Filtered by vendor Microsoft
Subscriptions
Total
23035 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-52537 | 3 Dell, Linux, Microsoft | 5 Dock Hd22q Firmware Update Utility, Dock Wd19 Firmware Update Utility, Dock Wd22tb4 Firmware Update Utility and 2 more | 2025-02-04 | 6.3 Medium |
| Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | ||||
| CVE-2023-2282 | 2 Devolutions, Microsoft | 2 Remote Desktop Manager, Windows | 2025-02-04 | 3.1 Low |
| Improper access control in the Web Login listener in Devolutions Remote Desktop Manager 2023.1.22 and earlier on Windows allows an authenticated user to bypass administrator-enforced Web Login restrictions and gain access to entries via an unexpected vector. | ||||
| CVE-2022-3405 | 3 Acronis, Linux, Microsoft | 4 Cyber Backup, Cyber Protect, Linux Kernel and 1 more | 2025-02-03 | 8.8 High |
| Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. | ||||
| CVE-2023-38729 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, Db2 and 5 more | 2025-01-31 | 6.8 Medium |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT. | ||||
| CVE-2023-30443 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2025-01-31 | 5.3 Medium |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. | ||||
| CVE-2022-45456 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2025-01-30 | 7.5 High |
| Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 30161. | ||||
| CVE-2023-25930 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2025-01-30 | 5.9 Medium |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862. | ||||
| CVE-2022-48482 | 2 3cx, Microsoft | 2 3cx, Windows | 2025-01-30 | 7.5 High |
| 3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs. | ||||
| CVE-2022-30995 | 3 Acronis, Linux, Microsoft | 4 Cyber Backup, Cyber Protect, Linux Kernel and 1 more | 2025-01-30 | 7.5 High |
| Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. | ||||
| CVE-2024-4712 | 2 Microsoft, Papercut | 3 Windows, Papercut Mf, Papercut Ng | 2025-01-30 | 7.8 High |
| An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead to local privilege escalation. Note: This CVE has been split into two (CVE-2024-4712 and CVE-2024-8405) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server. | ||||
| CVE-2022-33973 | 2 Intel, Microsoft | 3 Wlan Authentication And Privacy Infrastructure, Windows 10, Windows 11 | 2025-01-29 | 3.3 Low |
| Improper access control in the Intel(R) WAPI Security software for Windows 10/11 before version 22.2150.0.1 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2023-22372 | 3 Apple, F5, Microsoft | 3 Macos, Big-ip Access Policy Manager, Windows | 2025-01-29 | 5.9 Medium |
| In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-24461 | 3 Apple, F5, Microsoft | 3 Macos, Big-ip Access Policy Manager, Windows | 2025-01-29 | 7.4 High |
| An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-30268 | 2 Cltphp, Microsoft | 2 Cltphp, Windows | 2025-01-29 | 9.8 Critical |
| CLTPHP <=6.0 is vulnerable to Improper Input Validation. | ||||
| CVE-2024-37965 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-29 | 8.8 High |
| Microsoft SQL Server Elevation of Privilege Vulnerability | ||||
| CVE-2023-32336 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-01-27 | 8.8 High |
| IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285. | ||||
| CVE-2022-26509 | 3 Intel, Linux, Microsoft | 3 Sgx Sdk, Linux Kernel, Windows | 2025-01-27 | 2.5 Low |
| Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2022-26841 | 3 Intel, Linux, Microsoft | 3 Sgx Sdk, Linux Kernel, Windows | 2025-01-27 | 2.5 Low |
| Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-30531 | 2 Intel, Microsoft | 2 Iris Xe Max Dedicated Graphics, Windows | 2025-01-27 | 4.4 Medium |
| Out-of-bounds read in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1474 may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2022-34849 | 2 Intel, Microsoft | 2 Iris Xe Max Dedicated Graphics, Windows | 2025-01-27 | 4.4 Medium |
| Uncaught exception in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1436(v2) may allow a privileged user to potentially enable denial of service via local access. | ||||