Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-29583 | 2 Microsoft, Service Project | 2 Windows, Service | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| service_windows.go in the kardianos service package for Go omits quoting that is sometimes needed for execution of a Windows service executable from the intended directory. | |||||
| CVE-2021-4225 | 2 Microsoft, Smartypantsplugins | 2 Windows, Sp Project \& Document Manager | 2022-05-03 | 6.5 MEDIUM | 8.8 HIGH |
| The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. The plugin attempts to prevent PHP and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that on Windows servers, the security checks in place were insufficient, enabling bad actors to potentially upload backdoors on vulnerable sites. | |||||
| CVE-2021-27064 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Visual Studio Installer Elevation of Privilege Vulnerability | |||||
| CVE-2021-41023 | 2 Fortinet, Microsoft | 2 Fortisiem, Windows | 2022-05-03 | 2.1 LOW | 5.5 MEDIUM |
| A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows an authenticated user to disclosure agent password due to plaintext credential storage in log files | |||||
| CVE-2021-38976 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2022-05-03 | 2.1 LOW | 5.5 MEDIUM |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear text which can be read by a local user. X-Force ID: 212781. | |||||
| CVE-2021-26899 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
| Windows UPnP Device Host Elevation of Privilege Vulnerability | |||||
| CVE-2021-26901 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
| Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26872, CVE-2021-26898. | |||||
| CVE-2021-31193 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows SSDP Service Elevation of Privilege Vulnerability | |||||
| CVE-2021-31190 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-31187 | 1 Microsoft | 1 Windows 10 | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
| Windows WalletService Elevation of Privilege Vulnerability | |||||
| CVE-2021-31170 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31188. | |||||
| CVE-2021-31167 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208. | |||||
| CVE-2021-31165 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31167, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208. | |||||
| CVE-2021-28458 | 1 Microsoft | 1 Ms-rest-nodeauth | 2022-05-03 | 6.8 MEDIUM | 7.8 HIGH |
| Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability | |||||
| CVE-2021-28452 | 1 Microsoft | 3 365 Apps, Office, Outlook | 2022-05-03 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Outlook Memory Corruption Vulnerability | |||||
| CVE-2021-26891 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Container Execution Agent Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26865. | |||||
| CVE-2021-28440 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Installer Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26415. | |||||
| CVE-2021-28436 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Speech Runtime Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-28347, CVE-2021-28351. | |||||
| CVE-2021-28351 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Speech Runtime Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-28347, CVE-2021-28436. | |||||
| CVE-2021-28347 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2022-05-03 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Speech Runtime Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-28351, CVE-2021-28436. | |||||