Filtered by vendor Microsoft
Subscriptions
Total
23282 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-21547 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-01 | 7.5 High |
| Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | ||||
| CVE-2023-21546 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-01-01 | 8.1 High |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | ||||
| CVE-2023-21538 | 3 Fedoraproject, Microsoft, Redhat | 5 Fedora, .net, Powershell and 2 more | 2025-01-01 | 7.5 High |
| .NET Denial of Service Vulnerability | ||||
| CVE-2023-21531 | 1 Microsoft | 1 Azure Service Fabric | 2025-01-01 | 7 High |
| Azure Service Fabric Container Elevation of Privilege Vulnerability | ||||
| CVE-2023-21535 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2025-01-01 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2023-21712 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2025-01-01 | 8.1 High |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-21552 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-01-01 | 7.8 High |
| Windows GDI Elevation of Privilege Vulnerability | ||||
| CVE-2023-21540 | 1 Microsoft | 13 Windows 10 1809, Windows 10 20h2, Windows 10 20h2 and 10 more | 2025-01-01 | 5.5 Medium |
| Windows Cryptographic Information Disclosure Vulnerability | ||||
| CVE-2024-38183 | 1 Microsoft | 1 Groupme | 2024-12-31 | 9.8 Critical |
| An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network. | ||||
| CVE-2024-43489 | 1 Microsoft | 1 Edge Chromium | 2024-12-31 | 6.5 Medium |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||||
| CVE-2024-43496 | 1 Microsoft | 1 Edge Chromium | 2024-12-31 | 6.5 Medium |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||||
| CVE-2024-38016 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-12-31 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2024-43460 | 1 Microsoft | 2 .dynamics 365 Business Central Online, Dynamics 365 Business Central | 2024-12-31 | 8.1 High |
| Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network. | ||||
| CVE-2024-38222 | 1 Microsoft | 2 Edge, Edge Chromium | 2024-12-31 | 6.5 Medium |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | ||||
| CVE-2024-38194 | 1 Microsoft | 1 Azure Web Apps | 2024-12-31 | 8.4 High |
| An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network. | ||||
| CVE-2024-43495 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 3 more | 2024-12-31 | 7.3 High |
| Windows libarchive Remote Code Execution Vulnerability | ||||
| CVE-2024-43491 | 1 Microsoft | 1 Windows 10 1507 | 2024-12-31 | 9.8 Critical |
| Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB5043936) AND the September 2024 Windows security update (KB5043083), in that order. Note: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support. | ||||
| CVE-2024-43487 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-12-31 | 6.5 Medium |
| Windows Mark of the Web Security Feature Bypass Vulnerability | ||||
| CVE-2024-30073 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2024-12-31 | 7.8 High |
| Windows Security Zone Mapping Security Feature Bypass Vulnerability | ||||
| CVE-2024-43479 | 1 Microsoft | 2 Power Automate, Power Automate For Desktop | 2024-12-31 | 8.5 High |
| Microsoft Power Automate Desktop Remote Code Execution Vulnerability | ||||