Filtered by vendor Microsoft
Subscribe
Total
21898 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-33742 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-02-24 | 6.8 MEDIUM | 7.5 HIGH |
| Windows MSHTML Platform Remote Code Execution Vulnerability | |||||
| CVE-2021-41379 | 1 Microsoft | 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more | 2025-02-24 | 4.6 MEDIUM | 5.5 MEDIUM |
| Windows Installer Elevation of Privilege Vulnerability | |||||
| CVE-2022-21919 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2025-02-24 | 6.9 MEDIUM | 7.0 HIGH |
| Windows User Profile Service Elevation of Privilege Vulnerability | |||||
| CVE-2023-35311 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-02-24 | N/A | 8.8 HIGH |
| Microsoft Outlook Security Feature Bypass Vulnerability | |||||
| CVE-2025-24989 | 1 Microsoft | 1 Power Pages | 2025-02-24 | N/A | 8.2 HIGH |
| An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. This vulnerability has already been mitigated in the service and all affected customers have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you. | |||||
| CVE-2023-28597 | 2 Microsoft, Zoom | 4 Windows, Rooms, Virtual Desktop Infrastructure and 1 more | 2025-02-19 | N/A | 8.3 HIGH |
| Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could set up a malicious SMB server to respond to client requests, causing the client to execute attacker controlled executables. This could result in an attacker gaining access to a user's device and data, and remote code execution. | |||||
| CVE-2023-0664 | 4 Fedoraproject, Microsoft, Qemu and 1 more | 4 Fedora, Windows, Qemu and 1 more | 2025-02-18 | N/A | 7.8 HIGH |
| A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system. | |||||
| CVE-2022-34713 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-02-18 | N/A | 7.8 HIGH |
| Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | |||||
| CVE-2022-37969 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-02-18 | N/A | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-41049 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-18 | N/A | 5.4 MEDIUM |
| Windows Mark of the Web Security Feature Bypass Vulnerability | |||||
| CVE-2022-41080 | 1 Microsoft | 1 Exchange Server | 2025-02-18 | N/A | 8.8 HIGH |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||
| CVE-2022-2856 | 5 Apple, Fedoraproject, Google and 2 more | 6 Macos, Fedora, Android and 3 more | 2025-02-18 | N/A | 6.5 MEDIUM |
| Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page. | |||||
| CVE-2025-21377 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-02-14 | N/A | 6.5 MEDIUM |
| NTLM Hash Disclosure Spoofing Vulnerability | |||||
| CVE-2025-21379 | 1 Microsoft | 2 Windows 11 24h2, Windows Server 2025 | 2025-02-14 | N/A | 7.1 HIGH |
| DHCP Client Service Remote Code Execution Vulnerability | |||||
| CVE-2025-21400 | 1 Microsoft | 1 Sharepoint Server | 2025-02-14 | N/A | 8.0 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2025-21406 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-02-14 | N/A | 8.8 HIGH |
| Windows Telephony Service Remote Code Execution Vulnerability | |||||
| CVE-2025-21407 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-02-14 | N/A | 8.8 HIGH |
| Windows Telephony Service Remote Code Execution Vulnerability | |||||
| CVE-2025-21420 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-02-14 | N/A | 7.8 HIGH |
| Windows Disk Cleanup Tool Elevation of Privilege Vulnerability | |||||
| CVE-2025-21410 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-02-14 | N/A | 8.8 HIGH |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | |||||
| CVE-2025-21414 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-02-14 | N/A | 7.0 HIGH |
| Windows Core Messaging Elevation of Privileges Vulnerability | |||||