Filtered by vendor Microsoft
Subscribe
Search
Total
6671 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-38048 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2023-12-20 | N/A | 7.8 HIGH |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2022-41083 | 1 Microsoft | 1 Jupyter | 2023-12-20 | N/A | 7.8 HIGH |
| Visual Studio Code Elevation of Privilege Vulnerability | |||||
| CVE-2022-41081 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 8.1 HIGH |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2022-41042 | 1 Microsoft | 1 Visual Studio Code | 2023-12-20 | N/A | 7.4 HIGH |
| Visual Studio Code Information Disclosure Vulnerability | |||||
| CVE-2022-41038 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-12-20 | N/A | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2022-38039 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2019 and 1 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-41037 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-12-20 | N/A | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2022-38040 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 8.8 HIGH |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||
| CVE-2022-41036 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-12-20 | N/A | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2022-38041 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.5 HIGH |
| Windows Secure Channel Denial of Service Vulnerability | |||||
| CVE-2022-38046 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2019 and 1 more | 2023-12-20 | N/A | 7.5 HIGH |
| Web Account Manager Information Disclosure Vulnerability | |||||
| CVE-2022-38045 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-20 | N/A | 8.8 HIGH |
| Windows Server Service Elevation of Privilege Vulnerability | |||||
| CVE-2022-38053 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-20 | N/A | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2022-38044 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows CD-ROM File System Driver Remote Code Execution Vulnerability | |||||
| CVE-2022-41033 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows COM+ Event System Service Elevation of Privilege Vulnerability | |||||
| CVE-2022-41034 | 1 Microsoft | 1 Visual Studio Code | 2023-12-20 | N/A | 7.8 HIGH |
| Visual Studio Code Remote Code Execution Vulnerability | |||||
| CVE-2022-41031 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2023-12-20 | N/A | 7.8 HIGH |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| CVE-2022-38042 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.1 HIGH |
| Active Directory Domain Services Elevation of Privilege Vulnerability | |||||
| CVE-2022-38038 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-41032 | 2 Fedoraproject, Microsoft | 5 Fedora, .net, .net Core and 2 more | 2023-12-20 | N/A | 7.8 HIGH |
| NuGet Client Elevation of Privilege Vulnerability | |||||
| CVE-2023-44487 | 31 Akka, Amazon, Apache and 28 more | 127 Http Server, Opensearch Data Prepper, Apisix and 124 more | 2023-12-20 | N/A | 7.5 HIGH |
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | |||||
| CVE-2023-41151 | 2 Microsoft, Softing | 4 Windows, Opc, Opc Ua C\+\+ Software Development Kit and 1 more | 2023-12-19 | N/A | 7.5 HIGH |
| An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing. | |||||
| CVE-2023-6702 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Edge Chromium | 2023-12-19 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-48676 | 2 Acronis, Microsoft | 2 Cyber Protect Cloud Agent, Windows | 2023-12-19 | N/A | 7.1 HIGH |
| Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 36943. | |||||
| CVE-2023-6407 | 2 Microsoft, Schneider-electric | 6 Windows 10 1507, Windows 11 21h2, Windows Server 2016 and 3 more | 2023-12-18 | N/A | 7.1 HIGH |
| A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file deletion upon service restart when accessed by a local and low-privileged attacker. | |||||
| CVE-2023-36006 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2023-12-18 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-36004 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2023-12-18 | N/A | 7.5 HIGH |
| Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability | |||||
| CVE-2023-36005 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2023-12-18 | N/A | 8.1 HIGH |
| Windows Telephony Server Elevation of Privilege Vulnerability | |||||
| CVE-2023-36003 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2023-12-18 | N/A | 7.3 HIGH |
| XAML Diagnostics Elevation of Privilege Vulnerability | |||||
| CVE-2023-36010 | 1 Microsoft | 1 Malware Protection Platform | 2023-12-18 | N/A | 7.5 HIGH |
| Microsoft Defender Denial of Service Vulnerability | |||||
| CVE-2023-36019 | 1 Microsoft | 2 Azure Logic Apps, Power Platform | 2023-12-18 | N/A | 7.4 HIGH |
| Microsoft Power Platform Connector Spoofing Vulnerability | |||||
| CVE-2023-36011 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2023-12-18 | N/A | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2023-48634 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2023-12-16 | N/A | 7.8 HIGH |
| Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-48633 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2023-12-16 | N/A | 7.8 HIGH |
| Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-48632 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2023-12-16 | N/A | 7.8 HIGH |
| Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-36403 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2023-12-15 | N/A | 7.0 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-36405 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2023-12-15 | N/A | 7.0 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-36407 | 1 Microsoft | 5 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 2 more | 2023-12-15 | N/A | 7.8 HIGH |
| Windows Hyper-V Elevation of Privilege Vulnerability | |||||
| CVE-2023-36408 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2023-12-15 | N/A | 7.8 HIGH |
| Windows Hyper-V Elevation of Privilege Vulnerability | |||||
| CVE-2023-36424 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2023-12-15 | N/A | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2023-36425 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2023-12-15 | N/A | 8.0 HIGH |
| Windows Distributed File System (DFS) Remote Code Execution Vulnerability | |||||
| CVE-2023-36427 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2023-12-15 | N/A | 7.0 HIGH |
| Windows Hyper-V Elevation of Privilege Vulnerability | |||||
| CVE-2023-36705 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2023-12-15 | N/A | 7.8 HIGH |
| Windows Installer Elevation of Privilege Vulnerability | |||||
| CVE-2023-35621 | 1 Microsoft | 1 Dynamics 365 | 2023-12-15 | N/A | 7.5 HIGH |
| Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability | |||||
| CVE-2023-21740 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2023-12-15 | N/A | 7.8 HIGH |
| Windows Media Remote Code Execution Vulnerability | |||||
| CVE-2016-9952 | 2 Haxx, Microsoft | 2 Curl, Windows Embedded Compact | 2023-12-15 | 6.8 MEDIUM | 8.1 HIGH |
| The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com." | |||||
| CVE-2023-6753 | 2 Lfprojects, Microsoft | 2 Mlflow, Windows | 2023-12-15 | N/A | 8.8 HIGH |
| Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. | |||||
| CVE-2023-35644 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2023-12-15 | N/A | 7.8 HIGH |
| Windows Sysmain Service Elevation of Privilege | |||||
| CVE-2023-35643 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2023-12-15 | N/A | 7.5 HIGH |
| DHCP Server Service Information Disclosure Vulnerability | |||||
| CVE-2023-35641 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2023-12-15 | N/A | 8.8 HIGH |
| Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | |||||