Filtered by vendor Microsoft
Subscribe
Total
22989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21919 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2025-10-30 | 6.9 MEDIUM | 7.0 HIGH |
|
Windows User Profile Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21971 | 1 Microsoft | 9 Windows 10 1809, Windows 10 1909, Windows 10 20h2 and 6 more | 2025-10-30 | 9.3 HIGH | 7.8 HIGH |
|
Windows Runtime Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21999 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Print Spooler Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-22047 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-10-30 | 7.2 HIGH | 7.8 HIGH |
|
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-22718 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2025-10-30 | 7.2 HIGH | 7.8 HIGH |
|
Windows Print Spooler Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-42278 | 1 Microsoft | 7 Windows Server 2004, Windows Server 2008, Windows Server 2012 and 4 more | 2025-10-30 | 6.5 MEDIUM | 7.5 HIGH |
|
Active Directory Domain Services Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-42287 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-10-30 | 6.5 MEDIUM | 7.5 HIGH |
|
Active Directory Domain Services Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-42292 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2025-10-30 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Excel Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-42321 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 6.5 MEDIUM | 8.8 HIGH |
|
Microsoft Exchange Server Remote Code Execution Vulnerability
|
|||||
| CVE-2021-43226 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Common Log File System Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21674 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-30 | N/A | 8.8 HIGH |
|
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-38649 | 1 Microsoft | 10 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics \(lad\) and 7 more | 2025-10-30 | 4.6 MEDIUM | 7.0 HIGH |
|
Open Management Infrastructure Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-40444 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2025-10-30 | 6.8 MEDIUM | 8.8 HIGH |
|
<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p>
<p>An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accoun ...
Show More |
|||||
| CVE-2021-40449 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Win32k Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-40450 | 1 Microsoft | 10 Windows 10 1809, Windows 10 1909, Windows 10 2004 and 7 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Win32k Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-41357 | 1 Microsoft | 7 Windows 10 2004, Windows 10 20h2, Windows 10 21h1 and 4 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Win32k Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-41379 | 1 Microsoft | 18 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 15 more | 2025-10-30 | 4.6 MEDIUM | 5.5 MEDIUM |
|
Windows Installer Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-36948 | 1 Microsoft | 8 Windows 10 1809, Windows 10 1909, Windows 10 2004 and 5 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Update Medic Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-36955 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Common Log File System Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-38645 | 1 Microsoft | 10 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics \(lad\) and 7 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Open Management Infrastructure Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-38646 | 1 Microsoft | 2 365 Apps, Office | 2025-10-30 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
|
|||||
| CVE-2021-38647 | 1 Microsoft | 10 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics \(lad\) and 7 more | 2025-10-30 | 7.5 HIGH | 9.8 CRITICAL |
|
Open Management Infrastructure Remote Code Execution Vulnerability
|
|||||
| CVE-2021-38648 | 1 Microsoft | 10 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics \(lad\) and 7 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Open Management Infrastructure Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-34484 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows User Profile Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-34486 | 1 Microsoft | 8 Windows 10 1809, Windows 10 1909, Windows 10 2004 and 5 more | 2025-10-30 | 4.6 MEDIUM | 7.8 HIGH |
|
Windows Event Tracing Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-34523 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 7.5 HIGH | 9.0 CRITICAL |
|
Microsoft Exchange Server Elevation of Privilege Vulnerability
|
|||||
| CVE-2021-36942 | 1 Microsoft | 6 Windows Server 2004, Windows Server 2008, Windows Server 2012 and 3 more | 2025-10-30 | 5.0 MEDIUM | 7.5 HIGH |
|
Windows LSA Spoofing Vulnerability
|
|||||
| CVE-2023-21715 | 1 Microsoft | 1 365 Apps | 2025-10-30 | N/A | 7.3 HIGH |
|
Microsoft Publisher Security Feature Bypass Vulnerability
|
|||||
| CVE-2023-21823 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-30 | N/A | 7.8 HIGH |
|
Windows Graphics Component Remote Code Execution Vulnerability
|
|||||
| CVE-2025-59194 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2025-10-30 | N/A | 7.0 HIGH |
|
Use of uninitialized resource in Windows Kernel allows an authorized attacker to elevate privileges locally.
|
|||||
| CVE-2025-59195 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more | 2025-10-30 | N/A | 7.0 HIGH |
|
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to deny service locally.
|
|||||
| CVE-2025-59196 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-10-30 | N/A | 7.0 HIGH |
|
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
|
|||||
| CVE-2025-59197 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-30 | N/A | 5.5 MEDIUM |
|
Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally.
|
|||||
| CVE-2025-59198 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-10-30 | N/A | 5.0 MEDIUM |
|
Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.
|
|||||
| CVE-2025-59199 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more | 2025-10-30 | N/A | 7.8 HIGH |
|
Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally.
|
|||||
| CVE-2025-59250 | 1 Microsoft | 1 Jdbc Driver For Sql Server | 2025-10-30 | N/A | 8.1 HIGH |
|
Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network.
|
|||||
| CVE-2024-43573 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-30 | N/A | 6.5 MEDIUM |
|
Windows MSHTML Platform Spoofing Vulnerability
|
|||||
| CVE-2024-43556 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-10-30 | N/A | 7.8 HIGH |
|
Windows Graphics Component Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-43572 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-10-30 | N/A | 7.8 HIGH |
|
Microsoft Management Console Remote Code Execution Vulnerability
|
|||||
| CVE-2025-10585 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-10-30 | N/A | 9.8 CRITICAL |
|
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||