Filtered by vendor Microsoft
Subscribe
Total
976 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46216 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2023-12-21 | N/A | 9.8 CRITICAL |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | |||||
| CVE-2022-21969 | 1 Microsoft | 1 Exchange Server | 2023-12-21 | 7.7 HIGH | 9.0 CRITICAL |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2022-21907 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2023-12-21 | 10.0 HIGH | 9.8 CRITICAL |
| HTTP Protocol Stack Remote Code Execution Vulnerability | |||||
| CVE-2022-21898 | 1 Microsoft | 3 Windows 10, Windows Server, Windows Server 2019 | 2023-12-21 | 10.0 HIGH | 9.8 CRITICAL |
| DirectX Graphics Kernel Remote Code Execution Vulnerability | |||||
| CVE-2022-21874 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2023-12-21 | 10.0 HIGH | 9.8 CRITICAL |
| Windows Security Center API Remote Code Execution Vulnerability | |||||
| CVE-2022-21855 | 1 Microsoft | 1 Exchange Server | 2023-12-21 | 7.7 HIGH | 9.0 CRITICAL |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2022-21849 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2023-12-21 | 9.3 HIGH | 9.8 CRITICAL |
| Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | |||||
| CVE-2022-21846 | 1 Microsoft | 1 Exchange Server | 2023-12-21 | 8.3 HIGH | 9.0 CRITICAL |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2022-29130 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2023-12-21 | 9.3 HIGH | 9.8 CRITICAL |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||
| CVE-2022-26937 | 1 Microsoft | 6 Windows Server, Windows Server 2008, Windows Server 2012 and 3 more | 2023-12-21 | 7.5 HIGH | 9.8 CRITICAL |
| Windows Network File System Remote Code Execution Vulnerability | |||||
| CVE-2022-22012 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-12-21 | 9.3 HIGH | 9.8 CRITICAL |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||
| CVE-2022-30136 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2023-12-20 | 10.0 HIGH | 9.8 CRITICAL |
| Windows Network File System Remote Code Execution Vulnerability | |||||
| CVE-2022-37968 | 1 Microsoft | 2 Azure Arc-enabled Kubernetes, Azure Stack Edge | 2023-12-20 | N/A | 10.0 CRITICAL |
| <p>Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because Azure Stack Edge allows customers to deploy Kubernetes workloads on their devices via Azure Arc, Azure Stack Edge devices are also vulnerable to this vulnerability.</p> | |||||
| CVE-2016-9953 | 2 Haxx, Microsoft | 2 Curl, Windows Embedded Compact | 2023-12-15 | 7.5 HIGH | 9.8 CRITICAL |
| The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read. | |||||
| CVE-2023-48698 | 1 Microsoft | 1 Azure Rtos Usbx | 2023-12-11 | N/A | 9.8 CRITICAL |
| Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host stack and host classes, related to device linked classes, GSER and HID in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-48695 | 1 Microsoft | 1 Azure Rtos Usbx | 2023-12-10 | N/A | 9.8 CRITICAL |
| Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to out of bounds write vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host and device classes, related to CDC ECM and RNDIS in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-36049 | 1 Microsoft | 16 .net, .net Framework, Visual Studio 2022 and 13 more | 2023-12-10 | N/A | 9.8 CRITICAL |
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2023-36018 | 1 Microsoft | 1 Jupyter | 2023-12-10 | N/A | 9.8 CRITICAL |
| Visual Studio Code Jupyter Extension Spoofing Vulnerability | |||||
| CVE-2023-48694 | 1 Microsoft | 1 Azure Rtos Usbx | 2023-12-10 | N/A | 9.8 CRITICAL |
| Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference and type confusion vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host stack and host class, related to device linked classes, ASIX, Prolific, SWAR, audio, CDC ECM in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-48692 | 1 Microsoft | 1 Azure Rtos Netx Duo | 2023-12-10 | N/A | 9.8 CRITICAL |
| Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp, tcp, snmp, dhcp, nat and ftp in RTOS v6.2.1 and below. The fixes have been included in NetX Duo release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||