Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Total 19962 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-0007 5 C2net, Hp, Microsoft and 2 more 13 Stonghold Web Server, Open Market Secure Webserver, Exchange Server and 10 more 2024-11-20 5.0 MEDIUM N/A
Information from SSL-encrypted sessions via PKCS #1.
CVE-2024-39726 3 Ibm, Linux, Microsoft 3 Engineering Lifecycle Optimization - Engineering Insights, Linux Kernel, Windows 2024-11-19 N/A 8.2 HIGH
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
CVE-2024-49536 3 Adobe, Apple, Microsoft 3 Audition, Macos, Windows 2024-11-19 N/A 5.5 MEDIUM
Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-43447 1 Microsoft 1 Windows Server 2022 2024-11-19 N/A 8.1 HIGH
Windows SMBv3 Server Remote Code Execution Vulnerability
CVE-2024-38264 1 Microsoft 5 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 2 more 2024-11-19 N/A 5.9 MEDIUM
Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability
CVE-2024-43449 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-11-19 N/A 6.8 MEDIUM
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2024-43450 1 Microsoft 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more 2024-11-19 N/A 7.5 HIGH
Windows DNS Spoofing Vulnerability
CVE-2024-43452 1 Microsoft 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more 2024-11-19 N/A 7.5 HIGH
Windows Registry Elevation of Privilege Vulnerability
CVE-2024-43459 1 Microsoft 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 2024-11-19 N/A 8.8 HIGH
SQL Server Native Client Remote Code Execution Vulnerability
CVE-2024-43462 1 Microsoft 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 2024-11-19 N/A 8.8 HIGH
SQL Server Native Client Remote Code Execution Vulnerability
CVE-2024-43498 3 Apple, Linux, Microsoft 5 Macos, Linux Kernel, .net and 2 more 2024-11-19 N/A 9.8 CRITICAL
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-43499 3 Apple, Linux, Microsoft 5 Macos, Linux Kernel, .net and 2 more 2024-11-19 N/A 7.5 HIGH
.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-48993 1 Microsoft 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 2024-11-19 N/A 8.8 HIGH
SQL Server Native Client Remote Code Execution Vulnerability
CVE-2022-1884 2 Gogs, Microsoft 2 Gogs, Windows 2024-11-19 N/A 9.8 CRITICAL
A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` to upload a file into the .git directory, allowing them to write or rewrite the `.git/config` file. If the `core.sshCommand` is set, this can lead to remote command execution.
CVE-2024-43530 1 Microsoft 5 Windows 10 21h2, Windows 10 22h2, Windows 11 22h2 and 2 more 2024-11-19 N/A 7.8 HIGH
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-43598 1 Microsoft 1 Lightgbm 2024-11-19 N/A 8.1 HIGH
LightGBM Remote Code Execution Vulnerability
CVE-2024-43602 1 Microsoft 1 Azure Cyclecloud 2024-11-19 N/A 9.9 CRITICAL
Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-43624 1 Microsoft 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more 2024-11-19 N/A 8.8 HIGH
Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability
CVE-2024-43626 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-11-19 N/A 7.8 HIGH
Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2024-43630 1 Microsoft 6 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 3 more 2024-11-18 N/A 7.8 HIGH
Windows Kernel Elevation of Privilege Vulnerability