Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Total 19962 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-38245 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-09-17 N/A 7.8 HIGH
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38246 1 Microsoft 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more 2024-09-17 N/A 7.0 HIGH
Win32k Elevation of Privilege Vulnerability
CVE-2024-38247 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-09-17 N/A 7.8 HIGH
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38248 1 Microsoft 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more 2024-09-17 N/A 7.0 HIGH
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-38249 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-09-17 N/A 7.8 HIGH
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38250 1 Microsoft 16 Office, Office Long Term Servicing Channel, Windows 10 1507 and 13 more 2024-09-17 N/A 7.8 HIGH
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43457 1 Microsoft 1 Windows 11 24h2 2024-09-17 N/A 7.8 HIGH
Windows Setup and Deployment Elevation of Privilege Vulnerability
CVE-2024-43458 1 Microsoft 2 Windows 10 1607, Windows Server 2016 2024-09-17 N/A 7.7 HIGH
Windows Networking Information Disclosure Vulnerability
CVE-2024-43463 1 Microsoft 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more 2024-09-17 N/A 7.8 HIGH
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43467 1 Microsoft 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more 2024-09-17 N/A 7.5 HIGH
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-43469 1 Microsoft 1 Azure Cyclecloud 2024-09-17 N/A 8.8 HIGH
Azure CycleCloud Remote Code Execution Vulnerability
CVE-2024-0107 2 Microsoft, Nvidia 8 Windows, Cloud Gaming, Geforce and 5 more 2024-09-17 N/A 7.8 HIGH
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2024-43461 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-09-17 N/A 8.8 HIGH
Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-0102 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2024-09-16 N/A 5.5 MEDIUM
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-34127 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-09-16 N/A 5.5 MEDIUM
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-39747 3 Ibm, Linux, Microsoft 4 Aix, Sterling Connect Direct Web Services, Linux Kernel and 1 more 2024-09-16 N/A 9.8 CRITICAL
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality.
CVE-2024-42474 2 Microsoft, Snowflake 2 Windows, Streamlit 2024-09-16 N/A 6.5 MEDIUM
Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Streamlit app(s) on Windows were vulnerable to a path traversal vulnerability when the static file sharing feature is enabled. An attacker could utilize the vulnerability to leak the password hash of the Windows user running Streamlit. The vulnerability was patched on Jul 25, 2024, as part of Streamlit open source version 1.37.0. The vulnerability only affects Windows.
CVE-2024-41857 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-09-16 N/A 7.8 HIGH
Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-39385 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2024-09-16 N/A 5.5 MEDIUM
Premiere Pro versions 24.5, 23.6.8 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-39384 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2024-09-16 N/A 7.8 HIGH
Premiere Pro versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.