Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-28219 | Hig | 0.54 | 8.1 | 0.15 | Apr 11, 2023 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2023-23399 | Hig | 0.54 | 7.8 | 0.03 | Mar 14, 2023 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2023-23383 | Hig | 0.54 | 8.2 | 0.12 | Mar 14, 2023 | Service Fabric Explorer Spoofing Vulnerability | ||
| CVE-2023-23374 | Hig | 0.54 | 8.3 | 0.01 | Feb 14, 2023 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2023-21796 | Hig | 0.54 | 8.3 | 0.01 | Jan 24, 2023 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2023-21795 | Hig | 0.54 | 8.3 | 0.01 | Jan 24, 2023 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2023-21775 | Hig | 0.54 | 8.3 | 0.01 | Jan 24, 2023 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2022-44708 | Hig | 0.54 | 8.3 | 0.02 | Dec 13, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-44666 | Hig | 0.54 | 7.8 | 0.40 | Dec 13, 2022 | Windows Contacts Remote Code Execution Vulnerability | ||
| CVE-2022-37954 | Hig | 0.54 | 7.8 | 0.45 | Sep 13, 2022 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | ||
| CVE-2022-33636 | Hig | 0.54 | 8.3 | 0.01 | Aug 9, 2022 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2022-33674 | Hig | 0.54 | 8.3 | 0.01 | Jul 12, 2022 | Azure Site Recovery Elevation of Privilege Vulnerability | ||
| CVE-2022-33680 | Hig | 0.54 | 8.3 | 0.02 | Jul 7, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-33639 | Hig | 0.54 | 8.3 | 0.03 | Jun 29, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-33638 | Hig | 0.54 | 8.3 | 0.02 | Jun 29, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-30192 | Hig | 0.54 | 8.3 | 0.03 | Jun 29, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-22021 | Hig | 0.54 | 8.3 | 0.03 | Jun 15, 2022 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||
| CVE-2022-30128 | Hig | 0.54 | 8.3 | 0.02 | Jun 1, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-30127 | Hig | 0.54 | 8.3 | 0.02 | Jun 1, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-30129 | Hig | 0.54 | 8.8 | 0.42 | May 10, 2022 | Visual Studio Code Remote Code Execution Vulnerability | ||
| CVE-2022-26912 | Hig | 0.54 | 8.3 | 0.02 | Apr 5, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-26909 | Hig | 0.54 | 8.3 | 0.02 | Apr 5, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-26908 | Hig | 0.54 | 8.3 | 0.02 | Apr 5, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-26900 | Hig | 0.54 | 8.3 | 0.02 | Apr 5, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-26895 | Hig | 0.54 | 8.3 | 0.02 | Apr 5, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-26894 | Hig | 0.54 | 8.3 | 0.02 | Apr 5, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-26891 | Hig | 0.54 | 8.3 | 0.02 | Apr 5, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-24475 | Hig | 0.54 | 8.3 | 0.02 | Apr 5, 2022 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2022-21837 | Hig | 0.54 | 8.3 | 0.03 | Jan 11, 2022 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2021-34469 | Hig | 0.54 | 8.2 | 0.03 | Jul 14, 2021 | Microsoft Office Security Feature Bypass Vulnerability | ||
| CVE-2021-33741 | Hig | 0.54 | 8.2 | 0.03 | Jun 8, 2021 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2021-31955 | Med | 0.54 | 5.5 | 0.81 | KEV | Jun 8, 2021 | Windows Kernel Information Disclosure Vulnerability | |
| CVE-2020-17140 | Hig | 0.54 | 8.1 | 0.12 | Dec 10, 2020 | Windows SMB Information Disclosure Vulnerability | ||
| CVE-2019-1476 | Hig | 0.54 | 7.8 | 0.05 | Dec 10, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1483. | ||
| CVE-2019-1471 | Hig | 0.54 | 8.2 | 0.08 | Dec 10, 2019 | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. | ||
| CVE-2019-1364 | Hig | 0.54 | 7.8 | 0.03 | Oct 10, 2019 | An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1362. | ||
| CVE-2019-1089 | Hig | 0.54 | 7.8 | 0.05 | Jul 15, 2019 | An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application. The security update addresses this… | ||
| CVE-2019-0943 | Hig | 0.54 | 7.8 | 0.02 | Jun 12, 2019 | An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then… | ||
| CVE-2019-0881 | Hig | 0.54 | 7.8 | 0.03 | May 16, 2019 | An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | ||
| CVE-2019-0836 | Hig | 0.54 | 7.8 | 0.04 | Apr 9, 2019 | An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0841. | ||
| CVE-2019-0805 | Hig | 0.54 | 7.8 | 0.03 | Apr 9, 2019 | An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0836, CVE-2019-0841. | ||
| CVE-2019-0735 | Hig | 0.54 | 7.8 | 0.04 | Apr 9, 2019 | An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Elevation of Privilege Vulnerability'. | ||
| CVE-2019-0732 | Hig | 0.54 | 7.8 | 0.04 | Apr 9, 2019 | A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Security Feature Bypass Vulnerability'. | ||
| CVE-2019-0731 | Hig | 0.54 | 7.8 | 0.04 | Apr 9, 2019 | An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841. | ||
| CVE-2019-0730 | Hig | 0.54 | 7.8 | 0.04 | Apr 9, 2019 | An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841. | ||
| CVE-2019-0667 | Hig | 0.54 | 7.5 | 0.31 | Apr 8, 2019 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0772. | ||
| CVE-2019-0570 | Hig | 0.54 | 7.8 | 0.03 | Jan 8, 2019 | An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka "Windows Runtime Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server… | ||
| CVE-2019-0555 | Hig | 0.54 | 7.8 | 0.02 | Jan 8, 2019 | An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows… | ||
| CVE-2018-8584 | Hig | 0.54 | 7.8 | 0.03 | Nov 14, 2018 | An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. | ||
| CVE-2018-8550 | Hig | 0.54 | 7.8 | 0.03 | Nov 14, 2018 | An elevation of privilege exists in Windows COM Aggregate Marshaler, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server… |
- risk 0.54cvss 8.1epss 0.15
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.54cvss 7.8epss 0.03
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.54cvss 8.2epss 0.12
Service Fabric Explorer Spoofing Vulnerability
- risk 0.54cvss 8.3epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.54cvss 8.3epss 0.01
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.01
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 7.8epss 0.40
Windows Contacts Remote Code Execution Vulnerability
- risk 0.54cvss 7.8epss 0.45
DirectX Graphics Kernel Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.01
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.54cvss 8.3epss 0.01
Azure Site Recovery Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.03
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.03
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.03
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.8epss 0.42
Visual Studio Code Remote Code Execution Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.02
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 8.3epss 0.03
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.54cvss 8.2epss 0.03
Microsoft Office Security Feature Bypass Vulnerability
- risk 0.54cvss 8.2epss 0.03
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.54cvss 5.5epss 0.81
Windows Kernel Information Disclosure Vulnerability
- risk 0.54cvss 8.1epss 0.12
Windows SMB Information Disclosure Vulnerability
- risk 0.54cvss 7.8epss 0.05
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1483.
- risk 0.54cvss 8.2epss 0.08
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.
- risk 0.54cvss 7.8epss 0.03
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1362.
- risk 0.54cvss 7.8epss 0.05
An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application. The security update addresses this…
- risk 0.54cvss 7.8epss 0.02
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then…
- risk 0.54cvss 7.8epss 0.03
An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
- risk 0.54cvss 7.8epss 0.04
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0841.
- risk 0.54cvss 7.8epss 0.03
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0836, CVE-2019-0841.
- risk 0.54cvss 7.8epss 0.04
An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Elevation of Privilege Vulnerability'.
- risk 0.54cvss 7.8epss 0.04
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Security Feature Bypass Vulnerability'.
- risk 0.54cvss 7.8epss 0.04
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.
- risk 0.54cvss 7.8epss 0.04
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.
- risk 0.54cvss 7.5epss 0.31
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0772.
- risk 0.54cvss 7.8epss 0.03
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka "Windows Runtime Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server…
- risk 0.54cvss 7.8epss 0.02
An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows…
- risk 0.54cvss 7.8epss 0.03
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.
- risk 0.54cvss 7.8epss 0.03
An elevation of privilege exists in Windows COM Aggregate Marshaler, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server…
Page 42 of 287