Filtered by vendor Microsoft
Subscribe
Total
21800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-21296 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | N/A |
| BranchCache Remote Code Execution Vulnerability | |||||
| CVE-2025-21295 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | N/A |
| SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | |||||
| CVE-2025-21299 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-24 | N/A | 7.8 HIGH |
| Windows Kerberos Security Feature Bypass Vulnerability | |||||
| CVE-2025-21297 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-01-24 | N/A | 8.1 HIGH |
| Windows Remote Desktop Services Remote Code Execution Vulnerability | |||||
| CVE-2025-21298 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | N/A |
| Windows OLE Remote Code Execution Vulnerability | |||||
| CVE-2025-21289 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | N/A |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2025-21293 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-24 | N/A | N/A |
| Active Directory Domain Services Elevation of Privilege Vulnerability | |||||
| CVE-2025-21288 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | N/A |
| Windows COM Server Information Disclosure Vulnerability | |||||
| CVE-2025-21291 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2025-01-24 | N/A | N/A |
| Windows Direct Show Remote Code Execution Vulnerability | |||||
| CVE-2025-21290 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | N/A |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2025-21292 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-01-24 | N/A | N/A |
| Windows Search Service Elevation of Privilege Vulnerability | |||||
| CVE-2024-1884 | 4 Apple, Linux, Microsoft and 1 more | 5 Macos, Linux Kernel, Windows and 2 more | 2025-01-23 | N/A | 6.5 MEDIUM |
| This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. | |||||
| CVE-2024-1883 | 4 Apple, Linux, Microsoft and 1 more | 5 Macos, Linux Kernel, Windows and 2 more | 2025-01-23 | N/A | 6.1 MEDIUM |
| This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server. An attacker can exploit this weakness by crafting a malicious URL that contains a script. When an unsuspecting user clicks on this malicious link, it could potentially lead to limited loss of confidentiality, integrity or availability. | |||||
| CVE-2024-1882 | 4 Apple, Linux, Microsoft and 1 more | 5 Macos, Linux Kernel, Windows and 2 more | 2025-01-23 | N/A | 7.2 HIGH |
| This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server. | |||||
| CVE-2024-1223 | 4 Apple, Linux, Microsoft and 1 more | 5 Macos, Linux Kernel, Windows and 2 more | 2025-01-23 | N/A | 4.8 MEDIUM |
| This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in a specific runtime state. | |||||
| CVE-2024-1654 | 4 Apple, Linux, Microsoft and 1 more | 5 Macos, Linux Kernel, Windows and 2 more | 2025-01-23 | N/A | 7.2 HIGH |
| This vulnerability potentially allows unauthorized write operations which may lead to remote code execution. An attacker must already have authenticated admin access and knowledge of both an internal system identifier and details of another valid user to exploit this. | |||||
| CVE-2024-1222 | 4 Apple, Linux, Microsoft and 1 more | 5 Macos, Linux Kernel, Windows and 2 more | 2025-01-23 | N/A | 9.8 CRITICAL |
| This allows attackers to use a maliciously formed API request to gain access to an API authorization level with elevated privileges. This applies to a small subset of PaperCut NG/MF API calls. | |||||
| CVE-2023-36884 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-23 | N/A | N/A |
| Windows Search Remote Code Execution Vulnerability | |||||
| CVE-2023-36874 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-23 | N/A | N/A |
| Windows Error Reporting Service Elevation of Privilege Vulnerability | |||||
| CVE-2023-36761 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-01-23 | N/A | 6.5 MEDIUM |
| Microsoft Word Information Disclosure Vulnerability | |||||