Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Microsoft Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 16927 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-16992 1 Microsoft 1 Azure Sphere 2023-12-31 7.2 HIGH 7.5 HIGH
Azure Sphere Elevation of Privilege Vulnerability
CVE-2020-17042 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2023-12-31 9.3 HIGH 8.8 HIGH
Windows Print Spooler Remote Code Execution Vulnerability
CVE-2020-17019 1 Microsoft 1 Office 2023-12-31 6.8 MEDIUM 7.8 HIGH
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-17126 1 Microsoft 5 365 Apps, Excel, Office and 2 more 2023-12-31 2.1 LOW 5.5 MEDIUM
Microsoft Excel Information Disclosure Vulnerability
CVE-2020-16959 1 Microsoft 5 Windows 10, Windows 7, Windows Server 2008 and 2 more 2023-12-31 7.2 HIGH 7.8 HIGH
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-16963 1 Microsoft 5 Windows 10, Windows 7, Windows Server 2008 and 2 more 2023-12-31 7.2 HIGH 7.8 HIGH
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-17145 1 Microsoft 2 Azure Devops Server, Team Foundation Server 2023-12-31 4.9 MEDIUM 5.4 MEDIUM
Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
CVE-2020-17133 1 Microsoft 1 Dynamics Nav 2023-12-31 4.0 MEDIUM 6.5 MEDIUM
Microsoft Dynamics Business Central/NAV Information Disclosure
CVE-2020-17115 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2023-12-31 6.0 MEDIUM 8.0 HIGH
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2020-17125 1 Microsoft 5 365 Apps, Excel, Office and 2 more 2023-12-31 9.3 HIGH 7.8 HIGH
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-16958 1 Microsoft 5 Windows 10, Windows 7, Windows Server 2008 and 2 more 2023-12-31 7.2 HIGH 7.8 HIGH
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-16962 1 Microsoft 5 Windows 10, Windows 7, Windows Server 2008 and 2 more 2023-12-31 7.2 HIGH 7.8 HIGH
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-16961 1 Microsoft 5 Windows 10, Windows 7, Windows Server 2008 and 2 more 2023-12-31 7.2 HIGH 7.8 HIGH
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-16964 1 Microsoft 5 Windows 10, Windows 7, Windows Server 2008 and 2 more 2023-12-31 7.2 HIGH 7.8 HIGH
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-16971 1 Microsoft 1 Azure Sdk For Java 2023-12-31 6.4 MEDIUM 7.4 HIGH
Azure SDK for Java Security Feature Bypass Vulnerability
CVE-2020-17002 1 Microsoft 1 C Sdk For Azure Iot 2023-12-31 9.4 HIGH 7.4 HIGH
Azure SDK for C Security Feature Bypass Vulnerability
CVE-2020-17121 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2023-12-31 6.5 MEDIUM 8.8 HIGH
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2020-17122 1 Microsoft 3 Office, Office Web Apps, Sharepoint Server 2023-12-31 9.3 HIGH 7.8 HIGH
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-16996 1 Microsoft 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 2023-12-31 4.0 MEDIUM 6.5 MEDIUM
Kerberos Security Feature Bypass Vulnerability
CVE-2020-17123 1 Microsoft 4 365 Apps, Excel, Office Online Server and 1 more 2023-12-31 9.3 HIGH 7.8 HIGH
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-17127 1 Microsoft 1 Excel 2023-12-31 9.3 HIGH 7.8 HIGH
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-16960 1 Microsoft 5 Windows 10, Windows 7, Windows Server 2008 and 2 more 2023-12-31 7.2 HIGH 7.8 HIGH
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-17128 1 Microsoft 5 365 Apps, Excel, Office and 2 more 2023-12-31 9.3 HIGH 7.8 HIGH
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-17131 1 Microsoft 4 Chakracore, Edge, Windows 10 and 1 more 2023-12-31 5.1 MEDIUM 4.2 MEDIUM
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2020-17129 1 Microsoft 5 365 Apps, Excel, Office and 2 more 2023-12-31 9.3 HIGH 7.8 HIGH
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-17153 1 Microsoft 1 Edge 2023-12-31 5.8 MEDIUM 4.3 MEDIUM
Microsoft Edge for Android Spoofing Vulnerability
CVE-2020-17150 1 Microsoft 1 Visual Studio Code 2023-12-31 6.8 MEDIUM 7.8 HIGH
Visual Studio Code Remote Code Execution Vulnerability
CVE-2020-17120 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2023-12-31 4.0 MEDIUM 5.3 MEDIUM
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2020-17124 1 Microsoft 3 365 Apps, Office, Powerpoint 2023-12-31 9.3 HIGH 7.8 HIGH
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2020-17130 1 Microsoft 2 365 Apps, Excel 2023-12-31 6.0 MEDIUM 6.5 MEDIUM
Microsoft Excel Security Feature Bypass Vulnerability
CVE-2020-17140 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2023-12-31 4.0 MEDIUM 8.1 HIGH
Windows SMB Information Disclosure Vulnerability
CVE-2021-43890 1 Microsoft 2 App Installer, Windows 10 2023-12-30 6.0 MEDIUM 7.1 HIGH
<p>We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader.</p> <p>An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>Please see the <strong>Security Updates</strong> table for the link to the updated app. Alternatively you can download and install the Installer using the links provided in the <strong>FAQ</strong> section.</p> <p>Please see the <strong>Mitigations</strong> and <strong>Workaround</strong> sections for important information about steps you can take to protect your system from this vulnerability.</p> <p><strong>December 27 2023 Update:</strong></p> <p>In recent months, Microsoft Threat Intelligence has seen an increase in activity from threat actors leveraging social engineering and phishing techniques to target Windows OS users and utilizing the <a href="https://learn.microsoft.com/en-us/windows/msix/app-installer/installing-windows10-apps-web">ms-appinstaller URI scheme</a>.</p> <p>To address this increase in activity, we have updated the App Installer to disable the ms-appinstaller protocol by default and recommend other potential mitigations.</p>
CVE-2021-28446 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2023-12-30 2.1 LOW 7.1 HIGH
Windows Portmapping Information Disclosure Vulnerability
CVE-2020-17095 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2023-12-30 9.0 HIGH 8.5 HIGH
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2020-17092 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2023-12-30 7.2 HIGH 7.8 HIGH
Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-17097 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2023-12-30 4.6 MEDIUM 3.3 LOW
Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2020-17089 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2023-12-30 6.0 MEDIUM 7.1 HIGH
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2020-17137 1 Microsoft 2 Windows 10, Windows Server 2016 2023-12-30 4.6 MEDIUM 7.8 HIGH
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2020-17132 1 Microsoft 1 Exchange Server 2023-12-30 6.5 MEDIUM 9.1 CRITICAL
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2020-17117 1 Microsoft 1 Exchange Server 2023-12-30 9.0 HIGH 6.6 MEDIUM
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2021-33742 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2023-12-30 6.8 MEDIUM 7.5 HIGH
Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2020-17098 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2023-12-30 2.1 LOW 5.5 MEDIUM
Windows GDI+ Information Disclosure Vulnerability
CVE-2020-17096 1 Microsoft 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more 2023-12-30 9.0 HIGH 7.5 HIGH
Windows NTFS Remote Code Execution Vulnerability
CVE-2020-17103 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2023-12-30 7.2 HIGH 7.0 HIGH
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2020-17099 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2023-12-30 4.6 MEDIUM 6.8 MEDIUM
Windows Lock Screen Security Feature Bypass Vulnerability
CVE-2020-17135 1 Microsoft 1 Azure Devops Server 2023-12-30 4.9 MEDIUM 6.4 MEDIUM
Azure DevOps Server Spoofing Vulnerability
CVE-2020-17134 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2023-12-30 4.6 MEDIUM 7.8 HIGH
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2020-17119 1 Microsoft 3 365 Apps, Office, Outlook 2023-12-30 5.0 MEDIUM 6.5 MEDIUM
Microsoft Outlook Information Disclosure Vulnerability
CVE-2020-17118 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2023-12-30 10.0 HIGH 8.1 HIGH
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2020-17156 1 Microsoft 2 Visual Studio 2017, Visual Studio 2019 2023-12-30 6.8 MEDIUM 7.8 HIGH
Visual Studio Remote Code Execution Vulnerability