Filtered by vendor Microsoft
Subscribe
Total
21800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25738 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2025-01-09 | N/A | 6.5 MEDIUM |
| Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | |||||
| CVE-2024-49038 | 1 Microsoft | 1 Copilot Studio | 2025-01-09 | N/A | 9.6 CRITICAL |
| Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network. | |||||
| CVE-2024-29992 | 1 Microsoft | 1 Azure Identity Library For .net | 2025-01-09 | N/A | N/A |
| Azure Identity Library for .NET Information Disclosure Vulnerability | |||||
| CVE-2024-29993 | 1 Microsoft | 1 Azure Cyclecloud | 2025-01-09 | N/A | N/A |
| Azure CycleCloud Elevation of Privilege Vulnerability | |||||
| CVE-2024-21417 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-09 | N/A | N/A |
| Windows Text Services Framework Elevation of Privilege Vulnerability | |||||
| CVE-2024-29989 | 1 Microsoft | 1 Azure Monitor Agent | 2025-01-09 | N/A | N/A |
| Azure Monitor Agent Elevation of Privilege Vulnerability | |||||
| CVE-2024-29990 | 1 Microsoft | 1 Azure Kubernetes Service Confidential Containers | 2025-01-09 | N/A | 9.0 CRITICAL |
| Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | |||||
| CVE-2024-29064 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-09 | N/A | 5.5 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| CVE-2024-29063 | 1 Microsoft | 1 Azure Ai Search | 2025-01-09 | N/A | 5.5 MEDIUM |
| Azure AI Search Information Disclosure Vulnerability | |||||
| CVE-2024-38182 | 1 Microsoft | 1 Dynamics 365 | 2025-01-08 | N/A | 9.8 CRITICAL |
| Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network. | |||||
| CVE-2024-5828 | 4 Hitachi, Linux, Microsoft and 1 more | 4 Tuning Manager, Linux Kernel, Windows and 1 more | 2025-01-08 | N/A | 9.8 CRITICAL |
| Expression Language Injection vulnerability in Hitachi Tuning Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Tuning Manager: before 8.8.7-00. | |||||
| CVE-2024-38218 | 1 Microsoft | 1 Edge Chromium | 2025-01-08 | N/A | 7.8 HIGH |
| Microsoft Edge (HTML-based) Memory Corruption Vulnerability | |||||
| CVE-2024-38163 | 1 Microsoft | 4 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 1 more | 2025-01-08 | N/A | N/A |
| Windows Update Stack Elevation of Privilege Vulnerability | |||||
| CVE-2024-30056 | 1 Microsoft | 1 Edge Chromium | 2025-01-08 | N/A | 5.4 MEDIUM |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | |||||
| CVE-2023-33693 | 2 Microsoft, Tsingsee | 2 Windows, Easyplayerpro | 2025-01-08 | N/A | 5.5 MEDIUM |
| A buffer overflow in EasyPlayerPro-Win v3.2.19.0106 to v3.6.19.0823 allows attackers to cause a Denial of Service (DoS) via a crafted XML file. | |||||
| CVE-2024-30041 | 1 Microsoft | 1 Bing Search | 2025-01-08 | N/A | N/A |
| Microsoft Bing Search Spoofing Vulnerability | |||||
| CVE-2024-30042 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2025-01-08 | N/A | N/A |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2024-30043 | 1 Microsoft | 1 Sharepoint Server | 2025-01-08 | N/A | 7.5 HIGH |
| Microsoft SharePoint Server Information Disclosure Vulnerability | |||||
| CVE-2024-30044 | 1 Microsoft | 1 Sharepoint Server | 2025-01-08 | N/A | N/A |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2024-30045 | 1 Microsoft | 3 .net, Powershell, Visual Studio 2022 | 2025-01-08 | N/A | N/A |
| .NET and Visual Studio Remote Code Execution Vulnerability | |||||