Filtered by vendor Microsoft
Subscriptions
Total
23035 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-35080 | 2 Ivanti, Microsoft | 2 Secure Access Client, Windows | 2025-01-07 | 7.8 High |
| A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure. | ||||
| CVE-2022-31693 | 2 Microsoft, Vmware | 2 Windows, Tools | 2025-01-07 | 5.5 Medium |
| VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a denial-of-service condition in the Windows guest OS. | ||||
| CVE-2024-37980 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2025-01-07 | 8.8 High |
| Microsoft SQL Server Elevation of Privilege Vulnerability | ||||
| CVE-2024-43474 | 1 Microsoft | 2 Sql Server 2017, Sql Server 2019 | 2025-01-07 | 7.6 High |
| Microsoft SQL Server Information Disclosure Vulnerability | ||||
| CVE-2024-45073 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, Websphere Application Server and 4 more | 2025-01-07 | 4.8 Medium |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2023-34367 | 1 Microsoft | 1 Windows 7 | 2025-01-06 | 6.5 Medium |
| Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in Windows 7 (any Windows until Windows 8) and in any implementation of TCP/IP, which is vulnerable to the Idle scan attack (including many IoT devices). NOTE: The vendor considers this a low severity issue. | ||||
| CVE-2019-16283 | 2 Hp, Microsoft | 2 Softpaq Installer, Windows | 2025-01-06 | 7.8 High |
| A potential security vulnerability has been identified with a version of the HP Softpaq installer that can lead to arbitrary code execution. | ||||
| CVE-2024-12108 | 2 Microsoft, Progress | 2 Windows, Whatsup Gold | 2025-01-06 | 9.6 Critical |
| In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API. | ||||
| CVE-2023-5528 | 4 Fedoraproject, Kubernetes, Microsoft and 1 more | 4 Fedora, Kubernetes, Windows and 1 more | 2025-01-03 | 7.2 High |
| A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes. | ||||
| CVE-2022-41083 | 1 Microsoft | 1 Jupyter | 2025-01-02 | 7.8 High |
| Visual Studio Code Elevation of Privilege Vulnerability | ||||
| CVE-2022-41081 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | 8.1 High |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2022-41064 | 1 Microsoft | 12 .net Framework, Nuget, Windows 10 and 9 more | 2025-01-02 | 5.8 Medium |
| .NET Framework Information Disclosure Vulnerability | ||||
| CVE-2022-41043 | 1 Microsoft | 2 Office, Office Long Term Servicing Channel | 2025-01-02 | 3.3 Low |
| Microsoft Office Information Disclosure Vulnerability | ||||
| CVE-2022-41042 | 1 Microsoft | 1 Visual Studio Code | 2025-01-02 | 7.4 High |
| Visual Studio Code Information Disclosure Vulnerability | ||||
| CVE-2022-41038 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-01-02 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2022-41037 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-01-02 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2022-41036 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-01-02 | 8.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2022-41035 | 1 Microsoft | 1 Edge Chromium | 2025-01-02 | 5.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2022-41034 | 1 Microsoft | 1 Visual Studio Code | 2025-01-02 | 7.8 High |
| Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2022-41031 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-01-02 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||