Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0128 | 3 Adobe, Apple, Microsoft | 4 Director, Shockwave Player, Macos and 1 more | 2022-04-21 | 9.3 HIGH | N/A |
| Integer signedness error in dirapi.dll in Adobe Shockwave Player before 11.5.7.609 and Adobe Director before 11.5.7.609 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir file that triggers an invalid read operation. | |||||
| CVE-2022-24482 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2022-04-21 | 4.4 MEDIUM | 7.0 HIGH |
| Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24540. | |||||
| CVE-2022-24473 | 1 Microsoft | 2 365 Apps, Office | 2022-04-21 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26901. | |||||
| CVE-2022-24472 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2022-04-21 | 3.5 LOW | 5.7 MEDIUM |
| Microsoft SharePoint Server Spoofing Vulnerability. | |||||
| CVE-2022-24528 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-04-21 | 6.8 MEDIUM | 8.8 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24492, CVE-2022-26809. | |||||
| CVE-2022-24527 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-04-21 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability. | |||||
| CVE-2022-21983 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-04-21 | 5.1 MEDIUM | 7.5 HIGH |
| Win32 Stream Enumeration Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24534. | |||||
| CVE-2022-23292 | 1 Microsoft | 1 On-premises Data Gateway | 2022-04-21 | 4.3 MEDIUM | 3.1 LOW |
| Microsoft Power BI Spoofing Vulnerability. | |||||
| CVE-2022-23268 | 1 Microsoft | 2 Windows 11, Windows Server 2022 | 2022-04-21 | 2.1 LOW | 6.5 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability. | |||||
| CVE-2022-23259 | 1 Microsoft | 1 Dynamics 365 | 2022-04-21 | 9.0 HIGH | 8.8 HIGH |
| Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability. | |||||
| CVE-2022-23257 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2016 and 1 more | 2022-04-21 | 4.6 MEDIUM | 8.8 HIGH |
| Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22008, CVE-2022-22009, CVE-2022-24537. | |||||
| CVE-2022-24767 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2022-04-21 | 6.9 MEDIUM | 7.8 HIGH |
| GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account. | |||||
| CVE-2022-24308 | 4 Apple, Automox, Linux and 1 more | 4 Macos, Automox, Linux Kernel and 1 more | 2022-04-20 | 2.1 LOW | 5.5 MEDIUM |
| Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process. | |||||
| CVE-2022-21155 | 4 Apple, Fernhillsoftware, Linux and 1 more | 4 Macos, Scada Server, Linux Kernel and 1 more | 2022-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause an exception, causing the server process (FHSvrService.exe) to exit. | |||||
| CVE-2022-26809 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-04-19 | 10.0 HIGH | 9.8 CRITICAL |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24492, CVE-2022-24528. | |||||
| CVE-2018-3991 | 3 Microsoft, Siemens, Wibu | 3 Windows, Simatic Wincc Open Architecture, Wibukey | 2022-04-19 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigger this vulnerability. | |||||
| CVE-2018-3990 | 2 Microsoft, Wibu | 2 Windows, Wibukey | 2022-04-19 | 7.2 HIGH | 7.8 HIGH |
| An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An attacker can send an IRP request to trigger this vulnerability. | |||||
| CVE-2018-3924 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2022-04-19 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2018-3989 | 2 Microsoft, Wibu | 2 Windows, Wibukey | 2022-04-19 | 2.1 LOW | 5.5 MEDIUM |
| An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability. | |||||
| CVE-2022-24489 | 1 Microsoft | 3 Windows Server 2016, Windows Server 2019, Windows Server 2022 | 2022-04-19 | 4.6 MEDIUM | 7.8 HIGH |
| Cluster Client Failover (CCF) Elevation of Privilege Vulnerability. | |||||