Filtered by vendor Microsoft
Subscribe
Total
22989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-38006 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Windows Graphics Component Information Disclosure Vulnerability
|
|||||
| CVE-2022-38005 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Print Spooler Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-38004 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Fax Service Remote Code Execution Vulnerability
|
|||||
| CVE-2022-37992 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Group Policy Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-37964 | 1 Microsoft | 2 Windows 7, Windows Server 2008 | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-37963 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office Visio Remote Code Execution Vulnerability
|
|||||
| CVE-2022-37962 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft PowerPoint Remote Code Execution Vulnerability
|
|||||
| CVE-2022-37961 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-37959 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability
|
|||||
| CVE-2022-37958 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | N/A | 8.1 HIGH |
|
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
|
|||||
| CVE-2022-37957 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-37956 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-37955 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Group Policy Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-37954 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2019 and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
DirectX Graphics Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-37771 | 2 Iobit, Microsoft | 2 Malware Fighter, Windows | 2024-11-21 | N/A | 6.7 MEDIUM |
|
IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable.
|
|||||
| CVE-2022-37391 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code i ...
Show More |
|||||
| CVE-2022-37390 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code i ...
Show More |
|||||
| CVE-2022-37389 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code i ...
Show More |
|||||
| CVE-2022-37388 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. ...
Show More |
|||||
| CVE-2022-37387 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code i ...
Show More |
|||||
| CVE-2022-37386 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the resetForm method. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities ...
Show More |
|||||
| CVE-2022-37385 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code ...
Show More |
|||||
| CVE-2022-37384 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the delay method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the con ...
Show More |
|||||
| CVE-2022-37383 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabi ...
Show More |
|||||
| CVE-2022-37382 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeIcon method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other v ...
Show More |
|||||
| CVE-2022-37381 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AFSpecial_KeystrokeEx method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the ...
Show More |
|||||
| CVE-2022-37380 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ADBC objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerab ...
Show More |
|||||
| CVE-2022-37379 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the AFSpecial_KeystrokeEx method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this ...
Show More |
|||||
| CVE-2022-37378 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the optimization of JavaScript functions. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to ...
Show More |
|||||
| CVE-2022-37377 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor 11.1.1.53537;. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JavaScript optimizations. The issue results from an improper optimization, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the c ...
Show More |
|||||
| CVE-2022-37376 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | N/A | 3.3 LOW |
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of arrays. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilitie ...
Show More |
|||||
| CVE-2022-37348 | 2 Microsoft, Trendmicro | 2 Windows, Security | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-37347.
|
|||||
| CVE-2022-37173 | 2 Microsoft, Vim | 2 Windows, Gvim | 2024-11-21 | N/A | 7.8 HIGH |
|
An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe.
|
|||||
| CVE-2022-36947 | 2 Faststone, Microsoft | 2 Image Viewer, Windows | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer overflow.
|
|||||
| CVE-2022-36774 | 2 Ibm, Microsoft | 4 Robotic Process Automation, Robotic Process Automation As A Service, Robotic Process Automation For Cloud Pak and 1 more | 2024-11-21 | N/A | 5.3 MEDIUM |
|
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to man in the middle attacks through manipulation of the client proxy configuration. IBM X-Force ID: 233575.
|
|||||
| CVE-2022-36772 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user.
|
|||||
| CVE-2022-36564 | 2 Microsoft, Strawberryperl | 2 Windows, Strawberryperl | 2024-11-21 | N/A | 8.8 HIGH |
|
Incorrect access control in the install directory (C:\Strawberry) of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
|
|||||
| CVE-2022-36396 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | N/A | 8.2 HIGH |
|
Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmiEdit-Linux-5.27.06.0017 may allow a privileged user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2022-36374 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | N/A | 7.5 HIGH |
|
Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privileged user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2022-36336 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Worry-free Business Security and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate to customers in an updated Spyware pattern. Customers who are up-to-date on detection patterns are not required to take any additional steps to mitigate this issue.
|
|||||