22107 matches found
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
...
Microsoft Teams for Android Information Disclosure Vulnerability
...
Windows Hyper-V Information Disclosure Vulnerability
...
Chromium: CVE-2021-38000 Insufficient validation of untrusted input in Intents
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that exploits for this vulnerability exist in the wild...
Windows TCP/IP Denial of Service Vulnerability
...
Chromium: CVE-2026-14062 Inappropriate implementation in Views
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows Hyper-V Information Disclosure Vulnerability
...
Azure Storage Library Information Disclosure Vulnerability
...
VP9 Video Extensions Remote Code Execution Vulnerability
...
Microsoft SharePoint Remote Code Execution Vulnerability
...
Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)
Executive Summary This advisory addresses CVE-2019-16863. A security vulnerability exists in certain Trusted Platform Module TPM chipsets. The vulnerability weakens key confidentiality protection for a specific algorithm ECDSA. It is important to note that this is a TPM firmware vulnerability, an...
Microsoft Browser Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs. This could allow an attacker to cause a user to access a URL in a less restricted Internet Security Zone than intended. To exploit this vulnerability, a...
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
Improper link resolution before file access 'link following' in Microsoft AutoUpdate MAU allows an authorized attacker to elevate privileges locally...
Chromium: CVE-2024-7976 Inappropriate implementation in FedCM
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Intel: CVE-2022-0001 Branch History Injection
This CVE was assigned by Intel. Please see CVE-2022-0001 on CVE.org for more information...
HTTP Protocol Stack Remote Code Execution Vulnerability
...
Windows Overlay Filter Elevation of Privilege Vulnerability
...
Microsoft Word Remote Code Execution Vulnerability
...
Windows Kernel Elevation of Privilege Vulnerability
...
SMB Client and Server Remote Code Execution Vulnerability
...
Windows Graphics Component Information Disclosure Vulnerability
...
Microsoft Office Graphics Remote Code Execution Vulnerability
...
Chromium: CVE-2026-13865 Insufficient validation of untrusted input in Enterprise
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-13947 Uninitialized Use in XR
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14013 Inappropriate implementation in SVG
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-13860 Incorrect security UI in Autofill
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2024-7975 Inappropriate implementation in Permissions
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows Named Pipe Filesystem Elevation of Privilege Vulnerability
...
Service Fabric Explorer Spoofing Vulnerability
...
Power BI Report Server Spoofing Vulnerability
...
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
...
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
...
Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability
Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, becaus...
Visual Studio Code Elevation of Privilege Vulnerability
...
Microsoft Edge for Android Spoofing Vulnerability
...
Chromium: CVE-2026-13945 Insufficient policy enforcement in Extensions
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-13942 Insufficient validation of untrusted input in Video Capture
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14012 Side-channel information leakage in CSS
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14039 Insufficient policy enforcement in GetUserMedia
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-13857 Inappropriate implementation in Geometry
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
...
Microsoft Office Defense in Depth Update
Microsoft has released an update for Microsoft Office that provides enhanced security as a defense in depth measure...
Windows AppX Installer Spoofing Vulnerability
We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader. An attacker...
Open Management Infrastructure Remote Code Execution Vulnerability
...
Remote Desktop Client Remote Code Execution Vulnerability
...
Remote Desktop Services Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction...
Microsoft Guidance for Rogue System Register Read
Executive Summary On January 3, 2018, Microsoft released an advisory and security updates related to a newly discovered class of hardware vulnerabilities known as Spectre and Meltdown involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. On May 21,...
Chromium: CVE-2026-14116 Insufficient validation of untrusted input in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-14127 Inappropriate implementation in Printing
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-13941 Inappropriate implementation in SiteSettings
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...