Total
277502 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38207 | 1 Microsoft | 1 Edge Chromium | 2024-12-31 | 6.3 Medium |
| Microsoft Edge (HTML-based) Memory Corruption Vulnerability | ||||
| CVE-2024-38208 | 2 Google, Microsoft | 2 Android, Edge | 2024-12-31 | 6.1 Medium |
| Microsoft Edge for Android Spoofing Vulnerability | ||||
| CVE-2024-38175 | 2024-12-31 | 9.6 Critical | ||
| An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate privileges over a network. | ||||
| CVE-2024-38109 | 1 Microsoft | 1 Azure Health Bot | 2024-12-31 | 9.1 Critical |
| An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network. | ||||
| CVE-2024-38223 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-12-31 | 6.8 Medium |
| Windows Initial Machine Configuration Elevation of Privilege Vulnerability | ||||
| CVE-2024-38219 | 1 Microsoft | 1 Edge Chromium | 2024-12-31 | 6.5 Medium |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||||
| CVE-2024-38206 | 1 Microsoft | 1 Copilot Studio | 2024-12-31 | 8.5 High |
| An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. | ||||
| CVE-2024-38166 | 1 Microsoft | 1 Dynamics Crm Service Portal Web Resource | 2024-12-31 | 8.2 High |
| An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link. | ||||
| CVE-2024-38215 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2024-12-31 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38214 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-12-31 | 6.5 Medium |
| Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | ||||
| CVE-2024-38120 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-12-31 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-38211 | 1 Microsoft | 1 Dynamics 365 | 2024-12-31 | 8.2 High |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2024-38200 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-12-31 | 6.5 Medium |
| Microsoft Office Spoofing Vulnerability | ||||
| CVE-2024-38195 | 1 Microsoft | 1 Azure Cyclecloud | 2024-12-31 | 7.8 High |
| Azure CycleCloud Remote Code Execution Vulnerability | ||||
| CVE-2024-38189 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-12-31 | 8.8 High |
| Microsoft Project Remote Code Execution Vulnerability | ||||
| CVE-2024-38187 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2024-12-31 | 7.8 High |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38186 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2024-12-31 | 7.8 High |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38185 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2024-12-31 | 7.8 High |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38180 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-12-31 | 8.8 High |
| Windows SmartScreen Security Feature Bypass Vulnerability | ||||
| CVE-2024-38177 | 1 Microsoft | 1 App Installer | 2024-12-31 | 7.8 High |
| Windows App Installer Spoofing Vulnerability | ||||