Filtered by vendor Microsoft
Subscribe
Total
21947 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-21313 | 1 Microsoft | 3 Windows 11 24h2, Windows Server 2022 23h2, Windows Server 2025 | 2025-02-05 | N/A | 6.5 MEDIUM |
| Windows Security Account Manager (SAM) Denial of Service Vulnerability | |||||
| CVE-2025-21385 | 1 Microsoft | 1 Purview | 2025-02-05 | N/A | 8.8 HIGH |
| A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized attacker to disclose information over a network. | |||||
| CVE-2025-21380 | 1 Microsoft | 1 Azure Marketplace | 2025-02-05 | N/A | 8.8 HIGH |
| Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network. | |||||
| CVE-2025-21187 | 1 Microsoft | 1 Power Automate For Desktop | 2025-02-05 | N/A | 7.8 HIGH |
| Microsoft Power Automate Remote Code Execution Vulnerability | |||||
| CVE-2018-1457 | 3 Ibm, Linux, Microsoft | 3 Engineering Requirements Management Doors, Linux Kernel, Windows | 2025-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges. IBM X-Force ID: 140208. | |||||
| CVE-2023-3079 | 7 Apple, Couchbase, Debian and 4 more | 7 Macos, Couchbase Server, Debian Linux and 4 more | 2025-02-05 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-29059 | 1 Microsoft | 15 .net Framework, Windows 10 1507, Windows 10 1607 and 12 more | 2025-02-05 | N/A | 7.5 HIGH |
| .NET Framework Information Disclosure Vulnerability | |||||
| CVE-2021-26857 | 1 Microsoft | 1 Exchange Server | 2025-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26855 | 1 Microsoft | 1 Exchange Server | 2025-02-04 | 7.5 HIGH | 9.1 CRITICAL |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2024-38383 | 2 Intel, Microsoft | 2 Quartus Prime, Windows | 2025-02-04 | N/A | 6.7 MEDIUM |
| Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-38668 | 2 Intel, Microsoft | 2 Quartus Prime, Windows | 2025-02-04 | N/A | 6.7 MEDIUM |
| Uncontrolled search path for some Intel(R) Quartus(R) Prime Standard Edition software for Windows before version 23.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-35201 | 2 Intel, Microsoft | 2 Server Debug And Provisioning Tool, Windows | 2025-02-04 | N/A | 6.7 MEDIUM |
| Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may allow an authenticated user to enable escalation of privilege via local access. | |||||
| CVE-2024-36253 | 2 Intel, Microsoft | 2 Server Debug And Provisioning Tool, Windows | 2025-02-04 | N/A | 6.7 MEDIUM |
| Uncontrolled search path in the Intel(R) SDP Tool for Windows software all version may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-45761 | 3 Dell, Linux, Microsoft | 3 Openmanage Server Administrator, Linux Kernel, Windows | 2025-02-04 | N/A | 5.4 MEDIUM |
| Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper input validation vulnerability. A remote low-privileged malicious user could potentially exploit this vulnerability to load any web plugins or Java class leading to the possibility of altering the behavior of certain apps/OS or Denial of Service. | |||||
| CVE-2023-25514 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-02-04 | N/A | 5.3 MEDIUM |
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure. | |||||
| CVE-2023-23838 | 2 Microsoft, Solarwinds | 2 Windows, Database Performance Analyzer | 2025-02-04 | N/A | 6.5 MEDIUM |
| Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server. | |||||
| CVE-2023-23837 | 2 Microsoft, Solarwinds | 2 Windows, Database Performance Analyzer | 2025-02-04 | N/A | 7.5 HIGH |
| No exception handling vulnerability which revealed sensitive or excessive information to users. | |||||
| CVE-2024-49388 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2025-02-04 | N/A | 9.1 CRITICAL |
| Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | |||||
| CVE-2024-49384 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2025-02-04 | N/A | 4.3 MEDIUM |
| Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | |||||
| CVE-2024-49382 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2025-02-04 | N/A | 4.3 MEDIUM |
| Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | |||||