Filtered by vendor Microsoft
Subscribe
Total
22989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21864 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
Windows UI Immersive Server API Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21863 | 1 Microsoft | 4 Windows 10, Windows Server, Windows Server 2016 and 1 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
Windows StateRepository API Server file Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21862 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
Windows Application Model Core API Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21861 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-11-21 | 7.2 HIGH | 7.0 HIGH |
|
Task Flow Data Engine Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21860 | 1 Microsoft | 4 Windows 10, Windows Server, Windows Server 2016 and 1 more | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
Windows AppContracts API Server Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21859 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
Windows Accounts Control Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21858 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows Bind Filter Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21857 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
Active Directory Domain Services Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21855 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 7.7 HIGH | 9.0 CRITICAL |
|
Microsoft Exchange Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21852 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows DWM Core Library Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21851 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Remote Desktop Client Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21850 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Remote Desktop Client Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21849 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2024-11-21 | 9.3 HIGH | 9.8 CRITICAL |
|
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21848 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.1 HIGH | 7.5 HIGH |
|
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
|
|||||
| CVE-2022-21847 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-11-21 | 4.9 MEDIUM | 6.5 MEDIUM |
|
Windows Hyper-V Denial of Service Vulnerability
|
|||||
| CVE-2022-21846 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 8.3 HIGH | 9.0 CRITICAL |
|
Microsoft Exchange Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21845 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
|
Windows Kernel Information Disclosure Vulnerability
|
|||||
| CVE-2022-21844 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21843 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21842 | 1 Microsoft | 2 Sharepoint Enterprise Server, Word | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Word Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21841 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21840 | 1 Microsoft | 6 Excel, Office, Office Online Server and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Microsoft Office Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21839 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2024-11-21 | 2.1 LOW | 6.1 MEDIUM |
|
Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability
|
|||||
| CVE-2022-21838 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 5.5 MEDIUM |
|
Windows Cleanup Manager Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21837 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 9.0 HIGH | 8.3 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21836 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows Certificate Spoofing Vulnerability
|
|||||
| CVE-2022-21835 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21834 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.0 HIGH |
|
Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21833 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Virtual Machine IDE Drive Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21821 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity.
|
|||||
| CVE-2022-21817 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Omniverse Launcher | 2024-11-21 | 5.8 MEDIUM | 9.3 CRITICAL |
|
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.
|
|||||
| CVE-2022-21815 | 2 Microsoft, Nvidia | 10 Windows, Cloud Gaming Guest, Geforce and 7 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.
|
|||||
| CVE-2022-21221 | 2 Fasthttp Project, Microsoft | 2 Fasthttp, Windows | 2024-11-21 | 5.0 MEDIUM | 5.9 MEDIUM |
|
The package github.com/valyala/fasthttp before 1.34.0 are vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. **Note:** This security issue impacts Windows users only.
|
|||||
| CVE-2022-21155 | 4 Apple, Fernhillsoftware, Linux and 1 more | 4 Macos, Scada Server, Linux Kernel and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause an exception, causing the server process (FHSvrService.exe) to exit.
|
|||||
| CVE-2022-1992 | 2 Gogs, Microsoft | 2 Gogs, Windows | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.
|
|||||
| CVE-2022-1901 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2024-11-21 | N/A | 5.3 MEDIUM |
|
In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview.
|
|||||
| CVE-2022-1794 | 2 Codesys, Microsoft | 2 Opc Da Server, Windows | 2024-11-21 | 4.7 MEDIUM | 5.5 MEDIUM |
|
The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its configuration file so that it is visible to all authorized Microsoft Windows users of the system.
|
|||||
| CVE-2022-1128 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page.
|
|||||
| CVE-2022-0883 | 2 Microsoft, Snowsoftware | 2 Windows, Snow License Manager | 2024-11-21 | 4.6 MEDIUM | 7.3 HIGH |
|
SLM has an issue with Windows Unquoted/Trusted Service Paths Security Issue. All installations version 9.x.x prior to 9.20.1 should be patched.
|
|||||
| CVE-2022-0807 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
|||||