Vendor CVEs
Microsoft
All CVEs
14,181 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-38133 | 0.00 | — | 0.01 | Aug 13, 2024 | Windows Kernel Elevation of Privilege Vulnerability | |||
| CVE-2024-38131 | 0.00 | — | 0.01 | Aug 13, 2024 | Clipboard Virtual Channel Extension Remote Code Execution Vulnerability | |||
| CVE-2024-38130 | 0.00 | — | 0.02 | Aug 13, 2024 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | |||
| CVE-2024-38128 | 0.00 | — | 0.02 | Aug 13, 2024 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | |||
| CVE-2024-38122 | 0.00 | — | 0.01 | Aug 13, 2024 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | |||
| CVE-2024-38118 | 0.00 | — | 0.01 | Aug 13, 2024 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | |||
| CVE-2024-38117 | 0.00 | — | 0.01 | Aug 13, 2024 | NTFS Elevation of Privilege Vulnerability | |||
| CVE-2024-29995 | 0.00 | — | 0.01 | Aug 13, 2024 | Windows Kerberos Elevation of Privilege Vulnerability | |||
| CVE-2024-38084 | 0.00 | — | 0.01 | Aug 13, 2024 | Microsoft OfficePlus Elevation of Privilege Vulnerability | |||
| CVE-2024-38201 | 0.00 | — | 0.01 | Aug 13, 2024 | Azure Stack Hub Elevation of Privilege Vulnerability | |||
| CVE-2024-38199 | 0.00 | — | 0.02 | Aug 13, 2024 | Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | |||
| CVE-2024-38198 | 0.00 | — | 0.01 | Aug 13, 2024 | Windows Print Spooler Elevation of Privilege Vulnerability | |||
| CVE-2024-38191 | 0.00 | — | 0.01 | Aug 13, 2024 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-38184 | 0.00 | — | 0.01 | Aug 13, 2024 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-38172 | 0.00 | — | 0.01 | Aug 13, 2024 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2024-38161 | 0.00 | — | 0.01 | Aug 13, 2024 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||
| CVE-2024-38160 | 0.00 | — | 0.02 | Aug 13, 2024 | Windows Network Virtualization Remote Code Execution Vulnerability | |||
| CVE-2024-38159 | 0.00 | — | 0.02 | Aug 13, 2024 | Windows Network Virtualization Remote Code Execution Vulnerability | |||
| CVE-2024-38123 | 0.00 | — | 0.01 | Aug 13, 2024 | Windows Bluetooth Driver Information Disclosure Vulnerability | |||
| CVE-2024-38108 | 0.00 | — | 0.01 | Aug 13, 2024 | Azure Stack Hub Spoofing Vulnerability | |||
| CVE-2024-38219 | 0.00 | — | 0.01 | Aug 8, 2024 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||
| CVE-2024-38218 | 0.00 | — | 0.01 | Aug 8, 2024 | Microsoft Edge (HTML-based) Memory Corruption Vulnerability | |||
| CVE-2024-38202 | 0.00 | — | 0.02 | Aug 8, 2024 | Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security… | |||
| CVE-2024-21302 | 0.00 | — | 0.02 | Aug 8, 2024 | Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your… | |||
| CVE-2024-38166 | 0.00 | — | 0.01 | Aug 6, 2024 | An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link. | |||
| CVE-2024-38182 | 0.00 | — | 0.01 | Jul 31, 2024 | Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network. | |||
| CVE-2024-38103 | 0.00 | — | 0.00 | Jul 25, 2024 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | |||
| CVE-2024-38156 | 0.00 | — | 0.00 | Jul 18, 2024 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||
| CVE-2024-21417 | 0.00 | — | 0.00 | Jul 9, 2024 | Windows Text Services Framework Elevation of Privilege Vulnerability | |||
| CVE-2024-38105 | 0.00 | — | 0.01 | Jul 9, 2024 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | |||
| CVE-2024-38101 | 0.00 | — | 0.01 | Jul 9, 2024 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | |||
| CVE-2024-38099 | 0.00 | — | 0.01 | Jul 9, 2024 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | |||
| CVE-2024-38095 | 0.00 | — | 0.03 | Jul 9, 2024 | .NET and Visual Studio Denial of Service Vulnerability | |||
| CVE-2024-38089 | 0.00 | — | 0.01 | Jul 9, 2024 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | |||
| CVE-2024-38081 | 0.00 | — | 0.01 | Jul 9, 2024 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | |||
| CVE-2024-38079 | 0.00 | — | 0.01 | Jul 9, 2024 | Windows Graphics Component Elevation of Privilege Vulnerability | |||
| CVE-2024-38078 | 0.00 | — | 0.01 | Jul 9, 2024 | Xbox Wireless Adapter Remote Code Execution Vulnerability | |||
| CVE-2024-38070 | 0.00 | — | 0.01 | Jul 9, 2024 | Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability | |||
| CVE-2024-38069 | 0.00 | — | 0.00 | Jul 9, 2024 | Windows Enroll Engine Security Feature Bypass Vulnerability | |||
| CVE-2024-38068 | 0.00 | — | 0.03 | Jul 9, 2024 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | |||
| CVE-2024-38067 | 0.00 | — | 0.03 | Jul 9, 2024 | Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability | |||
| CVE-2024-38066 | 0.00 | — | 0.01 | Jul 9, 2024 | Windows Win32k Elevation of Privilege Vulnerability | |||
| CVE-2024-38065 | 0.00 | — | 0.01 | Jul 9, 2024 | Secure Boot Security Feature Bypass Vulnerability | |||
| CVE-2024-38058 | 0.00 | — | 0.01 | Jul 9, 2024 | BitLocker Security Feature Bypass Vulnerability | |||
| CVE-2024-38057 | 0.00 | — | 0.01 | Jul 9, 2024 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-38053 | 0.00 | — | 0.01 | Jul 9, 2024 | Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability | |||
| CVE-2024-38052 | 0.00 | — | 0.07 | Jul 9, 2024 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-38050 | 0.00 | — | 0.01 | Jul 9, 2024 | Windows Workstation Service Elevation of Privilege Vulnerability | |||
| CVE-2024-38049 | 0.00 | — | 0.02 | Jul 9, 2024 | Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability | |||
| CVE-2024-38048 | 0.00 | — | 0.01 | Jul 9, 2024 | Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability |
- CVE-2024-38133Aug 13, 2024risk 0.00cvss —epss 0.01
Windows Kernel Elevation of Privilege Vulnerability
- CVE-2024-38131Aug 13, 2024risk 0.00cvss —epss 0.01
Clipboard Virtual Channel Extension Remote Code Execution Vulnerability
- CVE-2024-38130Aug 13, 2024risk 0.00cvss —epss 0.02
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-38128Aug 13, 2024risk 0.00cvss —epss 0.02
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-38122Aug 13, 2024risk 0.00cvss —epss 0.01
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
- CVE-2024-38118Aug 13, 2024risk 0.00cvss —epss 0.01
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
- CVE-2024-38117Aug 13, 2024risk 0.00cvss —epss 0.01
NTFS Elevation of Privilege Vulnerability
- CVE-2024-29995Aug 13, 2024risk 0.00cvss —epss 0.01
Windows Kerberos Elevation of Privilege Vulnerability
- CVE-2024-38084Aug 13, 2024risk 0.00cvss —epss 0.01
Microsoft OfficePlus Elevation of Privilege Vulnerability
- CVE-2024-38201Aug 13, 2024risk 0.00cvss —epss 0.01
Azure Stack Hub Elevation of Privilege Vulnerability
- CVE-2024-38199Aug 13, 2024risk 0.00cvss —epss 0.02
Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
- CVE-2024-38198Aug 13, 2024risk 0.00cvss —epss 0.01
Windows Print Spooler Elevation of Privilege Vulnerability
- CVE-2024-38191Aug 13, 2024risk 0.00cvss —epss 0.01
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
- CVE-2024-38184Aug 13, 2024risk 0.00cvss —epss 0.01
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
- CVE-2024-38172Aug 13, 2024risk 0.00cvss —epss 0.01
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2024-38161Aug 13, 2024risk 0.00cvss —epss 0.01
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
- CVE-2024-38160Aug 13, 2024risk 0.00cvss —epss 0.02
Windows Network Virtualization Remote Code Execution Vulnerability
- CVE-2024-38159Aug 13, 2024risk 0.00cvss —epss 0.02
Windows Network Virtualization Remote Code Execution Vulnerability
- CVE-2024-38123Aug 13, 2024risk 0.00cvss —epss 0.01
Windows Bluetooth Driver Information Disclosure Vulnerability
- CVE-2024-38108Aug 13, 2024risk 0.00cvss —epss 0.01
Azure Stack Hub Spoofing Vulnerability
- CVE-2024-38219Aug 8, 2024risk 0.00cvss —epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- CVE-2024-38218Aug 8, 2024risk 0.00cvss —epss 0.01
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
- CVE-2024-38202Aug 8, 2024risk 0.00cvss —epss 0.02
Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security…
- CVE-2024-21302Aug 8, 2024risk 0.00cvss —epss 0.02
Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your…
- CVE-2024-38166Aug 6, 2024risk 0.00cvss —epss 0.01
An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link.
- CVE-2024-38182Jul 31, 2024risk 0.00cvss —epss 0.01
Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.
- CVE-2024-38103Jul 25, 2024risk 0.00cvss —epss 0.00
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
- CVE-2024-38156Jul 18, 2024risk 0.00cvss —epss 0.00
Microsoft Edge (Chromium-based) Spoofing Vulnerability
- CVE-2024-21417Jul 9, 2024risk 0.00cvss —epss 0.00
Windows Text Services Framework Elevation of Privilege Vulnerability
- CVE-2024-38105Jul 9, 2024risk 0.00cvss —epss 0.01
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
- CVE-2024-38101Jul 9, 2024risk 0.00cvss —epss 0.01
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
- CVE-2024-38099Jul 9, 2024risk 0.00cvss —epss 0.01
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
- CVE-2024-38095Jul 9, 2024risk 0.00cvss —epss 0.03
.NET and Visual Studio Denial of Service Vulnerability
- CVE-2024-38089Jul 9, 2024risk 0.00cvss —epss 0.01
Microsoft Defender for IoT Elevation of Privilege Vulnerability
- CVE-2024-38081Jul 9, 2024risk 0.00cvss —epss 0.01
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
- CVE-2024-38079Jul 9, 2024risk 0.00cvss —epss 0.01
Windows Graphics Component Elevation of Privilege Vulnerability
- CVE-2024-38078Jul 9, 2024risk 0.00cvss —epss 0.01
Xbox Wireless Adapter Remote Code Execution Vulnerability
- CVE-2024-38070Jul 9, 2024risk 0.00cvss —epss 0.01
Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability
- CVE-2024-38069Jul 9, 2024risk 0.00cvss —epss 0.00
Windows Enroll Engine Security Feature Bypass Vulnerability
- CVE-2024-38068Jul 9, 2024risk 0.00cvss —epss 0.03
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
- CVE-2024-38067Jul 9, 2024risk 0.00cvss —epss 0.03
Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability
- CVE-2024-38066Jul 9, 2024risk 0.00cvss —epss 0.01
Windows Win32k Elevation of Privilege Vulnerability
- CVE-2024-38065Jul 9, 2024risk 0.00cvss —epss 0.01
Secure Boot Security Feature Bypass Vulnerability
- CVE-2024-38058Jul 9, 2024risk 0.00cvss —epss 0.01
BitLocker Security Feature Bypass Vulnerability
- CVE-2024-38057Jul 9, 2024risk 0.00cvss —epss 0.01
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2024-38053Jul 9, 2024risk 0.00cvss —epss 0.01
Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability
- CVE-2024-38052Jul 9, 2024risk 0.00cvss —epss 0.07
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2024-38050Jul 9, 2024risk 0.00cvss —epss 0.01
Windows Workstation Service Elevation of Privilege Vulnerability
- CVE-2024-38049Jul 9, 2024risk 0.00cvss —epss 0.02
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
- CVE-2024-38048Jul 9, 2024risk 0.00cvss —epss 0.01
Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability
Page 263 of 284