Filtered by vendor Microsoft
Subscribe
Search
Total
16927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26612 | 2 Apache, Microsoft | 2 Hadoop, Windows | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an arbitrary file into the external directory using the symlink name. This however would be caught by the same targetDirPath check on Unix because of the getCanonicalPath call. However on Windows, getCanonicalPath doesn't resolve symbolic links, which bypasses the check. unpackEntries during TAR extraction follows symbolic links which allows writing outside expected base directory on Windows. This was addressed in Apache Hadoop 3.2.3 | |||||
| CVE-2022-23259 | 1 Microsoft | 1 Dynamics 365 | 2023-08-08 | 9.0 HIGH | 8.8 HIGH |
| Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | |||||
| CVE-2022-24521 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-26786 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26787 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26789 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26790 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26791 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26792 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26793 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26794 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26795 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26796 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26797 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26798 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26801 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26802 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26803 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 8.1 and 6 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26914 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2022-34009 | 2 Fossil-scm, Microsoft | 2 Fossil, Windows | 2023-08-08 | N/A | 5.5 MEDIUM |
| Fossil 2.18 on Windows allows attackers to cause a denial of service (daemon crash) via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware. | |||||
| CVE-2022-22045 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 6.9 MEDIUM | 7.8 HIGH |
| Windows.Devices.Picker.dll Elevation of Privilege Vulnerability | |||||
| CVE-2023-4054 | 2 Microsoft, Mozilla | 3 Windows, Firefox, Firefox Esr | 2023-08-07 | N/A | 5.5 MEDIUM |
| When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1. | |||||
| CVE-2021-39820 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-08-02 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2022-23269 | 1 Microsoft | 1 Dynamics Gp | 2023-08-02 | 4.3 MEDIUM | 5.4 MEDIUM |
| Microsoft Dynamics GP Spoofing Vulnerability | |||||
| CVE-2023-28261 | 1 Microsoft | 1 Edge Chromium | 2023-08-02 | N/A | 5.7 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2021-34475 | 1 Microsoft | 1 Edge Chromium | 2023-08-02 | N/A | 5.4 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2023-29344 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2023-08-02 | N/A | 7.8 HIGH |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2023-28288 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2023-08-02 | N/A | 8.1 HIGH |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||
| CVE-2023-33140 | 1 Microsoft | 1 Onenote | 2023-08-02 | N/A | 6.5 MEDIUM |
| Microsoft OneNote Spoofing Vulnerability | |||||
| CVE-2022-23258 | 2 Google, Microsoft | 2 Android, Edge | 2023-08-02 | 4.3 MEDIUM | 4.3 MEDIUM |
| Microsoft Edge for Android Spoofing Vulnerability | |||||
| CVE-2023-21719 | 1 Microsoft | 1 Edge Chromium | 2023-08-02 | N/A | 6.5 MEDIUM |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
| CVE-2022-1316 | 2 Microsoft, Zerotier | 2 Windows, Zerotierone | 2023-08-02 | 7.2 HIGH | 7.8 HIGH |
| Incorrect Permission Assignment for Critical Resource in GitHub repository zerotier/zerotierone prior to 1.8.8. Local Privilege Escalation | |||||
| CVE-2021-31178 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2023-08-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office Information Disclosure Vulnerability | |||||
| CVE-2021-31166 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-08-02 | 7.5 HIGH | 9.8 CRITICAL |
| HTTP Protocol Stack Remote Code Execution Vulnerability | |||||
| CVE-2021-31170 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-08-02 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2021-31188 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-08-02 | 2.1 LOW | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2021-26421 | 1 Microsoft | 2 Lync Server, Skype For Business Server | 2023-08-02 | 5.8 MEDIUM | 6.5 MEDIUM |
| Skype for Business and Lync Spoofing Vulnerability | |||||
| CVE-2021-26419 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2023-08-02 | 7.6 HIGH | 7.5 HIGH |
| Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2021-31182 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2023-08-02 | 4.8 MEDIUM | 7.1 HIGH |
| Microsoft Bluetooth Driver Spoofing Vulnerability | |||||
| CVE-2021-31186 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-08-02 | 4.3 MEDIUM | 7.4 HIGH |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||||
| CVE-2021-31194 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-08-02 | 6.5 MEDIUM | 8.8 HIGH |
| OLE Automation Remote Code Execution Vulnerability | |||||
| CVE-2021-31205 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-08-02 | 4.3 MEDIUM | 4.3 MEDIUM |
| Windows SMB Client Security Feature Bypass Vulnerability | |||||
| CVE-2021-31165 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-08-02 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Manager Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-28479 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2023-08-02 | 2.1 LOW | 5.5 MEDIUM |
| Windows CSC Service Information Disclosure Vulnerability | |||||
| CVE-2021-31200 | 1 Microsoft | 1 Neural Network Intelligence | 2023-08-02 | 6.5 MEDIUM | 7.2 HIGH |
| Common Utilities Remote Code Execution Vulnerability | |||||
| CVE-2021-31190 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2023-08-02 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-31211 | 1 Microsoft | 1 Visual Studio Code | 2023-08-02 | 6.8 MEDIUM | 7.8 HIGH |
| Visual Studio Code Remote Code Execution Vulnerability | |||||
| CVE-2021-31209 | 1 Microsoft | 1 Exchange Server | 2023-08-02 | 5.8 MEDIUM | 6.5 MEDIUM |
| Microsoft Exchange Server Spoofing Vulnerability | |||||
| CVE-2021-31191 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2023-08-02 | 2.1 LOW | 5.5 MEDIUM |
| Windows Projected File System FS Filter Driver Information Disclosure Vulnerability | |||||
| CVE-2021-31192 | 1 Microsoft | 1 Windows 10 | 2023-08-02 | 6.8 MEDIUM | 7.3 HIGH |
| Windows Media Foundation Core Remote Code Execution Vulnerability | |||||