Filtered by vendor Microsoft
Subscriptions
Total
20261 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28307 | 1 Microsoft | 8 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 5 more | 2024-10-04 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2023-21712 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2024-10-04 | 8.1 High |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-24898 | 1 Microsoft | 1 Windows Server 2022 | 2024-10-04 | 7.5 High |
| Windows SMB Denial of Service Vulnerability | ||||
| CVE-2023-24899 | 1 Microsoft | 5 Windows 11 21h2, Windows 11 21h2, Windows 11 22h2 and 2 more | 2024-10-04 | 7 High |
| Windows Graphics Component Elevation of Privilege Vulnerability | ||||
| CVE-2023-4417 | 2 Devolutions, Microsoft | 2 Remote Desktop Manager, Windows | 2024-10-04 | 6.5 Medium |
| Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and earlier versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults via an incorrect vault in the duplication write process. | ||||
| CVE-2022-26488 | 3 Microsoft, Netapp, Python | 4 Windows, Active Iq Unified Manager, Ontap Select Deploy Administration Utility and 1 more | 2024-10-04 | 7.0 High |
| In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2. | ||||
| CVE-2023-24900 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2024-10-04 | 5.9 Medium |
| Windows NTLM Security Support Provider Information Disclosure Vulnerability | ||||
| CVE-2023-24940 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2024-10-04 | 7.5 High |
| Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability | ||||
| CVE-2023-24941 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 2 more | 2024-10-04 | 9.8 Critical |
| Windows Network File System Remote Code Execution Vulnerability | ||||
| CVE-2023-24949 | 1 Microsoft | 13 Windows 10 1809, Windows 10 20h2, Windows 10 20h2 and 10 more | 2024-10-04 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-29341 | 1 Microsoft | 1 Av1 Video Extension | 2024-10-04 | 7.8 High |
| AV1 Video Extension Remote Code Execution Vulnerability | ||||
| CVE-2020-19725 | 1 Microsoft | 1 Z3 | 2024-10-04 | 7.8 High |
| There is a use-after-free vulnerability in file pdd_simplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempt to simplify the constraints and causes unexpected memory access. It can cause segmentation faults or arbitrary code execution. | ||||
| CVE-2023-3937 | 2 Microsoft, Snowsoftware | 2 Windows, Snow License Manager | 2024-10-03 | 4.8 Medium |
| Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser | ||||
| CVE-2022-35752 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-10-03 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2022-35751 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-10-03 | 7.8 High |
| Windows Hyper-V Elevation of Privilege Vulnerability | ||||
| CVE-2022-35750 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-10-03 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2022-35749 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2024-10-03 | 7.8 High |
| Windows Digital Media Receiver Elevation of Privilege Vulnerability | ||||
| CVE-2022-35748 | 1 Microsoft | 7 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 4 more | 2024-10-03 | 7.5 High |
| HTTP.sys Denial of Service Vulnerability | ||||
| CVE-2022-35746 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-10-03 | 7.8 High |
| Windows Digital Media Receiver Elevation of Privilege Vulnerability | ||||
| CVE-2022-35745 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-10-03 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||