Filtered by vendor Microsoft
Subscribe
Total
22989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38204 | 1 Microsoft | 1 Azure Functions | 2024-11-08 | N/A | 6.5 MEDIUM |
|
Improper Access Control in Imagine Cup allows an authorized attacker to elevate privileges over a network.
|
|||||
| CVE-2024-0129 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2024-11-08 | N/A | 7.8 HIGH |
|
NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful exploit of this vulnerability may lead to code execution and data tampering.
|
|||||
| CVE-2024-38139 | 1 Microsoft | 1 Dataverse | 2024-11-08 | N/A | 8.8 HIGH |
|
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
|
|||||
| CVE-2024-34121 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-11-01 | N/A | 7.8 HIGH |
|
Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-8592 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2024-11-01 | N/A | 7.8 HIGH |
|
A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
|
|||||
| CVE-2024-45182 | 2 Microsoft, Wibu | 2 Windows, Wibukey | 2024-10-29 | N/A | 5.5 MEDIUM |
|
An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulting in Denial of Service.
|
|||||
| CVE-2024-38197 | 1 Microsoft | 1 Teams | 2024-10-22 | N/A | 6.5 MEDIUM |
|
Microsoft Teams for iOS Spoofing Vulnerability
|
|||||
| CVE-2024-38265 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38261 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 7.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38212 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43593 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43592 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43589 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43453 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43607 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43608 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43611 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 8.8 HIGH |
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38124 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 9.0 CRITICAL |
|
Windows Netlogon Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38129 | 1 Microsoft | 1 Windows Server 2022 23h2 | 2024-10-22 | N/A | 6.6 MEDIUM |
|
Windows Kerberos Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-38149 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-10-22 | N/A | 7.5 HIGH |
|
BranchCache Denial of Service Vulnerability
|
|||||
| CVE-2024-38262 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-22 | N/A | 7.5 HIGH |
|
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
|
|||||
| CVE-2024-38179 | 1 Microsoft | 1 Azure Stack Hci | 2024-10-22 | N/A | 8.8 HIGH |
|
Azure Stack Hyperconverged Infrastructure (HCI) Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-43456 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-10-21 | N/A | 7.4 HIGH |
|
Windows Remote Desktop Services Tampering Vulnerability
|
|||||
| CVE-2024-43504 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2024-10-21 | N/A | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43488 | 1 Microsoft | 1 Visual Studio Code | 2024-10-21 | N/A | 9.8 CRITICAL |
|
Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.
|
|||||
| CVE-2024-43615 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2024-10-21 | N/A | 7.1 HIGH |
|
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43612 | 1 Microsoft | 1 Power Bi Report Server | 2024-10-21 | N/A | 4.7 MEDIUM |
|
Power BI Report Server Spoofing Vulnerability
|
|||||
| CVE-2024-43616 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-10-21 | N/A | 7.8 HIGH |
|
Microsoft Office Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43485 | 3 Apple, Linux, Microsoft | 5 Macos, Linux Kernel, .net and 2 more | 2024-10-21 | N/A | 7.5 HIGH |
|
.NET and Visual Studio Denial of Service Vulnerability
|
|||||
| CVE-2024-43483 | 3 Apple, Linux, Microsoft | 21 Macos, Linux Kernel, .net and 18 more | 2024-10-21 | N/A | 7.5 HIGH |
|
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
|
|||||
| CVE-2024-45071 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-10-21 | N/A | 4.8 MEDIUM |
|
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
|
|||||
| CVE-2024-45072 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-10-21 | N/A | 5.5 MEDIUM |
|
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources.
|
|||||
| CVE-2024-49023 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 5.3 MEDIUM |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43578 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 8.3 HIGH |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43596 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 8.8 HIGH |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43595 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 8.8 HIGH |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43587 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 8.1 HIGH |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43579 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 8.3 HIGH |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43566 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 9.8 CRITICAL |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2024-43580 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 5.4 MEDIUM |
|
Microsoft Edge (Chromium-based) Spoofing Vulnerability
|
|||||