Filtered by vendor Microsoft
Subscribe
Total
21888 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-20667 | 1 Microsoft | 1 Azure Devops Server | 2024-11-21 | N/A | 7.5 HIGH |
| Azure DevOps Server Remote Code Execution Vulnerability | |||||
| CVE-2024-20666 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-11-21 | N/A | 6.6 MEDIUM |
| BitLocker Security Feature Bypass Vulnerability | |||||
| CVE-2024-20664 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Microsoft Message Queuing Information Disclosure Vulnerability | |||||
| CVE-2024-20663 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Windows Message Queuing Client (MSMQC) Information Disclosure | |||||
| CVE-2024-20662 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-11-21 | N/A | 4.9 MEDIUM |
| Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability | |||||
| CVE-2024-20660 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Microsoft Message Queuing Information Disclosure Vulnerability | |||||
| CVE-2024-20658 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | |||||
| CVE-2024-20657 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.0 HIGH |
| Windows Group Policy Elevation of Privilege Vulnerability | |||||
| CVE-2024-20656 | 1 Microsoft | 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
| Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2024-20655 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-11-21 | N/A | 6.6 MEDIUM |
| Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability | |||||
| CVE-2024-20654 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.0 HIGH |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-20653 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft Common Log File System Elevation of Privilege Vulnerability | |||||
| CVE-2024-20652 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.1 HIGH |
| Windows HTML Platforms Security Feature Bypass Vulnerability | |||||
| CVE-2024-1149 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
| Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2. | |||||
| CVE-2024-0770 | 2 Echa.europa, Microsoft | 2 Iuclid, Windows | 2024-11-21 | 3.2 LOW | 4.4 MEDIUM |
| A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID 7.10.3 on Windows. Affected is an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulation leads to incorrect default permissions. The attack needs to be approached locally. VDB-251670 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-0725 | 2 Microsoft, Prosshd | 2 Windows, Prosshd | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in ProSSHD 1.2 on Windows. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251548. | |||||
| CVE-2024-0723 | 2 Freesshd, Microsoft | 2 Freesshd, Windows | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in freeSSHd 1.0.9 on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251547. | |||||
| CVE-2024-0310 | 2 Microsoft, Trellix | 2 Windows, Endpoint Security Web Control | 2024-11-21 | N/A | 6.1 MEDIUM |
| A content-security-policy vulnerability in ENS Control browser extension prior to 10.7.0 Update 15 allows a remote attacker to alter the response header parameter setting to switch the content security policy into report-only mode, allowing an attacker to bypass the content-security-policy configuration. | |||||
| CVE-2024-0206 | 2 Microsoft, Trellix | 2 Windows, Anti-malware Engine | 2024-11-21 | N/A | 7.1 HIGH |
| A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files | |||||
| CVE-2024-0092 | 6 Canonical, Citrix, Microsoft and 3 more | 14 Ubuntu Linux, Hypervisor, Azure Stack Hci and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service. | |||||