Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Microsoft Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2970 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-22483 5 Hp, Ibm, Linux and 2 more 6 Hp-ux, Aix, Db2 and 3 more 2023-08-08 N/A 6.5 MEDIUM
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979.
CVE-2022-45434 2 Dahuasecurity, Microsoft 9 Dhi-dss4004-s2, Dhi-dss4004-s2 Firmware, Dhi-dss7016d-s2 and 6 more 2023-08-08 N/A 5.9 MEDIUM
Some Dahua software products have a vulnerability of unauthenticated un-throttled ICMP requests on remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could exploit the victim server to launch ICMP request attack to the designated target host.
CVE-2022-41049 1 Microsoft 9 Windows 10, Windows 11, Windows 7 and 6 more 2023-08-08 N/A 5.4 MEDIUM
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2022-22442 3 Ibm, Linux, Microsoft 5 Aix, Infosphere Information Server, Infosphere Information Server On Cloud and 2 more 2023-08-08 N/A 6.5 MEDIUM
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. IBM X-Force ID: 224427."
CVE-2022-34165 6 Apple, Hp, Ibm and 3 more 9 Macos, Hp-ux, Aix and 6 more 2023-08-08 N/A 5.4 MEDIUM
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting. IBM X-Force ID: 229429.
CVE-2021-20543 3 Ibm, Linux, Microsoft 3 Jazz Team Server, Linux Kernel, Windows 2023-08-08 3.5 LOW 5.4 MEDIUM
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 198929.
CVE-2021-21126 2 Google, Microsoft 2 Chrome, Edge Chromium 2023-08-08 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.
CVE-2022-30181 1 Microsoft 1 Azure Site Recovery 2023-08-08 5.5 MEDIUM 6.5 MEDIUM
Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-26841 3 Intel, Linux, Microsoft 3 Sgx Sdk, Linux Kernel, Windows 2023-08-08 N/A 5.5 MEDIUM
Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-23262 1 Microsoft 1 Edge Chromium 2023-08-08 6.8 MEDIUM 6.3 MEDIUM
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2022-41091 1 Microsoft 5 Windows 10, Windows 11, Windows Server 2016 and 2 more 2023-08-08 N/A 5.4 MEDIUM
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2022-45432 2 Dahuasecurity, Microsoft 9 Dhi-dss4004-s2, Dhi-dss4004-s2 Firmware, Dhi-dss7016d-s2 and 6 more 2023-08-08 N/A 5.3 MEDIUM
Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from remote DSS Server.
CVE-2021-31207 1 Microsoft 1 Exchange Server 2023-08-08 6.5 MEDIUM 6.6 MEDIUM
Microsoft Exchange Server Security Feature Bypass Vulnerability
CVE-2022-23271 1 Microsoft 1 Dynamics Gp 2023-08-08 9.0 HIGH 6.5 MEDIUM
Microsoft Dynamics GP Elevation Of Privilege Vulnerability
CVE-2023-4054 2 Microsoft, Mozilla 3 Windows, Firefox, Firefox Esr 2023-08-07 N/A 5.5 MEDIUM
When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.
CVE-2022-23269 1 Microsoft 1 Dynamics Gp 2023-08-02 4.3 MEDIUM 5.4 MEDIUM
Microsoft Dynamics GP Spoofing Vulnerability
CVE-2023-28261 1 Microsoft 1 Edge Chromium 2023-08-02 N/A 5.7 MEDIUM
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2023-33140 1 Microsoft 1 Onenote 2023-08-02 N/A 6.5 MEDIUM
Microsoft OneNote Spoofing Vulnerability
CVE-2021-34475 1 Microsoft 1 Edge Chromium 2023-08-02 N/A 5.4 MEDIUM
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2022-23258 2 Google, Microsoft 2 Android, Edge 2023-08-02 4.3 MEDIUM 4.3 MEDIUM
Microsoft Edge for Android Spoofing Vulnerability
CVE-2023-21719 1 Microsoft 1 Edge Chromium 2023-08-02 N/A 6.5 MEDIUM
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2021-26418 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2023-08-02 5.8 MEDIUM 4.6 MEDIUM
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-28479 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2023-08-02 2.1 LOW 5.5 MEDIUM
Windows CSC Service Information Disclosure Vulnerability
CVE-2021-28461 1 Microsoft 1 Dynamics 365 2023-08-02 3.5 LOW 6.1 MEDIUM
Dynamics Finance and Operations Cross-site Scripting Vulnerability
CVE-2021-31185 1 Microsoft 2 Windows 10, Windows Server 2016 2023-08-02 2.1 LOW 5.5 MEDIUM
Windows Desktop Bridge Denial of Service Vulnerability
CVE-2021-31191 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2023-08-02 2.1 LOW 5.5 MEDIUM
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
CVE-2021-31184 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2023-08-02 2.1 LOW 5.5 MEDIUM
Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability
CVE-2021-31174 1 Microsoft 5 365 Apps, Excel, Office and 2 more 2023-08-02 2.1 LOW 5.5 MEDIUM
Microsoft Excel Information Disclosure Vulnerability
CVE-2021-31171 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2023-08-02 2.1 LOW 4.1 MEDIUM
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2021-31173 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2023-08-02 4.0 MEDIUM 5.3 MEDIUM
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-31195 1 Microsoft 1 Exchange Server 2023-08-02 6.8 MEDIUM 6.5 MEDIUM
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-31205 1 Microsoft 2 Windows 10, Windows Server 2016 2023-08-02 4.3 MEDIUM 4.3 MEDIUM
Windows SMB Client Security Feature Bypass Vulnerability
CVE-2021-31209 1 Microsoft 1 Exchange Server 2023-08-02 5.8 MEDIUM 6.5 MEDIUM
Microsoft Exchange Server Spoofing Vulnerability
CVE-2021-31178 1 Microsoft 6 365 Apps, Excel, Office and 3 more 2023-08-02 4.3 MEDIUM 5.5 MEDIUM
Microsoft Office Information Disclosure Vulnerability
CVE-2021-26421 1 Microsoft 2 Lync Server, Skype For Business Server 2023-08-02 5.8 MEDIUM 6.5 MEDIUM
Skype for Business and Lync Spoofing Vulnerability
CVE-2021-41355 1 Microsoft 3 .net, Powershell, Visual Studio 2019 2023-08-01 2.9 LOW 5.7 MEDIUM
.NET Core and Visual Studio Information Disclosure Vulnerability
CVE-2021-38662 1 Microsoft 11 Windows 10, Windows 11, Windows 7 and 8 more 2023-08-01 4.9 MEDIUM 5.5 MEDIUM
Windows Fast FAT File System Driver Information Disclosure Vulnerability
CVE-2021-31199 1 Microsoft 2 Windows Server 2008, Windows Server 2012 2023-08-01 4.6 MEDIUM 5.2 MEDIUM
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
CVE-2021-40475 1 Microsoft 5 Windows 10, Windows 11, Windows Server 2016 and 2 more 2023-08-01 2.1 LOW 5.5 MEDIUM
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2021-31955 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2023-08-01 2.1 LOW 5.5 MEDIUM
Windows Kernel Information Disclosure Vulnerability
CVE-2021-31201 1 Microsoft 2 Windows Server 2008, Windows Server 2012 2023-08-01 4.6 MEDIUM 5.2 MEDIUM
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
CVE-2021-26414 1 Microsoft 10 Windows 10, Windows 7, Windows 8.1 and 7 more 2023-08-01 4.3 MEDIUM 4.8 MEDIUM
Windows DCOM Server Security Feature Bypass
CVE-2021-31960 1 Microsoft 2 Windows 10, Windows Server 2016 2023-08-01 2.1 LOW 5.5 MEDIUM
Windows Bind Filter Driver Information Disclosure Vulnerability
CVE-2021-31944 1 Microsoft 1 3d Viewer 2023-08-01 4.3 MEDIUM 5.0 MEDIUM
3D Viewer Information Disclosure Vulnerability
CVE-2021-31957 2 Fedoraproject, Microsoft 4 Fedora, .net, .net Core and 1 more 2023-08-01 5.0 MEDIUM 5.9 MEDIUM
ASP.NET Denial of Service Vulnerability
CVE-2021-31965 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2023-08-01 4.0 MEDIUM 5.7 MEDIUM
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-31972 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2023-08-01 2.1 LOW 5.5 MEDIUM
Event Tracing for Windows Information Disclosure Vulnerability
CVE-2021-40454 1 Microsoft 11 365 Apps, Office, Windows 10 and 8 more 2023-08-01 2.1 LOW 5.5 MEDIUM
Rich Text Edit Control Information Disclosure Vulnerability
CVE-2021-40482 1 Microsoft 1 Sharepoint Server 2023-08-01 5.0 MEDIUM 5.3 MEDIUM
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-31978 1 Microsoft 1 Malware Protection Engine 2023-08-01 2.1 LOW 5.5 MEDIUM
Microsoft Defender Denial of Service Vulnerability