Filtered by vendor Microsoft
Subscribe
Search
Total
16927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36564 | 2 Microsoft, Strawberryperl | 2 Windows, Strawberryperl | 2023-08-08 | N/A | 8.8 HIGH |
| Incorrect access control in the install directory (C:\Strawberry) of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory. | |||||
| CVE-2022-36263 | 2 Logitech, Microsoft | 2 Streamlabs Desktop, Windows | 2023-08-08 | N/A | 7.3 HIGH |
| StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitrary code via a crafted .exe file. | |||||
| CVE-2022-1901 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2023-08-08 | N/A | 5.3 MEDIUM |
| In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview. | |||||
| CVE-2022-2622 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2023-08-08 | N/A | 6.5 MEDIUM |
| Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file. | |||||
| CVE-2022-22028 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2023-08-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| Windows Network File System Information Disclosure Vulnerability | |||||
| CVE-2022-22042 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Hyper-V Information Disclosure Vulnerability | |||||
| CVE-2022-2160 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2023-08-08 | N/A | 6.5 MEDIUM |
| Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page. | |||||
| CVE-2022-31664 | 3 Linux, Microsoft, Vmware | 6 Linux Kernel, Windows, Access Connector and 3 more | 2023-08-08 | N/A | 7.8 HIGH |
| VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'. | |||||
| CVE-2022-28054 | 2 Microsoft, Vandyke | 2 Windows, Vshell | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value. | |||||
| CVE-2022-26816 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows DNS Server Information Disclosure Vulnerability | |||||
| CVE-2022-24550 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Telephony Server Elevation of Privilege Vulnerability | |||||
| CVE-2022-24530 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Installer Elevation of Privilege Vulnerability | |||||
| CVE-2022-24489 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Cluster Client Failover (CCF) Elevation of Privilege Vulnerability | |||||
| CVE-2022-24481 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-22373 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2023-08-08 | 5.5 MEDIUM | 5.4 MEDIUM |
| An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. IBM X-Force ID: 221323. | |||||
| CVE-2022-24479 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | |||||
| CVE-2021-39017 | 3 Ibm, Linux, Microsoft | 3 Engineering Lifecycle Optimization Publishing, Linux Kernel, Windows | 2023-08-08 | N/A | 6.5 MEDIUM |
| IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 213725. | |||||
| CVE-2022-24474 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2022-26912 | 1 Microsoft | 1 Edge Chromium | 2023-08-08 | 5.1 MEDIUM | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-26909 | 1 Microsoft | 1 Edge Chromium | 2023-08-08 | 5.1 MEDIUM | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-26908 | 1 Microsoft | 1 Edge Chromium | 2023-08-08 | 5.1 MEDIUM | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-26900 | 1 Microsoft | 1 Edge Chromium | 2023-08-08 | 5.1 MEDIUM | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-26895 | 1 Microsoft | 1 Edge Chromium | 2023-08-08 | 5.1 MEDIUM | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-26894 | 1 Microsoft | 1 Edge Chromium | 2023-08-08 | 5.1 MEDIUM | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2021-1675 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-08-08 | 9.3 HIGH | 7.8 HIGH |
| Windows Print Spooler Remote Code Execution Vulnerability | |||||
| CVE-2022-28871 | 3 Apple, F-secure, Microsoft | 4 Mac Os X, Macos, Atlant and 1 more | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker. | |||||
| CVE-2021-42295 | 1 Microsoft | 2 365 Apps, Office | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Visual Basic for Applications Information Disclosure Vulnerability | |||||
| CVE-2021-1081 | 7 Citrix, Linux, Microsoft and 4 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior 8.7). | |||||
| CVE-2021-21126 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2023-08-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. | |||||
| CVE-2021-40449 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2021-1058 | 7 Citrix, Linux, Microsoft and 4 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2023-08-08 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2021-43215 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 6.8 MEDIUM | 9.8 CRITICAL |
| iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution | |||||
| CVE-2022-21997 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 3.6 LOW | 7.1 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-30224 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 6.9 MEDIUM | 7.0 HIGH |
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | |||||
| CVE-2021-31207 | 1 Microsoft | 1 Exchange Server | 2023-08-08 | 6.5 MEDIUM | 6.6 MEDIUM |
| Microsoft Exchange Server Security Feature Bypass Vulnerability | |||||
| CVE-2022-22031 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability | |||||
| CVE-2022-22037 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 8.5 HIGH | 7.5 HIGH |
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | |||||
| CVE-2022-22043 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-22047 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | |||||
| CVE-2022-30181 | 1 Microsoft | 1 Azure Site Recovery | 2023-08-08 | 5.5 MEDIUM | 6.5 MEDIUM |
| Azure Site Recovery Elevation of Privilege Vulnerability | |||||
| CVE-2022-23171 | 2 Atlasvpn, Microsoft | 2 Atlasvpn, Windows | 2023-08-08 | 9.0 HIGH | 8.8 HIGH |
| AtlasVPN - Privilege Escalation Lack of proper security controls on named pipe messages can allow an attacker with low privileges to send a malicious payload and gain SYSTEM permissions on a windows computer where the AtlasVPN client is installed. | |||||
| CVE-2022-27808 | 2 Intel, Microsoft | 2 Administrative Tools For Intel Network Adapters, Windows | 2023-08-08 | N/A | 7.8 HIGH |
| Insufficient control flow management in some Intel(R) Ethernet Controller Administrative Tools drivers for Windows before version 1.5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-26841 | 3 Intel, Linux, Microsoft | 3 Sgx Sdk, Linux Kernel, Windows | 2023-08-08 | N/A | 5.5 MEDIUM |
| Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-30607 | 2 Ibm, Microsoft | 2 Robotic Process Automation, Windows | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow a user to obtain sensitive information due to information properly masked in the control center UI. IBM X-Force ID: 227294. | |||||
| CVE-2022-34362 | 3 Ibm, Linux, Microsoft | 5 Aix, Linux On Ibm Z, Sterling Secure Proxy and 2 more | 2023-08-08 | N/A | 4.6 MEDIUM |
| IBM Sterling Secure Proxy 6.0.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 230523. | |||||
| CVE-2022-22036 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.4 MEDIUM | 7.0 HIGH |
| Performance Counters for Windows Elevation of Privilege Vulnerability | |||||
| CVE-2022-22041 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-08-08 | 8.5 HIGH | 6.8 MEDIUM |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-22000 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-30187 | 1 Microsoft | 2 Azure Storage Blobs, Azure Storage Queue | 2023-08-08 | 1.9 LOW | 4.7 MEDIUM |
| Azure Storage Library Information Disclosure Vulnerability | |||||
| CVE-2022-30223 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-08-08 | 2.7 LOW | 5.7 MEDIUM |
| Windows Hyper-V Information Disclosure Vulnerability | |||||