 10, 2024 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability |
- CVE-2025-21241Jan 14, 2025risk 0.00cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21239Jan 14, 2025risk 0.00cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21237Jan 14, 2025risk 0.00cvss —epss 0.02
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21236Jan 14, 2025risk 0.00cvss —epss 0.02
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21235Jan 14, 2025risk 0.00cvss —epss 0.01
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
- CVE-2025-21234Jan 14, 2025risk 0.00cvss —epss 0.01
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
- CVE-2025-21233Jan 14, 2025risk 0.00cvss —epss 0.02
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21215Jan 14, 2025risk 0.00cvss —epss 0.01
Secure Boot Security Feature Bypass Vulnerability
- CVE-2025-21214Jan 14, 2025risk 0.00cvss —epss 0.01
Windows BitLocker Information Disclosure Vulnerability
- CVE-2025-21210Jan 14, 2025risk 0.00cvss —epss 0.01
Windows BitLocker Information Disclosure Vulnerability
- CVE-2025-21171Jan 14, 2025risk 0.00cvss —epss 0.02
.NET Remote Code Execution Vulnerability
- CVE-2025-21380Jan 9, 2025risk 0.00cvss —epss 0.01
Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network.
- CVE-2024-43106Dec 18, 2024risk 0.00cvss —epss 0.01
A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage Excel's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and…
- CVE-2024-42220Dec 18, 2024risk 0.00cvss —epss 0.01
A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially crafted library can leverage Outlook's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this…
- CVE-2024-42004Dec 18, 2024risk 0.00cvss —epss 0.01
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program…
- CVE-2024-41165Dec 18, 2024risk 0.00cvss —epss 0.01
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and…
- CVE-2024-41159Dec 18, 2024risk 0.00cvss —epss 0.01
A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability…
- CVE-2024-41145Dec 18, 2024risk 0.00cvss —epss 0.01
A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a…
- CVE-2024-41138Dec 18, 2024risk 0.00cvss —epss 0.01
A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious…
- CVE-2024-39804Dec 18, 2024risk 0.00cvss —epss 0.01
A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafted library can leverage PowerPoint's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this…
- CVE-2022-40733Dec 18, 2024risk 0.00cvss —epss 0.01
An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls…
- CVE-2022-40732Dec 18, 2024risk 0.00cvss —epss 0.01
An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls…
- CVE-2024-49147Dec 12, 2024risk 0.00cvss —epss 0.01
Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver.
- CVE-2024-49105Dec 10, 2024risk 0.00cvss —epss 0.01
Remote Desktop Client Remote Code Execution Vulnerability
- CVE-2024-49128Dec 10, 2024risk 0.00cvss —epss 0.01
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
- CVE-2024-49127Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
- CVE-2024-49118Dec 10, 2024risk 0.00cvss —epss 0.01
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
- CVE-2024-49116Dec 10, 2024risk 0.00cvss —epss 0.10
Windows Remote Desktop Services Remote Code Execution Vulnerability
- CVE-2024-49114Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
- CVE-2024-49110Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
- CVE-2024-49109Dec 10, 2024risk 0.00cvss —epss 0.01
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
- CVE-2024-49095Dec 10, 2024risk 0.00cvss —epss 0.00
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
- CVE-2024-49090Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVE-2024-49088Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVE-2024-49083Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
- CVE-2024-49082Dec 10, 2024risk 0.00cvss —epss 0.02
Windows File Explorer Information Disclosure Vulnerability
- CVE-2024-49081Dec 10, 2024risk 0.00cvss —epss 0.01
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
- CVE-2024-49079Dec 10, 2024risk 0.00cvss —epss 0.01
Input Method Editor (IME) Remote Code Execution Vulnerability
- CVE-2024-49078Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
- CVE-2024-49077Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
- CVE-2024-49076Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
- CVE-2024-49075Dec 10, 2024risk 0.00cvss —epss 0.03
Windows Remote Desktop Services Denial of Service Vulnerability
- CVE-2024-49072Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Task Scheduler Elevation of Privilege Vulnerability
- CVE-2024-49065Dec 10, 2024risk 0.00cvss —epss 0.01
Microsoft Office Remote Code Execution Vulnerability
- CVE-2024-49063Dec 10, 2024risk 0.00cvss —epss 0.02
Microsoft/Muzic Remote Code Execution Vulnerability
- CVE-2024-49062Dec 10, 2024risk 0.00cvss —epss 0.03
Microsoft SharePoint Information Disclosure Vulnerability
- CVE-2024-43600Dec 10, 2024risk 0.00cvss —epss 0.01
Microsoft Office Elevation of Privilege Vulnerability
- CVE-2024-49142Dec 10, 2024risk 0.00cvss —epss 0.01
Microsoft Access Remote Code Execution Vulnerability
- CVE-2024-49132Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Remote Desktop Services Remote Code Execution Vulnerability
- CVE-2024-49129Dec 10, 2024risk 0.00cvss —epss 0.01
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
Page 256 of 284