Lucene search
K
MscveMost viewed

22103 matches found

Microsoft CVE
Microsoft CVE
•added 2020/09/08 7:0 a.m.•44 views

Microsoft Store Runtime Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...

7.8CVSS3.7AI score0.00777EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/07/14 7:0 a.m.•44 views

Office Web Apps XSS Vulnerability

A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Office Web Apps server. The attacker who successfully exploited th...

6.1CVSS1.2AI score0.01729EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/07/14 7:0 a.m.•44 views

Microsoft Edge PDF Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack...

6.5CVSS1.3AI score0.05294EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/07/14 7:0 a.m.•44 views

Windows Credential Enrollment Manager Service Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the Credential Enrollment Manager service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker...

7.8CVSS4.2AI score0.00708EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/06/09 7:0 a.m.•44 views

Microsoft Bing Search Spoofing Vulnerability

A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website, when browsed using...

6.5CVSS1.1AI score0.02593EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/03/10 7:0 a.m.•44 views

Remote Code Execution Vulnerability in Application Inspector

A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output. An attacker who exploited it could send sections of the report containing code snippets to an external...

9.6CVSS8.7AI score0.09851EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/02/11 8:0 a.m.•44 views

LNK Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user...

8.8CVSS4.8AI score0.30863EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/10/08 7:0 a.m.•44 views

Windows GDI Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could...

5.5CVSS2.5AI score0.02015EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/06/11 7:0 a.m.•44 views

Microsoft Windows Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access...

8.5CVSS2.9AI score0.15115EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2019/03/12 7:0 a.m.•44 views

Visual Studio Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library DLL files. An attacker who successfully exploited the vulnerability could execute arbitrary code in the context of the current user. Use...

7.8CVSS4.2AI score0.10551EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/01/08 8:0 a.m.•44 views

MSHTML Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the...

9.3CVSS2.2AI score0.53202EPSS
Exploits4
Microsoft CVE
Microsoft CVE
•added 2018/10/09 7:0 a.m.•44 views

Windows DNS Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in DNS Global Blocklist feature. An attacker who successfully exploited this vulnerability could redirect traffic to malicious DNS endpoints. The update addresses the vulnerability by updating DNS Server Role record additions to not bypass the Global...

4.3CVSS2.5AI score0.04742EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2018/03/13 7:0 a.m.•44 views

ASP.NET Core Denial of Service Vulnerability

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A...

7.5CVSS3.3AI score0.08066EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/10/10 7:0 a.m.•44 views

Skype for Business Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Skype for Business fails to properly handle specific authentication requests. An authenticated attacker who successfully exploited this vulnerability could steal an authentication hash that can be reused elsewhere. The attacker could then take a...

9.3CVSS2.4AI score0.09392EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•44 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

6.5CVSS3.1AI score0.14265EPSS
Exploits4
Microsoft CVE
Microsoft CVE
•added 2016/11/08 8:0 a.m.•44 views

Windows Bowser.sys Information Disclosure Vulnerability

An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose contents of System memory to which they should not have access. ...

5.8CVSS2.3AI score0.03457EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/07/12 7:0 a.m.•44 views

Windows Scripting Engine Memory Corruption Vulnerability

An information disclosure vulnerability exists when VBScript improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data. To exploit the vulnerability, an attacker must know the memory address of where the...

6.5CVSS1.6AI score0.20869EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/06/14 7:0 a.m.•44 views

Microsoft Office Memory Corruption Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on wit...

9.3CVSS2.6AI score0.16722EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/05/10 7:0 a.m.•44 views

Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability

An information disclosure vulnerability exists in Microsoft Windows when a USB disk mounted over Remote Desktop Protocol RDP via Microsoft RemoteFX is not correctly tied to the session of the mounting user. An attacker who successfully exploited this vulnerability could obtain access to file and...

5.5CVSS1.2AI score0.02342EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/10 7:0 a.m.•43 views

Windows Storage Management Provider Information Disclosure Vulnerability

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally...

5.5CVSS6.8AI score0.00529EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/04/08 7:0 a.m.•43 views

Microsoft Excel Remote Code Execution Vulnerability

Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...

7.8CVSS7.3AI score0.0101EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/11 7:0 a.m.•43 views

Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Azure Command Line Integration CLI allows an unauthorized attacker to elevate privileges locally...

8.4CVSS7.2AI score0.00403EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•43 views

Windows OLE Remote Code Execution Vulnerability

...

9.8CVSS7.1AI score0.80912EPSS
Exploits6
Microsoft CVE
Microsoft CVE
•added 2024/03/12 7:0 a.m.•43 views

Windows Kernel Elevation of Privilege Vulnerability

...

7.8CVSS7.1AI score0.00901EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/01/17 6:17 p.m.•43 views

Chromium: CVE-2024-0519 Out of bounds memory access in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware of reports that an exploit for CVE-2024-0519 exists in the wild...

8.8CVSS8.7AI score0.03769EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/01/09 8:0 a.m.•43 views

Windows CoreMessaging Information Disclosure Vulnerability

...

5.5CVSS7.1AI score0.00887EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/01/05 5:8 p.m.•43 views

Chromium: CVE-2024-0224 Use after free in WebAudio

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.00998EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/12/14 8:0 a.m.•43 views

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

...

4.3CVSS7.1AI score0.00863EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/12/13 8:0 a.m.•43 views

Azure DevOps Server Spoofing Vulnerability

...

6.5CVSS7.1AI score0.00977EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/11/29 6:18 p.m.•43 views

Chromium: CVE-2023-6346 Use after free in WebAudio

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.9AI score0.0097EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/06/13 7:0 a.m.•43 views

Microsoft SharePoint Server Spoofing Vulnerability

...

7.3CVSS8.5AI score0.01177EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/05/09 7:0 a.m.•43 views

Remote Desktop Client Remote Code Execution Vulnerability

...

7.8CVSS7.8AI score0.00668EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/12/13 8:0 a.m.•43 views

Microsoft Office Graphics Remote Code Execution Vulnerability

...

7.8CVSS7.8AI score0.00809EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/10/11 7:0 a.m.•43 views

Windows USB Serial Driver Information Disclosure Vulnerability

...

4.3CVSS5AI score0.00662EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/10/03 7:0 a.m.•43 views

Chromium: CVE-2022-3304 Use after free in CSS

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.4AI score0.0059EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/07/12 7:0 a.m.•43 views

Azure Site Recovery Remote Code Execution Vulnerability

...

7.2CVSS7.2AI score0.01833EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/06/14 7:0 a.m.•43 views

AV1 Video Extension Remote Code Execution Vulnerability

...

7.8CVSS7.8AI score0.02118EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/05/31 7:0 a.m.•43 views

Chromium: CVE-2022-1856 Use after free in User Education

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.8AI score0.00498EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/05/31 7:0 a.m.•43 views

Chromium: CVE-2022-1864 Use after free in WebApp Installs

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.8AI score0.00475EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/05/13 7:0 a.m.•43 views

Chromium: CVE-2022-1638 Heap buffer overflow in V8 Internationalization

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.00619EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/05/10 8:0 a.m.•43 views

.NET and Visual Studio Denial of Service Vulnerability

...

7.5CVSS7.7AI score0.04913EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/05/10 8:0 a.m.•43 views

Windows Clustered Shared Volume Information Disclosure Vulnerability

...

6.5CVSS6.7AI score0.00786EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/04/12 8:0 a.m.•43 views

Windows Print Spooler Elevation of Privilege Vulnerability

...

7.8CVSS7.7AI score0.0077EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/04/12 7:0 a.m.•43 views

Microsoft Excel Remote Code Execution Vulnerability

...

7.8CVSS7.8AI score0.02116EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/04/01 7:0 a.m.•43 views

Chromium: CVE-2022-1135 Use after free in Shopping Cart

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.4AI score0.0073EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2022/03/08 8:0 a.m.•43 views

Microsoft Office Visio Remote Code Execution Vulnerability

...

7.8CVSS7.8AI score0.02847EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/02/08 8:0 a.m.•43 views

Roaming Security Rights Management Services Remote Code Execution Vulnerability

...

9.3CVSS7.9AI score0.04969EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/02/08 8:0 a.m.•43 views

Microsoft Dynamics GP Elevation Of Privilege Vulnerability

...

9CVSS8.6AI score0.0255EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/02/08 8:0 a.m.•43 views

.NET Denial of Service Vulnerability

...

7.5CVSS7.7AI score0.03739EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2022/02/08 8:0 a.m.•43 views

Microsoft Outlook for Mac Security Feature Bypass Vulnerability

...

5.3CVSS7AI score0.02393EPSS
Exploits0
Total number of security vulnerabilities5000