Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34537 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-20 | 5.2 MEDIUM | 8.0 HIGH |
| Windows Bluetooth Driver Elevation of Privilege Vulnerability | |||||
| CVE-2021-36949 | 1 Microsoft | 2 Azure Active Directory Connect, Azure Active Directory Connect Provisioning Agent | 2021-08-20 | 4.9 MEDIUM | 7.1 HIGH |
| Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability | |||||
| CVE-2021-36926 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2021-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26433, CVE-2021-36932, CVE-2021-36933. | |||||
| CVE-2021-26424 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2021-08-20 | 6.8 MEDIUM | 9.8 CRITICAL |
| Windows TCP/IP Remote Code Execution Vulnerability | |||||
| CVE-2021-0061 | 2 Intel, Microsoft | 2 Graphics Drivers, Windows | 2021-08-19 | 4.6 MEDIUM | 7.8 HIGH |
| Improper initialization in some Intel(R) Graphics Driver before version 27.20.100.9030 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-0062 | 2 Intel, Microsoft | 2 Graphics Drivers, Windows | 2021-08-19 | 4.6 MEDIUM | 7.8 HIGH |
| Improper input validation in some Intel(R) Graphics Drivers before version 27.20.100.8935 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-26423 | 1 Microsoft | 5 .net, .net Core, Powershell Core and 2 more | 2021-08-19 | 5.0 MEDIUM | 7.5 HIGH |
| .NET Core and Visual Studio Denial of Service Vulnerability | |||||
| CVE-2021-26428 | 1 Microsoft | 1 Azure Sphere | 2021-08-18 | 2.1 LOW | 4.4 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2021-34524 | 1 Microsoft | 1 Dynamics 365 | 2021-08-18 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability | |||||
| CVE-2021-34532 | 1 Microsoft | 2 Asp.net Core, Visual Studio 2019 | 2021-08-18 | 2.1 LOW | 5.5 MEDIUM |
| ASP.NET Core and Visual Studio Information Disclosure Vulnerability | |||||
| CVE-2021-34485 | 1 Microsoft | 5 .net, .net Core, Powershell Core and 2 more | 2021-08-18 | 2.1 LOW | 5.5 MEDIUM |
| .NET Core and Visual Studio Information Disclosure Vulnerability | |||||
| CVE-2021-26433 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2021-08-18 | 5.0 MEDIUM | 7.5 HIGH |
| Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36926, CVE-2021-36932, CVE-2021-36933. | |||||
| CVE-2021-1721 | 1 Microsoft | 5 .net, .net Core, Powershell Core and 2 more | 2021-08-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| .NET Core and Visual Studio Denial of Service Vulnerability | |||||
| CVE-2021-26605 | 2 Microsoft, Unidocs | 2 Windows, Ezpdfreader | 2021-08-13 | 7.5 HIGH | 9.8 CRITICAL |
| An improper input validation vulnerability in the service of ezPDFReader allows attacker to execute arbitrary command. This issue occurred when the ezPDF launcher received and executed crafted input values through JSON-RPC communication. | |||||
| CVE-2018-3639 | 12 Arm, Canonical, Debian and 9 more | 321 Cortex-a, Ubuntu Linux, Debian Linux and 318 more | 2021-08-13 | 2.1 LOW | 5.5 MEDIUM |
| Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | |||||
| CVE-2021-26606 | 2 Dreamsecurity, Microsoft | 2 Magicline4nx.exe, Windows | 2021-08-13 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. This vulnerability is due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HTTP request an affected program. A successful exploit could allow the attacker to remotely execute arbitrary code on a target system. | |||||
| CVE-2021-38571 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2021-08-12 | 4.4 MEDIUM | 7.8 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502. | |||||
| CVE-2021-33597 | 3 Apple, F-secure, Microsoft | 6 Macos, Business Suite, Client Security and 3 more | 2021-08-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the SAVAPI component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. | |||||
| CVE-2018-0764 | 1 Microsoft | 10 .net Core, .net Framework, Powershell Core and 7 more | 2021-08-12 | 5.0 MEDIUM | 7.5 HIGH |
| Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CVE-2018-0765. | |||||
| CVE-2018-0875 | 1 Microsoft | 2 Asp.net Core, Powershell Core | 2021-08-12 | 5.0 MEDIUM | 7.5 HIGH |
| .NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability". | |||||