Filtered by vendor Microsoft
Subscribe
Total
22989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21553 | 1 Microsoft | 1 Azure Devops Server | 2024-11-21 | N/A | 7.5 HIGH |
|
Azure DevOps Server Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21552 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows GDI Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21551 | 1 Microsoft | 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21550 | 1 Microsoft | 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Windows Cryptographic Information Disclosure Vulnerability
|
|||||
| CVE-2023-21549 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 11 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Windows SMB Witness Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21548 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 8.1 HIGH |
|
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21547 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
|
|||||
| CVE-2023-21546 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 8.1 HIGH |
|
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21543 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 8.1 HIGH |
|
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21542 | 1 Microsoft | 9 Windows 10 1607, Windows 7, Windows 8.1 and 6 more | 2024-11-21 | N/A | 7.0 HIGH |
|
Windows Installer Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21541 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Task Scheduler Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21540 | 1 Microsoft | 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Windows Cryptographic Information Disclosure Vulnerability
|
|||||
| CVE-2023-21539 | 1 Microsoft | 6 Windows 10 20h2, Windows 10 21h2, Windows 10 22h2 and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Windows Authentication Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21538 | 2 Fedoraproject, Microsoft | 3 Fedora, .net, Powershell | 2024-11-21 | N/A | 7.5 HIGH |
|
.NET Denial of Service Vulnerability
|
|||||
| CVE-2023-21537 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21536 | 1 Microsoft | 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more | 2024-11-21 | N/A | 4.7 MEDIUM |
|
Event Tracing for Windows Information Disclosure Vulnerability
|
|||||
| CVE-2023-21535 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 11 more | 2024-11-21 | N/A | 8.1 HIGH |
|
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21532 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.0 HIGH |
|
Windows GDI Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21531 | 1 Microsoft | 1 Azure Service Fabric | 2024-11-21 | N/A | 7.0 HIGH |
|
Azure Service Fabric Container Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21529 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft Exchange Server Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21528 | 1 Microsoft | 1 Sql Server | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21527 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Windows iSCSI Service Denial of Service Vulnerability
|
|||||
| CVE-2023-21526 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 7.4 HIGH |
|
Windows Netlogon Information Disclosure Vulnerability
|
|||||
| CVE-2023-21525 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Remote Procedure Call Runtime Denial of Service Vulnerability
|
|||||
| CVE-2023-21524 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 9 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-20900 | 6 Debian, Fedoraproject, Linux and 3 more | 7 Debian Linux, Fedora, Linux Kernel and 4 more | 2024-11-21 | N/A | 7.1 HIGH |
|
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
|
|||||
| CVE-2023-20588 | 5 Amd, Debian, Fedoraproject and 2 more | 78 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 75 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
|
|||||
| CVE-2023-20569 | 4 Amd, Debian, Fedoraproject and 1 more | 296 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 293 more | 2024-11-21 | N/A | 4.7 MEDIUM |
|
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
|
|||||
| CVE-2023-20564 | 2 Amd, Microsoft | 4 Ryzen Master, Ryzen Master Monitoring Sdk, Windows 10 and 1 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution.
|
|||||
| CVE-2023-20562 | 3 Amd, Linux, Microsoft | 3 Amd Uprof, Linux Kernel, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.
|
|||||
| CVE-2023-20561 | 3 Amd, Linux, Microsoft | 3 Amd Uprof, Linux Kernel, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leading to denial of service.
|
|||||
| CVE-2023-20560 | 2 Amd, Microsoft | 4 Ryzen Master, Ryzen Master Monitoring Sdk, Windows 10 and 1 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service.
|
|||||
| CVE-2023-20556 | 3 Amd, Linux, Microsoft | 3 Amd Uprof, Linux Kernel, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of service.
|
|||||
| CVE-2023-1995 | 6 Hitachi, Hp, Ibm and 3 more | 8 Hirdb Server, Hirdb Server With Additional Function, Hirdb Structured Data Access Facility and 5 more | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23,
before 09-66-17,
before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W
, before 09-66-/Q
; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 1 ...
Show More |
|||||
| CVE-2023-1587 | 3 Avast, Avg, Microsoft | 3 Antivirus, Anti-virus, Windows | 2024-11-21 | N/A | 5.8 MEDIUM |
|
Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11
|
|||||
| CVE-2023-1586 | 3 Avast, Avg, Microsoft | 3 Antivirus, Anti-virus, Windows | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11
|
|||||
| CVE-2023-1585 | 3 Avast, Avg, Microsoft | 3 Antivirus, Anti-virus, Windows | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14 February 2023 or later.
|
|||||
| CVE-2023-1217 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Stack buffer overflow in Crash reporting in Google Chrome on Windows prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-1188 | 2 Fabulatech, Microsoft | 2 Webcam For Remote Desktop, Windows | 2024-11-21 | 1.7 LOW | 3.3 LOW |
|
A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42. It has been classified as problematic. Affected is the function 0x222018 in the library ftwebcam.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222360.
|
|||||
| CVE-2023-1187 | 2 Fabulatech, Microsoft | 2 Webcam For Remote Desktop, Windows | 2024-11-21 | 1.7 LOW | 3.3 LOW |
|
A vulnerability was found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This issue affects some unknown processing in the library ftwebcam.sys of the component Global Variable Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222359.
|
|||||