21767 matches found
Microsoft Power BI Spoofing Vulnerability
...
Windows Network File System Remote Code Execution Vulnerability
...
Windows Print Spooler Remote Code Execution Vulnerability
...
Windows Print Spooler Remote Code Execution Vulnerability
...
Web Media Extensions Remote Code Execution Vulnerability
...
Microsoft Edge (Chromium-based) Spoofing Vulnerability
User Interface UI Misrepresentation of Critical Information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
...
Microsoft Edge for iOS Spoofing Vulnerability
...
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
...
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
...
Microsoft DWM Core Library Elevation of Privilege Vulnerability
...
Chromium CVE-2021-21157: Use after free in Web Sockets
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
Chromium: CVE-2024-8035 Inappropriate implementation in Extensions
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Intel: CVE-2022-0001 Branch History Injection
This CVE was assigned by Intel. Please see CVE-2022-0001 on CVE.org for more information...
Windows Error Reporting Service Elevation of Privilege Vulnerability
...
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
...
Microsoft ODBC Driver Remote Code Execution Vulnerability
...
Visual Studio Code Remote Code Execution Vulnerability
...
Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability
...
Microsoft HoloLens Remote Code Execution Vulnerabilities
Executive Summary Microsoft is aware of vulnerabilities that affect the Broadcom wireless chipset included in the Microsoft HoloLens device. The vulnerabilities could allow an unauthenticated attacker in physical proximity to cause a denial of service condition or execute code on a target system...
Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an...
Guidance to mitigate speculative execution side-channel vulnerabilities
NOTE This advisory was revised on July 10, 2018. Some content has been removed for simplicity and because it is no longer relevant. You can view the archived content for ADV180002 in the FAQ section following the Affected Products table. Executive Summary Microsoft is aware of a new publicly...
Event Tracing for Windows Information Disclosure Vulnerability
...
Azure Site Recovery Information Disclosure Vulnerability
...
Apache Log4j Remote Code Execution Vulnerability
Certain versions of Apache Log4j2 are vulnerable to a remote code execution vulnerability. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. Microsoft is not aware of any impact to th...
Windows DNS Server Remote Code Execution Vulnerability
...
Windows SMB Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 SMBv1 server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most...
Microsoft Edge (Chromium-based) Spoofing Vulnerability
...
Microsoft Teams Remote Code Execution Vulnerability
...
CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability
...
Chromium: CVE-2021-37973 Use after free in Portals
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2021-37973 exists in the wild...
SQL Server Reporting Services Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in SQL Server Reporting Services SSRS when the server improperly validates attachments uploaded to reports. An attacker who successfully exploited this vulnerability could upload file types that were disallowed by an administrator. To exploit the...
HTTP/2 Server Denial of Service Vulnerability
A denial of service vulnerability exists in the HTTP/2 protocol stack HTTP.sys when HTTP.sys improperly parses specially crafted HTTP/2 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. ...
Windows Data Sharing Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafte...
Windows DNS Server Remote Code Execution Vulnerability
...
Windows Installer Elevation of Privilege Vulnerability
...
Windows Error Reporting Service Elevation of Privilege Vulnerability
...
Chromium: CVE-2022-3196 Use after free in PDF
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
.NET and Visual Studio Denial of Service Vulnerability
...
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability
...
Microsoft Exchange Server Remote Code Execution Vulnerability
...
Base3D Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory. An attacker who successfully exploited the vulnerability would gain execution on a victim system. The security update addresses the vulnerability by correcting how the Base3D rendering engine...
Microsoft Exchange Server Elevation of Privilege Vulnerability
Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network...
Visual Studio Code Spoofing Vulnerability
...
Microsoft Office Remote Code Execution Vulnerability
...
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
...
Azure RTOS GUIX Studio Information Disclosure Vulnerability
...
Chromium CVE-2020-16044: Use after free in WebRTC
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft Edge (Chromium-based) Spoofing Vulnerability
...