21767 matches found
HEVC Video Extensions Remote Code Execution Vulnerability
...
Azure Active Directory Information Disclosure Vulnerability
An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...
Azure Sphere Elevation of Privilege Vulnerability
...
OLE Automation Remote Code Execution Vulnerability
...
Chromium: CVE-2021-21227 Insufficient data validation in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2021-21199 Use Use after free in Aura
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
...
Microsoft SharePoint Information Disclosure Vulnerability
...
ADFS MFA Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Active Directory Federation Services ADFS improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication factors. To exploit this...
Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies. A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user. If the current user is logged on with...
Microsoft Office SharePoint XSS Vulnerability
A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint...
Internet Connection Sharing Service Remote Code Execution Vulnerability
A memory corruption vulnerability exists in the Internet Connection Sharing ICS service when an attacker sends specially crafted packets to the server. An attacker who successfully exploited the vulnerability could run arbitrary code on the server with elevated privileges. To exploit the...
Microsoft Exchange Memory Corruption Vulnerability
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs;...
Microsoft Outlook Memory Corruption Vulnerability
A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrativ...
Windows GDI Information Disclosure Vulnerability
A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...
Chromium: CVE-2026-12460 Insufficient policy enforcement in File System Access
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows Shortcut Files Security Feature Bypass Vulnerability
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...
Microsoft OneNote Security Feature Bypass Vulnerability
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally...
Microsoft SQL Server Elevation of Privilege Vulnerability
...
Windows Kernel Elevation of Privilege Vulnerability
...
Windows NTLM Security Support Provider Information Disclosure Vulnerability
...
Microsoft Word Remote Code Execution Vulnerability
...
Windows Group Policy Security Feature Bypass Vulnerability
...
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
...
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
...
Windows Partition Management Driver Elevation of Privilege Vulnerability
...
Chromium: CVE-2023-1229 Inappropriate implementation in Permission prompts
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows Secure Channel Denial of Service Vulnerability
...
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
...
Chromium: CVE-2023-0699 Use after free in GPU
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
DirectX Graphics Kernel Elevation of Privilege Vulnerability
...
Windows Error Reporting Elevation of Privilege Vulnerability
...
Chromium: CVE-2022-3890 Heap buffer overflow in Crashpad
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2022-3653 Heap buffer overflow in Vulkan
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows NTLM Spoofing Vulnerability
...
Windows Secure Channel Denial of Service Vulnerability
...
Windows Graphics Component Information Disclosure Vulnerability
...
Chromium: CVE-2022-1640 Use after free in Sharing
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2022-1637 Inappropriate implementation in Web Contents
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows NTFS Information Disclosure Vulnerability
...
Remote Procedure Call Runtime Remote Code Execution Vulnerability
...
Chromium: CVE-2022-0980 Use after free in New Tab Page
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft Defender for IoT Elevation of Privilege Vulnerability
...
Chromium: CVE-2022-0792 Out of bounds read in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2022-0608 Integer overflow in Mojo
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows Runtime Remote Code Execution Vulnerability
...
Windows Print Spooler Elevation of Privilege Vulnerability
...
Windows Print Spooler Elevation of Privilege Vulnerability
...
Chromium: CVE-2022-0306 Heap buffer overflow in PDFium
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...