Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-49108 | Hig | 0.53 | 8.1 | 0.01 | Dec 12, 2024 | Windows Remote Desktop Services Remote Code Execution Vulnerability | ||
| CVE-2024-49106 | Hig | 0.53 | 8.1 | 0.01 | Dec 12, 2024 | Windows Remote Desktop Services Remote Code Execution Vulnerability | ||
| CVE-2024-49068 | Hig | 0.53 | 8.2 | 0.02 | Dec 12, 2024 | Microsoft SharePoint Elevation of Privilege Vulnerability | ||
| CVE-2024-49057 | Hig | 0.53 | 8.1 | 0.02 | Dec 12, 2024 | Microsoft Defender for Endpoint on Android Spoofing Vulnerability | ||
| CVE-2024-49052 | Hig | 0.53 | 8.2 | 0.01 | Nov 26, 2024 | Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network. | ||
| CVE-2024-43625 | Hig | 0.53 | 8.1 | 0.01 | Nov 12, 2024 | Microsoft Windows VMSwitch Elevation of Privilege Vulnerability | ||
| CVE-2024-43447 | Hig | 0.53 | 8.1 | 0.01 | Nov 12, 2024 | Windows SMBv3 Server Remote Code Execution Vulnerability | ||
| CVE-2024-43582 | Hig | 0.53 | 8.1 | 0.03 | Oct 8, 2024 | Remote Desktop Protocol Server Remote Code Execution Vulnerability | ||
| CVE-2024-43460 | Hig | 0.53 | 8.1 | 0.01 | Sep 17, 2024 | Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network. | ||
| CVE-2024-38240 | Hig | 0.53 | 8.1 | 0.01 | Sep 10, 2024 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | ||
| CVE-2024-38216 | Hig | 0.53 | 8.2 | 0.01 | Sep 10, 2024 | Azure Stack Hub Elevation of Privilege Vulnerability | ||
| CVE-2024-38045 | Hig | 0.53 | 8.1 | 0.01 | Sep 10, 2024 | Windows TCP/IP Remote Code Execution Vulnerability | ||
| CVE-2024-21416 | Hig | 0.53 | 8.1 | 0.01 | Sep 10, 2024 | Windows TCP/IP Remote Code Execution Vulnerability | ||
| CVE-2024-38211 | Hig | 0.53 | 8.2 | 0.01 | Aug 13, 2024 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2024-29995 | Hig | 0.53 | 8.1 | 0.01 | Aug 13, 2024 | Windows Kerberos Elevation of Privilege Vulnerability | ||
| CVE-2024-38166 | Hig | 0.53 | 8.2 | 0.01 | Aug 6, 2024 | An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link. | ||
| CVE-2024-38176 | Hig | 0.53 | 8.1 | 0.01 | Jul 23, 2024 | An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network. | ||
| CVE-2024-37325 | Hig | 0.53 | 8.1 | 0.01 | Jun 11, 2024 | Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability | ||
| CVE-2024-30020 | Hig | 0.53 | 8.1 | 0.01 | May 14, 2024 | Windows Cryptographic Services Remote Code Execution Vulnerability | ||
| CVE-2024-26230 | Hig | 0.53 | 7.8 | 0.24 | Apr 9, 2024 | Windows Telephony Server Elevation of Privilege Vulnerability | ||
| CVE-2024-20670 | Hig | 0.53 | 8.1 | 0.02 | Apr 9, 2024 | Outlook for Windows Spoofing Vulnerability | ||
| CVE-2024-26192 | Hig | 0.53 | 8.2 | 0.02 | Feb 23, 2024 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | ||
| CVE-2024-21395 | Hig | 0.53 | 8.2 | 0.01 | Feb 13, 2024 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2024-20697 | Hig | 0.53 | 7.3 | 0.72 | Jan 9, 2024 | Windows libarchive Remote Code Execution Vulnerability | ||
| CVE-2024-20652 | Hig | 0.53 | 8.1 | 0.02 | Jan 9, 2024 | Windows HTML Platforms Security Feature Bypass Vulnerability | ||
| CVE-2023-41774 | Hig | 0.53 | 8.1 | 0.01 | Oct 10, 2023 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2023-41773 | Hig | 0.53 | 8.1 | 0.01 | Oct 10, 2023 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2023-41771 | Hig | 0.53 | 8.1 | 0.01 | Oct 10, 2023 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2023-41770 | Hig | 0.53 | 8.1 | 0.01 | Oct 10, 2023 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2023-41769 | Hig | 0.53 | 8.1 | 0.01 | Oct 10, 2023 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2023-41768 | Hig | 0.53 | 8.1 | 0.01 | Oct 10, 2023 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2023-41767 | Hig | 0.53 | 8.1 | 0.01 | Oct 10, 2023 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2023-41765 | Hig | 0.53 | 8.1 | 0.01 | Oct 10, 2023 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2023-38166 | Hig | 0.53 | 8.1 | 0.01 | Oct 10, 2023 | Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||
| CVE-2023-38182 | Hig | 0.53 | 8.0 | 0.11 | Aug 8, 2023 | Microsoft Exchange Server Remote Code Execution Vulnerability | ||
| CVE-2023-36897 | Hig | 0.53 | 8.1 | 0.02 | Aug 8, 2023 | Visual Studio Tools for Office Runtime Spoofing Vulnerability | ||
| CVE-2023-35388 | Hig | 0.53 | 8.0 | 0.12 | Aug 8, 2023 | Microsoft Exchange Server Remote Code Execution Vulnerability | ||
| CVE-2023-35335 | Hig | 0.53 | 8.2 | 0.01 | Jul 11, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2023-35297 | Hig | 0.53 | 8.1 | 0.01 | Jul 11, 2023 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | ||
| CVE-2023-33171 | Hig | 0.53 | 8.2 | 0.01 | Jul 11, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2023-33127 | Hig | 0.53 | 8.1 | 0.02 | Jul 11, 2023 | .NET and Visual Studio Elevation of Privilege Vulnerability | ||
| CVE-2021-31937 | Hig | 0.53 | 8.2 | 0.01 | Jun 28, 2023 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||
| CVE-2023-29351 | Hig | 0.53 | 8.1 | 0.02 | Jun 14, 2023 | Windows Group Policy Elevation of Privilege Vulnerability | ||
| CVE-2022-35753 | Hig | 0.53 | 8.1 | 0.01 | May 31, 2023 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||
| CVE-2022-35752 | Hig | 0.53 | 8.1 | 0.01 | May 31, 2023 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||
| CVE-2022-35748 | Hig | 0.53 | 7.5 | 0.47 | May 31, 2023 | HTTP.sys Denial of Service Vulnerability | ||
| CVE-2022-35745 | Hig | 0.53 | 8.1 | 0.01 | May 31, 2023 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||
| CVE-2023-28283 | Hig | 0.53 | 8.1 | 0.01 | May 9, 2023 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | ||
| CVE-2023-24949 | Hig | 0.53 | 7.8 | 0.25 | May 9, 2023 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2023-24903 | Hig | 0.53 | 8.1 | 0.01 | May 9, 2023 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
- risk 0.53cvss 8.1epss 0.01
Windows Remote Desktop Services Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows Remote Desktop Services Remote Code Execution Vulnerability
- risk 0.53cvss 8.2epss 0.02
Microsoft SharePoint Elevation of Privilege Vulnerability
- risk 0.53cvss 8.1epss 0.02
Microsoft Defender for Endpoint on Android Spoofing Vulnerability
- risk 0.53cvss 8.2epss 0.01
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network.
- risk 0.53cvss 8.1epss 0.01
Microsoft Windows VMSwitch Elevation of Privilege Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows SMBv3 Server Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.03
Remote Desktop Protocol Server Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network.
- risk 0.53cvss 8.1epss 0.01
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- risk 0.53cvss 8.2epss 0.01
Azure Stack Hub Elevation of Privilege Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows TCP/IP Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows TCP/IP Remote Code Execution Vulnerability
- risk 0.53cvss 8.2epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows Kerberos Elevation of Privilege Vulnerability
- risk 0.53cvss 8.2epss 0.01
An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link.
- risk 0.53cvss 8.1epss 0.01
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.
- risk 0.53cvss 8.1epss 0.01
Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows Cryptographic Services Remote Code Execution Vulnerability
- risk 0.53cvss 7.8epss 0.24
Windows Telephony Server Elevation of Privilege Vulnerability
- risk 0.53cvss 8.1epss 0.02
Outlook for Windows Spoofing Vulnerability
- risk 0.53cvss 8.2epss 0.02
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
- risk 0.53cvss 8.2epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.53cvss 7.3epss 0.72
Windows libarchive Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.02
Windows HTML Platforms Security Feature Bypass Vulnerability
- risk 0.53cvss 8.1epss 0.01
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
- risk 0.53cvss 8.0epss 0.11
Microsoft Exchange Server Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.02
Visual Studio Tools for Office Runtime Spoofing Vulnerability
- risk 0.53cvss 8.0epss 0.12
Microsoft Exchange Server Remote Code Execution Vulnerability
- risk 0.53cvss 8.2epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
- risk 0.53cvss 8.2epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.53cvss 8.1epss 0.02
.NET and Visual Studio Elevation of Privilege Vulnerability
- risk 0.53cvss 8.2epss 0.01
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
- risk 0.53cvss 8.1epss 0.02
Windows Group Policy Elevation of Privilege Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
- risk 0.53cvss 7.5epss 0.47
HTTP.sys Denial of Service Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
- risk 0.53cvss 7.8epss 0.25
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.53cvss 8.1epss 0.01
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Page 45 of 287