Lucene search
K
MscveMost viewed

21762 matches found

Microsoft CVE
Microsoft CVE
added 2021/07/13 7:0 a.m.44 views

Windows Media Remote Code Execution Vulnerability

...

9.3CVSS7.8AI score0.02577EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2021/07/13 7:0 a.m.44 views

Visual Studio Code Remote Code Execution Vulnerability

...

7.8CVSS7.8AI score0.03862EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2021/05/13 7:0 a.m.44 views

Chromium: CVE-2021-30518 Heap buffer overflow in Reader Mode

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.01343EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2021/04/13 7:0 a.m.44 views

Remote Procedure Call Runtime Remote Code Execution Vulnerability

...

8.8CVSS8.9AI score0.02315EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2021/03/09 8:0 a.m.44 views

Windows App-V Overlay Filter Elevation of Privilege Vulnerability

...

7.8CVSS7.8AI score0.00582EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2021/03/09 8:0 a.m.44 views

Windows Update Service Elevation of Privilege Vulnerability

...

7.1CVSS6.6AI score0.01115EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2021/03/09 8:0 a.m.44 views

Microsoft Office Remote Code Execution Vulnerability

...

7.8CVSS7.2AI score0.0231EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2021/01/12 8:0 a.m.44 views

Windows Hyper-V Denial of Service Vulnerability

...

7.7CVSS7.7AI score0.03769EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2021/01/12 8:0 a.m.44 views

Windows (modem.sys) Information Disclosure Vulnerability

...

5.5CVSS6.5AI score0.021EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/12/08 8:0 a.m.44 views

Windows Network Connections Service Elevation of Privilege Vulnerability

...

7.8CVSS8.3AI score0.01062EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/11/10 8:0 a.m.44 views

Microsoft SharePoint Server Spoofing Vulnerability

...

6.5CVSS7AI score0.01897EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/11/10 8:0 a.m.44 views

Microsoft Excel Remote Code Execution Vulnerability

...

9.3CVSS7.7AI score0.03824EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/11/10 8:0 a.m.44 views

HEVC Video Extensions Remote Code Execution Vulnerability

...

9.3CVSS7.8AI score0.03735EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/10/13 7:0 a.m.44 views

Windows Enterprise App Management Service Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files. An attacker with unprivileged access to a vulnerable system could...

5.5CVSS2.4AI score0.01233EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/09/08 7:0 a.m.44 views

Windows State Repository Service Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An attacker could exploit this vulnerability b...

5.5CVSS2AI score0.01079EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/09/08 7:0 a.m.44 views

Microsoft SharePoint Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint...

8.6CVSS2.9AI score0.02127EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/09/08 7:0 a.m.44 views

Windows Defender Application Control Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC. To exploit the...

7.2CVSS5.6AI score0.07037EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/09/08 7:0 a.m.44 views

Active Directory Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Active Directory integrated DNS ADIDNS mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account To exploit the vulnerability, an...

8.8CVSS3.8AI score0.03608EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/08/11 7:0 a.m.44 views

Jet Database Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to...

9.3CVSS4.4AI score0.04179EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/07/14 7:0 a.m.44 views

Office Web Apps XSS Vulnerability

A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Office Web Apps server. The attacker who successfully exploited th...

6.1CVSS1.2AI score0.01729EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/06/09 7:0 a.m.44 views

Microsoft Bing Search Spoofing Vulnerability

A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website, when browsed using...

6.5CVSS1.1AI score0.02593EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/01/14 8:0 a.m.44 views

Hyper-V Denial of Service Vulnerability

A denial of service vulnerability exists when Microsoft Hyper-V Virtual PCI on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ...

6CVSS3.5AI score0.01316EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/12/10 8:0 a.m.44 views

Win32k Information Disclosure Vulnerability

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log ...

5.5CVSS1.4AI score0.01634EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/10/08 7:0 a.m.44 views

Windows GDI Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could...

5.5CVSS2.5AI score0.02015EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/08/13 7:0 a.m.44 views

Remote Desktop Services Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction...

10CVSS3.1AI score0.07586EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/07/09 7:0 a.m.44 views

DirectX Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with...

7.8CVSS2.8AI score0.00992EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/06/11 7:0 a.m.44 views

Microsoft Windows Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access...

8.5CVSS2.9AI score0.15115EPSS
Exploits2
Microsoft CVE
Microsoft CVE
added 2019/06/11 7:0 a.m.44 views

Windows Hyper-V Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could...

8.4CVSS4.3AI score0.0404EPSS
Exploits2
Microsoft CVE
Microsoft CVE
added 2019/04/09 7:0 a.m.44 views

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data;...

7.8CVSS2.9AI score0.04151EPSS
Exploits2
Microsoft CVE
Microsoft CVE
added 2019/03/12 7:0 a.m.44 views

Microsoft Office SharePoint XSS Vulnerability

A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint...

5.4CVSS0.9AI score0.01652EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/03/12 7:0 a.m.44 views

Visual Studio Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library DLL files. An attacker who successfully exploited the vulnerability could execute arbitrary code in the context of the current user. Use...

7.8CVSS4.2AI score0.10551EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/01/08 8:0 a.m.44 views

Microsoft Office Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special...

5.5CVSS1.1AI score0.08729EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/01/08 8:0 a.m.44 views

Jet Database Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to...

9.3CVSS4.4AI score0.20505EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2018/10/09 7:0 a.m.44 views

Windows DNS Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in DNS Global Blocklist feature. An attacker who successfully exploited this vulnerability could redirect traffic to malicious DNS endpoints. The update addresses the vulnerability by updating DNS Server Role record additions to not bypass the Global...

4.3CVSS2.5AI score0.04742EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2018/07/10 7:0 a.m.44 views

Microsoft Macro Assembler Tampering Vulnerability

A Tampering vulnerability exists when Microsoft Macro Assembler improperly validates code. An attacker could introduce code into an application, which modifies data in an unintended manner. The security updates addresses the vulnerability by ensuring that Microsoft Macro Assembler properly...

7.8CVSS2.9AI score0.01085EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2018/07/10 7:0 a.m.44 views

WordPad Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects. An attacker who successfully exploited the vulnerability could bypass content blocking. In a file-sharing attack scenario, an attacker could provide a specially crafted document file...

6.8CVSS1.4AI score0.03434EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/12/12 8:0 a.m.44 views

Microsoft Windows Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows its:// protocol handler unnecessarily sends traffic to a remote site in order to determine the zone of a provided URL. This could potentially result in the disclosure of sensitive information to a malicious site. To exploit the...

6.5CVSS1.1AI score0.09617EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/10/10 7:0 a.m.44 views

Skype for Business Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Skype for Business fails to properly handle specific authentication requests. An authenticated attacker who successfully exploited this vulnerability could steal an authentication hash that can be reused elsewhere. The attacker could then take a...

9.3CVSS2.4AI score0.09392EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/06/13 7:0 a.m.44 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

6.5CVSS3.1AI score0.14265EPSS
Exploits4
Microsoft CVE
Microsoft CVE
added 2017/06/13 7:0 a.m.44 views

Windows PDF Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Windows, Microsoft Word 2013 and Microsoft Word 2016 if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. To exploi...

9.3CVSS4.8AI score0.24243EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/11/08 8:0 a.m.44 views

Windows Bowser.sys Information Disclosure Vulnerability

An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose contents of System memory to which they should not have access. ...

5.8CVSS2.3AI score0.03457EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/07/12 7:0 a.m.44 views

Windows Scripting Engine Memory Corruption Vulnerability

An information disclosure vulnerability exists when VBScript improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data. To exploit the vulnerability, an attacker must know the memory address of where the...

6.5CVSS1.6AI score0.20869EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/06/14 7:0 a.m.44 views

Microsoft Office Memory Corruption Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on wit...

9.3CVSS2.6AI score0.16722EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/05/10 7:0 a.m.44 views

Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability

An information disclosure vulnerability exists in Microsoft Windows when a USB disk mounted over Remote Desktop Protocol RDP via Microsoft RemoteFX is not correctly tied to the session of the mounting user. An attacker who successfully exploited this vulnerability could obtain access to file and...

5.5CVSS1.2AI score0.02342EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/05/10 7:0 a.m.44 views

Microsoft Office Graphics Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delet...

9.3CVSS1.1AI score0.15704EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 5 days ago43 views

Chromium: CVE-2026-13021 Inappropriate implementation in DeviceBoundSessionCredentials

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.8AI score0.00143EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/01 10:16 p.m.43 views

Chromium: CVE-2025-4051 Insufficient data validation in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.3CVSS7AI score0.00296EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/03/11 7:0 a.m.43 views

Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Azure Command Line Integration CLI allows an unauthorized attacker to elevate privileges locally...

8.4CVSS7.2AI score0.00403EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/10 7:0 a.m.43 views

Chromium: CVE-2024-9603 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.5AI score0.0047EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/03 10:14 p.m.43 views

Chromium: CVE-2024-7025 Integer overflow in Layout

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.6AI score0.00592EPSS
Exploits1
Total number of security vulnerabilities5000