Filtered by vendor Microsoft
Subscribe
Total
19339 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1127 | 1 Microsoft | 1 Windows Nt | 2024-02-08 | 5.0 MEDIUM | 7.5 HIGH |
| Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. | |||||
| CVE-2002-0051 | 1 Microsoft | 1 Windows 2000 | 2024-02-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access. | |||||
| CVE-2002-0391 | 4 Freebsd, Microsoft, Openbsd and 1 more | 7 Freebsd, Windows 2000, Windows Nt and 4 more | 2024-02-08 | 10.0 HIGH | 9.8 CRITICAL |
| Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | |||||
| CVE-2002-1844 | 2 Microsoft, Oracle | 2 Windows Media Player, Solaris | 2024-02-08 | 7.2 HIGH | 7.8 HIGH |
| Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges. | |||||
| CVE-2005-1891 | 2 Aol, Microsoft | 2 Aim, Windows | 2024-02-08 | 5.0 MEDIUM | 7.5 HIGH |
| The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable. | |||||
| CVE-2009-0231 | 1 Microsoft | 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more | 2024-02-08 | 9.3 HIGH | 8.8 HIGH |
| The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record that triggers an integer truncation and a heap-based buffer overflow, aka "Embedded OpenType Font Heap Overflow Vulnerability." | |||||
| CVE-2024-23940 | 2 Microsoft, Trendmicro | 6 Windows, Air Support, Antivirus \+ Security and 3 more | 2024-02-06 | N/A | 7.8 HIGH |
| Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system. | |||||
| CVE-2023-4551 | 3 Linux, Microsoft, Opentext | 3 Linux Kernel, Windows, Appbuilder | 2024-02-05 | N/A | 8.8 HIGH |
| Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows OS Command Injection. The AppBuilder's Scheduler functionality that facilitates creation of scheduled tasks is vulnerable to command injection. This allows authenticated users to inject arbitrary operating system commands into the executing process. This issue affects AppBuilder: from 21.2 before 23.2. | |||||
| CVE-2023-4552 | 3 Linux, Microsoft, Opentext | 3 Linux Kernel, Windows, Appbuilder | 2024-02-05 | N/A | 7.1 HIGH |
| Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An authenticated AppBuilder user with the ability to create or manage existing databases can leverage them to exploit the AppBuilder server - including access to its local file system. This issue affects AppBuilder: from 21.2 before 23.2. | |||||
| CVE-2023-4553 | 3 Linux, Microsoft, Opentext | 3 Linux Kernel, Windows, Appbuilder | 2024-02-05 | N/A | 5.3 MEDIUM |
| Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. AppBuilder configuration files are viewable by unauthenticated users. This issue affects AppBuilder: from 21.2 before 23.2. | |||||
| CVE-2023-4554 | 3 Linux, Microsoft, Opentext | 3 Linux Kernel, Windows, Appbuilder | 2024-02-05 | N/A | 6.5 MEDIUM |
| Improper Restriction of XML External Entity Reference vulnerability in OpenText AppBuilder on Windows, Linux allows Server Side Request Forgery, Probe System Files. AppBuilder's XML processor is vulnerable to XML External Entity Processing (XXE), allowing an authenticated user to upload specially crafted XML files to induce server-side request forgery, disclose files local to the server that processes them. This issue affects AppBuilder: from 21.2 before 23.2. | |||||
| CVE-2024-23441 | 2 Anti-virus, Microsoft | 2 Vba32, Windows | 2024-02-05 | N/A | 5.5 MEDIUM |
| Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerability by triggering the 0x2220A7 IOCTL code of the Vba32m64.sys driver. | |||||
| CVE-2023-4550 | 3 Linux, Microsoft, Opentext | 3 Linux Kernel, Windows, Appbuilder | 2024-02-05 | N/A | 7.5 HIGH |
| Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. This issue affects AppBuilder: from 21.2 before 23.2. | |||||
| CVE-2023-38174 | 1 Microsoft | 1 Edge Chromium | 2024-02-03 | N/A | 4.3 MEDIUM |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | |||||
| CVE-2023-36880 | 1 Microsoft | 1 Edge Chromium | 2024-02-03 | N/A | 4.8 MEDIUM |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | |||||
| CVE-2023-36727 | 1 Microsoft | 1 Edge Chromium | 2024-02-03 | N/A | 6.1 MEDIUM |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||
| CVE-2023-36559 | 1 Microsoft | 1 Edge Chromium | 2024-02-03 | N/A | 4.2 MEDIUM |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||
| CVE-2023-36409 | 1 Microsoft | 1 Edge Chromium | 2024-02-03 | N/A | 6.5 MEDIUM |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | |||||
| CVE-2023-36029 | 1 Microsoft | 1 Edge | 2024-02-03 | N/A | 4.3 MEDIUM |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||
| CVE-2023-36022 | 1 Microsoft | 1 Edge Chromium | 2024-02-03 | N/A | 6.6 MEDIUM |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||