Filtered by vendor Microsoft
Subscribe
Total
19339 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28252 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-06-27 | N/A | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2016-0165 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-06-27 | 7.2 HIGH | 7.8 HIGH |
| The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0143 and CVE-2016-0167. | |||||
| CVE-2023-36874 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-06-27 | N/A | 7.8 HIGH |
| Windows Error Reporting Service Elevation of Privilege Vulnerability | |||||
| CVE-2023-36884 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-06-27 | N/A | 7.5 HIGH |
| Windows Search Remote Code Execution Vulnerability | |||||
| CVE-2023-38180 | 2 Fedoraproject, Microsoft | 4 Fedora, .net, Asp.net Core and 1 more | 2024-06-27 | N/A | 7.5 HIGH |
| .NET and Visual Studio Denial of Service Vulnerability | |||||
| CVE-2023-4863 | 8 Bentley, Debian, Fedoraproject and 5 more | 10 Seequent Leapfrog, Debian Linux, Fedora and 7 more | 2024-06-27 | N/A | 8.8 HIGH |
| Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | |||||
| CVE-2023-44487 | 32 Akka, Amazon, Apache and 29 more | 311 Http Server, Opensearch Data Prepper, Apisix and 308 more | 2024-06-27 | N/A | 7.5 HIGH |
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | |||||
| CVE-2023-6105 | 3 Linux, Microsoft, Zohocorp | 41 Linux Kernel, Windows, Manageengine Access Manager Plus and 38 more | 2024-06-26 | N/A | 5.5 MEDIUM |
| An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database. | |||||
| CVE-2024-33880 | 2 Microsoft, Virtosoftware | 2 Sharepoint Server, Sharepoint Bulk File Download | 2024-06-26 | N/A | 5.3 MEDIUM |
| An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It discloses full pathnames via Virto.SharePoint.FileDownloader/Api/Download.ashx?action=archive. | |||||
| CVE-2024-33879 | 2 Microsoft, Virtosoftware | 2 Sharepoint Server, Sharepoint Bulk File Download | 2024-06-26 | N/A | 9.8 CRITICAL |
| An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path parameter. | |||||
| CVE-2024-30072 | 1 Microsoft | 3 Windows 11 22h2, Windows 11 23h2, Windows Server 2022 23h2 | 2024-06-24 | N/A | 7.8 HIGH |
| Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | |||||
| CVE-2024-30070 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2024-06-24 | N/A | 7.5 HIGH |
| DHCP Server Service Denial of Service Vulnerability | |||||
| CVE-2024-30069 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-06-24 | N/A | 4.7 MEDIUM |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
| CVE-2024-30075 | 1 Microsoft | 1 Windows Server 2008 | 2024-06-24 | N/A | 8.0 HIGH |
| Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | |||||
| CVE-2024-30074 | 1 Microsoft | 1 Windows Server 2008 | 2024-06-24 | N/A | 8.0 HIGH |
| Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | |||||
| CVE-2024-30068 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-06-24 | N/A | 8.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2010-2739 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2024-06-24 | 7.2 HIGH | N/A |
| Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by performing a clipboard operation (GetClipboardData API function) with a crafted bitmap with a palette that contains a large number of colors. | |||||
| CVE-2024-30082 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-06-21 | N/A | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2024-30078 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-06-21 | N/A | 8.8 HIGH |
| Windows Wi-Fi Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-30077 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-06-21 | N/A | 8.0 HIGH |
| Windows OLE Remote Code Execution Vulnerability | |||||