Filtered by vendor Microsoft
Subscribe
Search
Total
16927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21985 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 2.1 LOW | 5.5 MEDIUM |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
| CVE-2022-23291 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows DWM Core Library Elevation of Privilege Vulnerability | |||||
| CVE-2022-24459 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Fax and Scan Service Elevation of Privilege Vulnerability | |||||
| CVE-2022-22718 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-22710 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Common Log File System Driver Denial of Service Vulnerability | |||||
| CVE-2022-36772 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2023-08-08 | N/A | 6.5 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user. | |||||
| CVE-2022-23252 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2023-08-08 | 2.1 LOW | 5.5 MEDIUM |
| Microsoft Office Information Disclosure Vulnerability | |||||
| CVE-2022-36774 | 2 Ibm, Microsoft | 4 Robotic Process Automation, Robotic Process Automation As A Service, Robotic Process Automation For Cloud Pak and 1 more | 2023-08-08 | N/A | 5.3 MEDIUM |
| IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to man in the middle attacks through manipulation of the client proxy configuration. IBM X-Force ID: 233575. | |||||
| CVE-2021-43224 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 2.1 LOW | 5.5 MEDIUM |
| Windows Common Log File System Driver Information Disclosure Vulnerability | |||||
| CVE-2022-41975 | 2 Microsoft, Realvnc | 3 Windows, Vnc Server, Vnc Viewer | 2023-08-08 | N/A | 7.8 HIGH |
| RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode. | |||||
| CVE-2022-21968 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-08-08 | 4.0 MEDIUM | 4.3 MEDIUM |
| Microsoft SharePoint Server Security Feature Bypass Vulnerability | |||||
| CVE-2022-22319 | 2 Ibm, Microsoft | 3 Robotic Process Automation, Robotic Process Automation As A Service, Windows | 2023-08-08 | 5.5 MEDIUM | 5.4 MEDIUM |
| IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366. | |||||
| CVE-2022-21993 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability | |||||
| CVE-2022-22454 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server On Cloud, Linux Kernel and 1 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | |||||
| CVE-2022-22473 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2023-08-08 | N/A | 5.3 MEDIUM |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID: 225347. | |||||
| CVE-2022-22002 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-08-08 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows User Account Profile Picture Denial of Service Vulnerability | |||||
| CVE-2022-22712 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2023-08-08 | 4.7 MEDIUM | 5.6 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| CVE-2022-2778 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2023-08-08 | N/A | 9.8 CRITICAL |
| In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null bytes. | |||||
| CVE-2022-22716 | 1 Microsoft | 7 365 Apps, Excel, Office and 4 more | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Excel Information Disclosure Vulnerability | |||||
| CVE-2021-29701 | 3 Ibm, Linux, Microsoft | 4 Engineering Workflow Management, Rational Team Concert, Linux Kernel and 1 more | 2023-08-08 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6.0.6 and 6.0.6.1 could allow an authneticated attacker to obtain sensitive information from build definitions that could aid in further attacks against the system. IBM X-Force ID: 200657. | |||||
| CVE-2022-21845 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.7 MEDIUM | 4.7 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2022-22779 | 3 Apple, Keybase, Microsoft | 3 Macos, Keybase, Windows | 2023-08-08 | 4.3 MEDIUM | 3.7 LOW |
| The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user’s filesystem. | |||||
| CVE-2022-22310 | 6 Apple, Hp, Ibm and 3 more | 9 Macos, Hp-ux, Aix and 6 more | 2023-08-08 | 6.4 MEDIUM | 6.5 MEDIUM |
| IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224. | |||||
| CVE-2022-22027 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Fax Service Remote Code Execution Vulnerability | |||||
| CVE-2022-23286 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2023-08-08 | 6.9 MEDIUM | 7.0 HIGH |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-40141 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2023-08-08 | N/A | 7.5 HIGH |
| A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to intercept and decode certain communication strings that may contain some identification attributes of a particular Apex One server. | |||||
| CVE-2022-40139 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2023-08-08 | N/A | 7.2 HIGH |
| Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution. Please note: an attacker must first obtain Apex One server administration console access in order to exploit this vulnerability. | |||||
| CVE-2022-23290 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Inking COM Elevation of Privilege Vulnerability | |||||
| CVE-2022-23293 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-38006 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-08-08 | N/A | 6.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2022-37958 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-08-08 | N/A | 8.1 HIGH |
| SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | |||||
| CVE-2022-37954 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2019 and 1 more | 2023-08-08 | N/A | 7.8 HIGH |
| DirectX Graphics Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-23298 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 6.9 MEDIUM | 7.0 HIGH |
| Windows NT OS Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-23299 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows PDEV Elevation of Privilege Vulnerability | |||||
| CVE-2022-24454 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Security Support Provider Interface Elevation of Privilege Vulnerability | |||||
| CVE-2022-24455 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows CD-ROM Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-24460 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2023-08-08 | 7.6 HIGH | 7.0 HIGH |
| Tablet Windows User Interface Application Elevation of Privilege Vulnerability | |||||
| CVE-2022-24469 | 1 Microsoft | 1 Azure Site Recovery | 2023-08-08 | 9.0 HIGH | 8.1 HIGH |
| Azure Site Recovery Elevation of Privilege Vulnerability | |||||
| CVE-2022-24503 | 1 Microsoft | 12 Remote Desktop, Windows 10, Windows 11 and 9 more | 2023-08-08 | 5.0 MEDIUM | 5.4 MEDIUM |
| Remote Desktop Protocol Client Information Disclosure Vulnerability | |||||
| CVE-2022-24506 | 1 Microsoft | 1 Azure Site Recovery | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| Azure Site Recovery Elevation of Privilege Vulnerability | |||||
| CVE-2022-35841 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | N/A | 8.8 HIGH |
| Windows Enterprise App Management Service Remote Code Execution Vulnerability | |||||
| CVE-2022-35838 | 1 Microsoft | 2 Windows 11, Windows Server 2022 | 2023-08-08 | N/A | 7.5 HIGH |
| HTTP V3 Denial of Service Vulnerability | |||||
| CVE-2022-35837 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-08-08 | N/A | 6.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2022-22039 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2023-08-08 | 6.0 MEDIUM | 7.5 HIGH |
| Windows Network File System Remote Code Execution Vulnerability | |||||
| CVE-2022-1128 | 2 Google, Microsoft | 2 Chrome, Windows | 2023-08-08 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-35833 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-08-08 | N/A | 7.5 HIGH |
| Windows Secure Channel Denial of Service Vulnerability | |||||
| CVE-2022-24515 | 1 Microsoft | 1 Azure Site Recovery | 2023-08-08 | 6.5 MEDIUM | 6.5 MEDIUM |
| Azure Site Recovery Elevation of Privilege Vulnerability | |||||
| CVE-2022-24518 | 1 Microsoft | 1 Azure Site Recovery | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| Azure Site Recovery Elevation of Privilege Vulnerability | |||||
| CVE-2022-24519 | 1 Microsoft | 1 Azure Site Recovery | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| Azure Site Recovery Elevation of Privilege Vulnerability | |||||
| CVE-2022-24522 | 1 Microsoft | 1 Skype Extension | 2023-08-08 | 2.6 LOW | 6.5 MEDIUM |
| Skype Extension for Chrome Information Disclosure Vulnerability | |||||