CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'...

9CVSS6.7AI score0.03442EPSS

Exploits0References1

CISA KEV Catalog•added 2024/11/12 12:0 a.m.•30 views

Microsoft Windows Task Scheduler Privilege Escalation Vulnerability

Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions...

8.8CVSS7AI score0.13719EPSS

In wildExploits1

VulnCheck KEV•added 2024/11/12 12:0 a.m.•3 views

VulnCheck KEV: CVE-2024-49039

8.8CVSS7.2AI score0.13719EPSS

Exploits1References1

Microsoft KB•added 2024/09/10 7:0 a.m.•310 views

September 10, 2024—KB5042881 (OS Build 20348.2700)

September 10, 2024—KB5042881 OS Build 20348.2700 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out...

9.8CVSS8.7AI score0.70564EPSS

Exploits27

Microsoft KB•added 2024/09/10 7:0 a.m.•345 views

September 10, 2024—KB5043050 (OS Build 17763.6293) - EXPIRED

September 10, 2024—KB5043050 OS Build 17763.6293 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. 11/17/20 For...

9.8CVSS7AI score0.70564EPSS

Exploits27

NCSC•added 2024/07/09 7:39 p.m.•3 views

Vulnerability fixed in Microsoft System Center Defender for IoT

Microsoft has fixed a vulnerability in Defender for IoT. A malicious party can exploit the vulnerability to break out of the AppContainer for IoT devices and potentially execute arbitrary code on the system where the AppContainer is implemented. Microsoft Defender for IoT:...

9.9CVSS7.3AI score0.01164EPSS

Exploits0

Positive Technologies•added 2023/04/11 12:0 a.m.•4 views

PT-2023-2465 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in the Windows CNG Key Isolation Service. This vulnerability is caused by synchronization errors when using a share...

7CVSS9.3AI score0.01872EPSS

Exploits0References37

BDU FSTEC•added 2022/06/27 12:0 a.m.•3 views

The vulnerability affects the implementation of the Kerberos authentication protocol for a isolated software environment called AppContainer on Windows operating systems. This vulnerability allows a attacker to circumvent security restrictions.

The vulnerability of the Kerberos authentication protocol implementation in a isolated software environment called AppContainer on Windows operating systems is related to security configuration errors. Exploiting this vulnerability can allow an attacker to circumvent security restrictions...

8.4CVSS7.5AI score0.01162EPSS

Exploits0References5