CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

247 matches found

MSRC•added 2024/10/23 7:0 a.m.•15 views

Congratulations to the Top MSRC 2024 Q3 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q3 Security Researcher Leaderboard are wkai,...

7.2AI score

Exploits0

Packet Storm•added 2024/08/31 12:0 a.m.•1373 views

CVE-2023-21554 QueueJumper - MSMQ Remote Code Execution Check

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'bindata' class MetasploitModule 'CVE-2023-21554 - QueueJumper - MSMQ RCE Check', 'Description' = %q This module checks the provided hosts for the CVE-2023-21554...

9.8CVSS7AI score0.91896EPSS

Exploits7

MSRC•added 2024/08/06 7:0 a.m.•12 views

Congratulations to the MSRC 2024 Most Valuable Security Researchers!

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s 100 Most...

7.5AI score

Exploits0

MSRC•added 2024/08/05 7:0 a.m.•16 views

Microsoft Bounty Program Year in Review: $16.6M in Rewards

We are excited to announce that this year the Microsoft Bounty Program has awarded $16.6M in bounty awards to 343 security researchers from 55 countries, securing Microsoft customers in partnership with the Microsoft Security Response Center MSRC. Each year we identify over a thousand potential...

7.3AI score

Exploits0

MSRC•added 2024/07/31 7:0 a.m.•12 views

Introducing the MSRC Researcher Resource Center

Microsoft partners with the global security researcher community to surface and report security vulnerabilities to protect all users of Microsoft products and services. Researcher submissions help us address immediate threats while also identifying trends and insights to holistically improve the...

7.5AI score

Exploits0

MSRC•added 2024/07/03 7:0 a.m.•45 views

What’s new in the MSRC Report Abuse Portal and API

The Microsoft Security Response Center MSRC has always been at the forefront of addressing cyber threats, privacy issues, and abuse arising from Microsoft Online Services. Building on our commitment, we have introduced several updates to the Report Abuse Portal and API, which will significantly...

7.2AI score

Exploits0

MSRC•added 2024/04/17 7:0 a.m.•17 views

Congratulations to the Top MSRC 2024 Q1 Security Researchers!

7.2AI score

Exploits0

Github Security Blog•added 2024/03/13 5:14 p.m.•30 views

Remote Denial of Service Vulnerability in Microsoft QUIC

Impact The MsQuic server will continue to leak memory until no more is available, resulting in a denial of service. Patches The following patch was made: - Fix Memory Leak from Multiple Decodes of TP - https://github.com/microsoft/msquic/commit/5d070d661c45979946615289e92bb6b822efe9e9 Workarounds...

7.5CVSS7AI score0.00907EPSS

Exploits0References5Affected Software2

OSV•added 2024/03/13 5:14 p.m.•29 views

GHSA-2X7M-GF85-3745 Remote Denial of Service Vulnerability in Microsoft QUIC

7.5CVSS7.2AI score0.00907EPSS

Exploits0References5

Github Security Blog•added 2024/02/13 9:18 p.m.•55 views

NuGet Client Security Feature Bypass Vulnerability

Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A security feature bypass...

9.8CVSS7.3AI score0.03635EPSS

Exploits0References7Affected Software2

MSRC•added 2024/01/30 8:0 a.m.•23 views

Congratulations to the Top MSRC 2023 Q4 Security Researchers!

7.2AI score

Exploits0

Cvelist•added 2024/01/15 12:13 p.m.•27 views

CVE-2024-20709 New Edge T5 MSRC Case [DCMSFT-1081]

Acrobat Reader T5 MSFT Edge versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue...

5.5CVSS5.7AI score0.00222EPSS

Exploits0References1

MSRC•added 2023/10/16 7:0 a.m.•24 views

Congratulations to the Top MSRC 2023 Q3 Security Researchers!

6.8AI score

Exploits0

MSRC•added 2023/07/14 7:0 a.m.•21 views

Congratulations to the Top MSRC 2023 Q2 Security Researchers!

6.8AI score

Exploits0

Rapid7 Blog•added 2023/07/11 9:50 p.m.•129 views

Patch Tuesday - July 2023

Microsoft is addressing 130 vulnerabilities this July Patch Tuesday, including five zero-day vulnerabilities, and eight further critical remote code execution RCE vulnerabilities. Overall, it’s safe to say that this is a busier Patch Tuesday than the past couple of months. Note that the total cou...

9.3CVSS9.2AI score0.93596EPSS

Exploits74

MSRC•added 2023/04/18 7:0 a.m.•14 views

Microsoft Vulnerability Severity Classification for Online Services Publication

The Microsoft Security Response Center MSRC is always looking for ways to provide clarity and transparency around how we assess the impact of vulnerabilities reported in our products and services. We have published a new Microsoft Vulnerability Severity Classification for Online Services to provi...

6.8AI score

Exploits0

MSRC•added 2023/04/13 7:0 a.m.•20 views

Congratulations to the Top MSRC 2023 Q1 Security Researchers!

6.6AI score

Exploits0

MSRC•added 2023/04/13 7:0 a.m.•13 views

Congratulations to the Top MSRC 2023 Q1 Security Researchers!

7.2AI score

Exploits0