Lucene search
K
MscveMost viewed

21727 matches found

Microsoft CVE
Microsoft CVE
•added 2017/11/14 8:0 a.m.•42 views

Microsoft Project Server Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Microsoft Project when Microsoft Project Server does not properly manage user sessions. For this Cross-site Request ForgeryCSRF/XSRF vulnerability to be exploited, the victim must be authenticated to logged on the target site. In a web-based attac...

8.8CVSS7.7AI score0.02474EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/11/14 8:0 a.m.•43 views

ASP.NET Core Elevation Of Privilege Vulnerability

An open redirect vulnerability exists in ASP.NET Core that could lead to elevation of privilege. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL, and convince the user to click the link. When an authenticated user clicks the link, the authenticated...

8.8CVSS2.5AI score0.09398EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•42 views

Internet Explorer Memory Corruption Vulnerability

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilit...

7.6CVSS1.5AI score0.14265EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•42 views

Win32k Graphics Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete dat...

9.3CVSS6.9AI score0.19023EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•42 views

Microsoft Outlook Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or...

9.3CVSS2.6AI score0.19605EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•42 views

Device Guard Code Integrity Policy Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code...

6.5CVSS3.6AI score0.14265EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•42 views

Windows Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Windows Secure Kernel Mode fails to properly handle objects in memory. To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a targeted system. An attacker who successfully exploit...

7.3CVSS3.2AI score0.14265EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/06/13 7:0 a.m.•42 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

6.5CVSS3.1AI score0.14265EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2017/04/11 7:0 a.m.•42 views

Microsoft Outlook Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of file formats. The security feature bypass by itself does not allow arbitrary code execution. However, to successfully exploit the vulnerability, an attacker would have to use it ...

5.5CVSS4.1AI score0.19011EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/04/11 7:0 a.m.•42 views

ADFS Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists when ADFS incorrectly treats requests coming from Extranet clients as Intranet requests. To exploit this vulnerability, an attacker could run a specially crafted application and attempt to brute-force an account password. An attacker who successfully...

4.3CVSS2.9AI score0.03648EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/04/11 7:0 a.m.•42 views

Microsoft Outlook Spoofing Vulnerability

A spoofing vulnerability exists in when Microsoft Outlook for Mac improperly validates HTML tag input. An attacker who successfully tricked the user could gain access to the user's authentication information or login credentials. In an email attack scenario an attacker could exploit the...

6.5CVSS0.9AI score0.10485EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/03/14 7:0 a.m.•42 views

Windows GDI Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete...

7.8CVSS3.2AI score0.03114EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2017/02/21 8:0 a.m.•42 views

February 2017 Adobe Flash Security Update

This security update addresses the following vulnerabilities, which are described in Adobe Security Bulletin APSB17-04: CVE-2017-2982, CVE-2017-2984, CVE-2017-2985, CVE-2017-2986, CVE-2017-2987, CVE-2017-2988, CVE-2017-2990, CVE-2017-2992, CVE-2017-2991, CVE-2017-2993, CVE-2017-2994, CVE-2017-299...

9.3CVSS9AI score0.32676EPSS
Exploits10
Microsoft CVE
Microsoft CVE
•added 2016/09/13 7:0 a.m.•42 views

Windows Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality. To exploit the vulnerability,...

6.8CVSS2.9AI score0.4007EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2016/06/14 7:0 a.m.•42 views

Windows PDF Remote Code Execution

A remote code execution vulnerability exists in Microsoft Windows if a user opens a specially crafted .pdf file. An attacker who successfully exploited the vulnerabilities could cause arbitrary code to execute in the context of the current user. If a user is logged on with administrative user...

9.3CVSS5.8AI score0.33569EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2016/04/12 7:0 a.m.•42 views

Secondary Logon Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Microsoft Windows when the Windows Secondary Logon Service fails to properly manage requests in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator. An attacker could then install programs...

8.4CVSS3AI score0.01577EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2026/05/12 2:0 p.m.•41 views

Microsoft 365 Copilot for Android Spoofing Vulnerability

Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally...

4.4CVSS5.8AI score0.00249EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/01 10:16 p.m.•41 views

Chromium: CVE-2025-4052 Inappropriate implementation in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

9.8CVSS7.5AI score0.0058EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/04/08 7:0 a.m.•41 views

Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS7.8AI score0.0101EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/11 7:0 a.m.•41 views

Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability

Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally...

7.3CVSS7AI score0.01165EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•41 views

Windows Direct Show Remote Code Execution Vulnerability

...

8.8CVSS7.1AI score0.01345EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•41 views

Windows Telephony Service Remote Code Execution Vulnerability

...

8.8CVSS7.1AI score0.01221EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•41 views

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

...

8.8CVSS7.1AI score0.02262EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/10 8:0 a.m.•41 views

Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability

...

8.1CVSS7.1AI score0.01369EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/09/10 7:0 a.m.•41 views

Microsoft Management Console Remote Code Execution Vulnerability

...

8.8CVSS8.8AI score0.01853EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/07/09 7:0 a.m.•41 views

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

...

7.8CVSS7.7AI score0.01626EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/07/09 7:0 a.m.•41 views

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

...

8.8CVSS8.9AI score0.01645EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/04/09 7:0 a.m.•41 views

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

...

8.8CVSS7.3AI score0.02399EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/03/27 7:0 a.m.•41 views

Chromium: CVE-2024-2886 Use after free in WebCodecs

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

7.5CVSS7.8AI score0.0214EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/03/22 7:0 a.m.•41 views

Chromium: CVE-2024-2628 Inappropriate implementation in Downloads

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS6AI score0.0059EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/03/14 7:0 a.m.•41 views

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

...

3.9CVSS7.1AI score0.00646EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/03/07 6:54 p.m.•41 views

Chromium: CVE-2024-2176 Use after free in FedCM

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS7.3AI score0.01251EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/02/13 8:0 a.m.•41 views

Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability

...

8.8CVSS7.3AI score0.01575EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/01/25 8:0 a.m.•41 views

Chromium: CVE-2024-0807 Use after free in WebAudio

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS9AI score0.0048EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/01/09 8:0 a.m.•41 views

Windows CoreMessaging Information Disclosure Vulnerability

...

5.5CVSS7.1AI score0.00887EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/01/09 8:0 a.m.•41 views

Windows Message Queuing Client (MSMQC) Information Disclosure

...

6.5CVSS7.1AI score0.02039EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/01/09 8:0 a.m.•41 views

Windows Server Key Distribution Service Security Feature Bypass

...

6.1CVSS7.1AI score0.01475EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/11/14 8:0 a.m.•41 views

Windows Deployment Services Denial of Service Vulnerability

...

7.5CVSS7.3AI score0.02458EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/11/14 8:0 a.m.•41 views

Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

7.8CVSS7.3AI score0.12184EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2023/10/20 7:0 a.m.•41 views

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

...

6.5CVSS6.7AI score0.00906EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/10/13 7:0 a.m.•41 views

Chromium: CVE-2023-5476 Use after free in Blink History

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.00867EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/10/10 7:0 a.m.•41 views

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

...

8.1CVSS7.1AI score0.01256EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/09/12 7:0 a.m.•41 views

.NET Core and Visual Studio Denial of Service Vulnerability

...

6.5CVSS7.1AI score0.04661EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/09/12 7:0 a.m.•41 views

Windows GDI Elevation of Privilege Vulnerability

...

7.8CVSS7.1AI score0.0075EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/09/12 7:0 a.m.•41 views

Microsoft SharePoint Server Elevation of Privilege Vulnerability

...

8.8CVSS7.1AI score0.02254EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/09/12 7:0 a.m.•41 views

Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

7.8CVSS7.1AI score0.04373EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/08/21 7:0 a.m.•41 views

Chromium: CVE-2023-4354 Heap buffer overflow in Skia

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.01595EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/08/08 7:0 a.m.•41 views

Microsoft Teams Remote Code Execution Vulnerability

...

8.8CVSS9AI score0.02098EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/08/07 7:0 a.m.•41 views

Chromium: CVE-2023-4074 Use after free in Blink Task Scheduling

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.0112EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2023/08/07 7:0 a.m.•41 views

Chromium: CVE-2023-4071 Heap buffer overflow in Visuals

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.0128EPSS
Exploits0
Total number of security vulnerabilities5000