Lucene search
K
MscveMost viewed

22103 matches found

Microsoft CVE
Microsoft CVE
•added 2021/07/13 7:0 a.m.•34 views

Storage Spaces Controller Elevation of Privilege Vulnerability

...

7.8CVSS7.7AI score0.0074EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/04/13 7:0 a.m.•34 views

Windows Network File System Remote Code Execution Vulnerability

...

8.8CVSS8.7AI score0.0271EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/04/13 7:0 a.m.•34 views

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

...

7.8CVSS7.9AI score0.00796EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/04/13 7:0 a.m.•34 views

NTFS Elevation of Privilege Vulnerability

...

7.8CVSS7.9AI score0.00556EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/03/09 8:0 a.m.•34 views

HEVC Video Extensions Remote Code Execution Vulnerability

...

7.8CVSS7.8AI score0.0283EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/03/09 8:0 a.m.•34 views

Windows WalletService Elevation of Privilege Vulnerability

...

7.8CVSS7.8AI score0.03215EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/03/09 8:0 a.m.•34 views

Azure Virtual Machine Information Disclosure Vulnerability

...

6.8CVSS7.2AI score0.01343EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2021/03/09 8:0 a.m.•34 views

Windows Network Address Translation (NAT) Denial of Service Vulnerability

...

7.5CVSS7.7AI score0.03355EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/03/04 8:4 p.m.•34 views

Chromium CVE-2021-21172: Insufficient policy enforcement in File System API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.1CVSS8.1AI score0.0165EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2021/03/04 8:4 p.m.•34 views

Chromium CVE-2021-21170: Incorrect security UI in Loader

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS7.2AI score0.01599EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2021/02/09 8:0 a.m.•34 views

Microsoft SharePoint Server Spoofing Vulnerability

...

8CVSS8.3AI score0.01976EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/01/12 8:0 a.m.•34 views

Azure Active Directory Pod Identity Spoofing Vulnerability

...

5.5CVSS5.6AI score0.01133EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/01/12 8:0 a.m.•34 views

Remote Procedure Call Runtime Remote Code Execution Vulnerability

...

9CVSS8.2AI score0.03579EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/01/12 8:0 a.m.•34 views

Windows Bluetooth Security Feature Bypass Vulnerability

Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the...

5.5CVSS6.6AI score0.0165EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/01/12 8:0 a.m.•34 views

Windows Kernel Elevation of Privilege Vulnerability

...

7.8CVSS7.8AI score0.00647EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/01/12 8:0 a.m.•34 views

Windows InstallService Elevation of Privilege Vulnerability

...

7.8CVSS7.8AI score0.0081EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2021/01/12 8:0 a.m.•34 views

Windows WalletService Elevation of Privilege Vulnerability

...

7.8CVSS7.7AI score0.00684EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/11/10 8:0 a.m.•34 views

Windows Graphics Component Information Disclosure Vulnerability

...

5.5CVSS6.5AI score0.01286EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/10/13 7:0 a.m.•34 views

Microsoft SharePoint Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page. To take advantage of...

5.5CVSS1.2AI score0.00883EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/10/13 7:0 a.m.•34 views

Windows Application Compatibility Client Library Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need cod...

7.8CVSS4.3AI score0.0142EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/10/13 7:0 a.m.•34 views

Microsoft Office Click-to-Run Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run C2R AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to convince a user to open a...

7.8CVSS3.1AI score0.03158EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/09/08 7:0 a.m.•34 views

OneDrive for Windows Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status. To exploit this vulnerability, an attacker would...

7.1CVSS2.4AI score0.00998EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/09/08 7:0 a.m.•34 views

Microsoft Graphics Component Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...

5.5CVSS2.2AI score0.01079EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/09/08 7:0 a.m.•34 views

Microsoft Office SharePoint XSS Vulnerability

A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint...

7.4CVSS0.9AI score0.02687EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/09/08 7:0 a.m.•34 views

Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Dynamics 365 on-premises when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account. A...

8.8CVSS3.7AI score0.02689EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/07/14 7:0 a.m.•34 views

Windows Update Stack Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or...

7.8CVSS3.3AI score0.01323EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/07/14 7:0 a.m.•34 views

Windows SharedStream Library Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the SharedStream Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a...

7.8CVSS3AI score0.00738EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/07/14 7:0 a.m.•35 views

Windows Address Book Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Windows Address Book WAB improperly processes vcard files. To exploit the vulnerability, an attacker could send a malicious vcard that a victim opens using Windows Address Book WAB. After successfully exploiting the vulnerability, an attacker coul...

9.3CVSS3.6AI score0.11536EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/07/14 7:0 a.m.•34 views

Microsoft Word Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the...

8.8CVSS1.8AI score0.10677EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/07/14 7:0 a.m.•34 views

Windows Runtime Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...

7.8CVSS4.4AI score0.00708EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/06/09 7:0 a.m.•34 views

Windows Shell Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on as an administrator, an attacker could...

9.3CVSS2.6AI score0.1178EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/05/12 7:0 a.m.•34 views

Microsoft Edge PDF Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

7.6CVSS2AI score0.07082EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/05/12 7:0 a.m.•34 views

Media Foundation Memory Corruption Vulnerability

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an...

7.8CVSS2.5AI score0.03931EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/04/14 7:0 a.m.•34 views

Windows Kernel Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ne...

7.8CVSS3.3AI score0.00856EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/03/10 7:0 a.m.•34 views

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. An attacker with unprivileged access to a vulnerable system could exploi...

7.8CVSS3.3AI score0.00788EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/03/10 7:0 a.m.•34 views

DirectX Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with...

10CVSS2.8AI score0.06803EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/02/11 8:0 a.m.•34 views

Windows Kernel Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ne...

7.8CVSS3.3AI score0.01367EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/02/11 8:0 a.m.•34 views

Microsoft Edge Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. In a web-based attack scenario, an attacker could host a website that is used ...

4.2CVSS3AI score0.01573EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2020/02/11 8:0 a.m.•34 views

Microsoft Exchange Server Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other...

8.1CVSS3.2AI score0.03264EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/12/10 8:0 a.m.•34 views

Windows Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges...

7.8CVSS4.1AI score0.01751EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/12/10 8:0 a.m.•34 views

Visual Studio Live Share Spoofing Vulnerability

A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host. An attacker who successfully exploited this vulnerability could cause a connected guest's computer to open a browser and...

6.1CVSS2AI score0.01482EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/12/10 8:0 a.m.•34 views

Microsoft PowerPoint Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

9.3CVSS2.9AI score0.18328EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/12/10 8:0 a.m.•34 views

Git for Visual Studio Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts wit...

9.3CVSS4.1AI score0.22427EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/11/12 8:0 a.m.•34 views

Windows Data Sharing Service Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafte...

7.8CVSS3.6AI score0.00713EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/11/12 8:0 a.m.•34 views

Windows Modules Installer Service Information Disclosure Vulnerability

An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk. To exploit the vulnerability, an attacker would have to log onto an...

3.5CVSS2.3AI score0.01629EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/11/12 8:0 a.m.•34 views

Azure Stack Spoofing Vulnerability

A spoofing vulnerability exists when Azure Stack fails to validate certain requests. An attacker who successfully exploited the vulnerability could make requests to internal Azure Stack resources. An attacker could exploit the vulnerability by sending a specially crafted request to the Azure Stac...

7.5CVSS2AI score0.57938EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/10/08 7:0 a.m.•34 views

Remote Desktop Client Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs;...

9.3CVSS2.3AI score0.14909EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/10/08 7:0 a.m.•34 views

Windows Imaging API Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the vulnerability, an attacker would ha...

9.3CVSS4.5AI score0.34205EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/09/10 7:0 a.m.•34 views

Microsoft SharePoint Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint...

8.8CVSS2.9AI score0.11659EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2019/09/10 7:0 a.m.•34 views

Microsoft SharePoint Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm...

8.8CVSS2.2AI score0.08328EPSS
Exploits0
Total number of security vulnerabilities5000