Filtered by vendor Microsoft
Subscriptions
Total
19218 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-30074 | 1 Microsoft | 1 Windows Server 2008 | 2024-06-27 | 8.0 High |
| Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | ||||
| CVE-2024-30072 | 1 Microsoft | 3 Windows 11 22h2, Windows 11 23h2, Windows Server 2022 23h2 | 2024-06-27 | 7.8 High |
| Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | ||||
| CVE-2024-30070 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2024-06-27 | 7.5 High |
| DHCP Server Service Denial of Service Vulnerability | ||||
| CVE-2024-30069 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-06-27 | 4.7 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2021-31969 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-06-26 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2021-31967 | 1 Microsoft | 1 Vp9 Video Extensions | 2024-06-26 | 7.8 High |
| VP9 Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2023-6105 | 3 Linux, Microsoft, Zohocorp | 41 Linux Kernel, Windows, Manageengine Access Manager Plus and 38 more | 2024-06-26 | 5.5 Medium |
| An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database. | ||||
| CVE-2010-5175 | 2 Microsoft, Pwicorp | 2 Windows Xp, Privatefirewall | 2024-06-26 | N/A |
| Race condition in PrivateFirewall 7.0.20.37 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | ||||
| CVE-2010-5164 | 2 Kingsoft, Microsoft | 2 Personal Firewall 9, Windows Xp | 2024-06-26 | N/A |
| Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | ||||
| CVE-2010-5153 | 2 Avira, Microsoft | 2 Premium Security Suite, Windows Xp | 2024-06-26 | N/A |
| Race condition in Avira Premium Security Suite 10.0.0.536 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | ||||
| CVE-2024-33881 | 2 Microsoft, Virtosoftware | 2 Sharepoint Server, Sharepoint Bulk File Download | 2024-06-26 | 5.3 Medium |
| An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter. | ||||
| CVE-2024-33880 | 2 Microsoft, Virtosoftware | 2 Sharepoint Server, Sharepoint Bulk File Download | 2024-06-26 | 5.3 Medium |
| An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It discloses full pathnames via Virto.SharePoint.FileDownloader/Api/Download.ashx?action=archive. | ||||
| CVE-2024-33879 | 2 Microsoft, Virtosoftware | 2 Sharepoint Server, Sharepoint Bulk File Download | 2024-06-26 | 9.8 Critical |
| An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path parameter. | ||||
| CVE-2023-32049 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2024-06-25 | 8.8 High |
| Windows SmartScreen Security Feature Bypass Vulnerability | ||||
| CVE-2018-4233 | 3 Apple, Canonical, Microsoft | 8 Icloud, Iphone Os, Itunes and 5 more | 2024-06-25 | N/A |
| An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2022-29144 | 1 Microsoft | 1 Edge Chromium | 2024-06-24 | 7.5 High |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2022-26924 | 1 Microsoft | 1 Yet Another Reverse Proxy | 2024-06-24 | 7.5 High |
| YARP Denial of Service Vulnerability | ||||
| CVE-2022-26921 | 1 Microsoft | 1 Visual Studio Code | 2024-06-24 | 7.3 High |
| Visual Studio Code Elevation of Privilege Vulnerability | ||||
| CVE-2022-26912 | 1 Microsoft | 1 Edge Chromium | 2024-06-24 | 8.3 High |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2022-26911 | 1 Microsoft | 2 Lync Server, Skype For Business Server | 2024-06-24 | 6.5 Medium |
| Skype for Business Information Disclosure Vulnerability | ||||