Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Total 17397 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40452 1 Microsoft 1 Hevc Video Extensions 2022-02-09 6.8 MEDIUM 7.8 HIGH
HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40453, CVE-2021-41360.
CVE-2021-40453 1 Microsoft 1 Hevc Video Extensions 2022-02-09 6.8 MEDIUM 7.8 HIGH
HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40452, CVE-2021-41360.
CVE-2021-42320 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2022-02-09 3.5 LOW 5.7 MEDIUM
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-43242.
CVE-2021-3641 2 Bitdefender, Microsoft 2 Gravityzone, Windows 2022-02-09 3.6 LOW 6.1 MEDIUM
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions.
CVE-2008-4019 1 Microsoft 6 Excel, Excel Viewer, Office and 3 more 2022-02-09 9.3 HIGH N/A
Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file containing a formula within a cell, aka "Formula Parsing Vulnerability."
CVE-2008-3471 1 Microsoft 5 Excel, Excel Viewer, Office and 2 more 2022-02-09 9.3 HIGH N/A
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a BIFF file with a malformed record that triggers a user-influenced size calculation, aka "File Format Parsing Vulnerability."
CVE-2021-44205 2 Acronis, Microsoft 3 Cyber Protect Home Office, True Image, Windows 2022-02-09 4.4 MEDIUM 7.3 HIGH
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
CVE-2021-44206 2 Acronis, Microsoft 3 Cyber Protect Home Office, True Image, Windows 2022-02-09 4.4 MEDIUM 7.3 HIGH
Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
CVE-2021-29218 2 Hpe, Microsoft 14 Agentless Management, Apollo 20, Apollo 2000 Gen 10 Plus and 11 more 2022-02-09 4.6 MEDIUM 6.7 MEDIUM
A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows version(s): Prior to 1.44.0.0, 10.96.0.0. This vulnerability could be exploited locally by a user with high privileges to execute malware that may lead to a loss of confidentiality, integrity, and availability. HPE has provided software updates to resolve the vulnerability in HPE Agentless Management Service for Windows.
CVE-2008-4250 1 Microsoft 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more 2022-02-09 10.0 HIGH N/A
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."
CVE-2021-34845 3 Foxit, Foxitsoftware, Microsoft 3 Pdf Reader, Pdf Editor, Windows 2022-02-08 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14034.
CVE-2021-34842 3 Foxit, Foxitsoftware, Microsoft 3 Pdf Reader, Pdf Editor, Windows 2022-02-08 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14024.
CVE-2021-34843 3 Foxit, Foxitsoftware, Microsoft 3 Pdf Reader, Pdf Editor, Windows 2022-02-08 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14025.
CVE-2021-34846 3 Foxit, Foxitsoftware, Microsoft 3 Pdf Reader, Pdf Editor, Windows 2022-02-08 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14120.
CVE-2021-34851 3 Foxit, Foxitsoftware, Microsoft 3 Pdf Reader, Pdf Editor, Windows 2022-02-08 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14016.
CVE-2021-34835 3 Foxit, Foxitsoftware, Microsoft 3 Pdf Reader, Pdf Editor, Windows 2022-02-08 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14015.
CVE-2021-34833 3 Foxit, Foxitsoftware, Microsoft 3 Pdf Reader, Pdf Editor, Windows 2022-02-08 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14023.
CVE-2021-34832 3 Foxit, Foxitsoftware, Microsoft 3 Pdf Reader, Pdf Editor, Windows 2022-02-08 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the delay property. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13928.
CVE-2021-34831 3 Foxit, Foxitsoftware, Microsoft 3 Pdf Reader, Pdf Editor, Windows 2022-02-08 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.4.37651. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Document objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13741.
CVE-2021-34841 3 Foxit, Foxitsoftware, Microsoft 3 Pdf Reader, Pdf Editor, Windows 2022-02-08 6.8 MEDIUM 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14022.