Filtered by vendor Microsoft
Subscribe
Total
21519 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-21845 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
Windows Kernel Information Disclosure Vulnerability | |||||
CVE-2022-21844 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
HEVC Video Extensions Remote Code Execution Vulnerability | |||||
CVE-2022-21843 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | |||||
CVE-2022-21842 | 1 Microsoft | 2 Sharepoint Enterprise Server, Word | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
Microsoft Word Remote Code Execution Vulnerability | |||||
CVE-2022-21841 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
Microsoft Excel Remote Code Execution Vulnerability | |||||
CVE-2022-21840 | 1 Microsoft | 6 Excel, Office, Office Online Server and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
Microsoft Office Remote Code Execution Vulnerability | |||||
CVE-2022-21839 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2024-11-21 | 2.1 LOW | 6.1 MEDIUM |
Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability | |||||
CVE-2022-21838 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 5.5 MEDIUM |
Windows Cleanup Manager Elevation of Privilege Vulnerability | |||||
CVE-2022-21837 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 9.0 HIGH | 8.3 HIGH |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
CVE-2022-21836 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
Windows Certificate Spoofing Vulnerability | |||||
CVE-2022-21835 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
Microsoft Cryptographic Services Elevation of Privilege Vulnerability | |||||
CVE-2022-21834 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.0 HIGH |
Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability | |||||
CVE-2022-21833 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
Virtual Machine IDE Drive Elevation of Privilege Vulnerability | |||||
CVE-2022-21821 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity. | |||||
CVE-2022-21817 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Omniverse Launcher | 2024-11-21 | 5.8 MEDIUM | 9.3 CRITICAL |
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity. | |||||
CVE-2022-21815 | 2 Microsoft, Nvidia | 10 Windows, Cloud Gaming Guest, Geforce and 7 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash. | |||||
CVE-2022-21221 | 2 Fasthttp Project, Microsoft | 2 Fasthttp, Windows | 2024-11-21 | 5.0 MEDIUM | 5.9 MEDIUM |
The package github.com/valyala/fasthttp before 1.34.0 are vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. **Note:** This security issue impacts Windows users only. | |||||
CVE-2022-21155 | 4 Apple, Fernhillsoftware, Linux and 1 more | 4 Macos, Scada Server, Linux Kernel and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause an exception, causing the server process (FHSvrService.exe) to exit. | |||||
CVE-2022-1992 | 2 Gogs, Microsoft | 2 Gogs, Windows | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
Path Traversal in GitHub repository gogs/gogs prior to 0.12.9. | |||||
CVE-2022-1901 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2024-11-21 | N/A | 5.3 MEDIUM |
In affected versions of Octopus Deploy it is possible to unmask sensitive variables by using variable preview. |