Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-20441 | 2 Ibm, Microsoft | 2 Security Verify Bridge, Windows | 2021-03-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196617. | |||||
| CVE-2021-26858 | 1 Microsoft | 1 Exchange Server | 2021-03-08 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078. | |||||
| CVE-2021-27078 | 1 Microsoft | 1 Exchange Server | 2021-03-08 | 6.5 MEDIUM | 7.2 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065. | |||||
| CVE-2021-21136 | 2 Google, Microsoft | 3 Android, Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21135 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21134 | 3 Apple, Google, Microsoft | 3 Iphone Os, Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page. | |||||
| CVE-2021-21132 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 9.6 CRITICAL |
| Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. | |||||
| CVE-2021-21124 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 9.6 CRITICAL |
| Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-21120 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21121 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 9.6 CRITICAL |
| Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-21122 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-21123 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. | |||||
| CVE-2021-21119 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2020-17126 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2021-03-04 | 2.1 LOW | 5.5 MEDIUM |
| Microsoft Excel Information Disclosure Vulnerability | |||||
| CVE-2020-17117 | 1 Microsoft | 1 Exchange Server | 2021-03-04 | 9.0 HIGH | 7.2 HIGH |
| Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17132, CVE-2020-17141, CVE-2020-17142, CVE-2020-17144. | |||||
| CVE-2020-17121 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2021-03-04 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17118. | |||||
| CVE-2020-17120 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2021-03-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| Microsoft SharePoint Information Disclosure Vulnerability | |||||
| CVE-2020-17131 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2021-03-04 | 5.1 MEDIUM | 7.5 HIGH |
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2020-17096 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2021-03-04 | 9.0 HIGH | 8.8 HIGH |
| Windows NTFS Remote Code Execution Vulnerability | |||||
| CVE-2020-17124 | 1 Microsoft | 3 365 Apps, Office, Powerpoint | 2021-03-04 | 9.3 HIGH | 7.8 HIGH |
| Microsoft PowerPoint Remote Code Execution Vulnerability | |||||