Filtered by vendor Microsoft
Subscriptions
Total
23057 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-53921 | 2 Microsoft, Samsung | 2 Windows, Magician | 2025-06-03 | 2.8 Low |
| An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process. | ||||
| CVE-2025-5180 | 2 Microsoft, Wondershare | 2 Windows, Filmora | 2025-06-03 | 7 High |
| A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue is some unknown functionality in the library CRYPTBASE.dll of the file NFWCHK.exe of the component Installer. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-20683 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-06-03 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2024-20698 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-06-03 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2024-21305 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-06-03 | 4.4 Medium |
| Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability | ||||
| CVE-2024-21313 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-06-03 | 5.3 Medium |
| Windows TCP/IP Information Disclosure Vulnerability | ||||
| CVE-2024-20672 | 1 Microsoft | 1 .net | 2025-06-03 | 7.5 High |
| .NET Denial of Service Vulnerability | ||||
| CVE-2024-0056 | 2 Microsoft, Redhat | 21 .net, .net Framework, Microsoft.data.sqlclient and 18 more | 2025-06-03 | 8.7 High |
| Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability | ||||
| CVE-2024-0057 | 2 Microsoft, Redhat | 19 .net, .net Framework, Powershell and 16 more | 2025-06-03 | 9.1 Critical |
| NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability | ||||
| CVE-2024-20652 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-06-03 | 8.1 High |
| Windows HTML Platforms Security Feature Bypass Vulnerability | ||||
| CVE-2024-20661 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-06-03 | 7.5 High |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||||
| CVE-2024-20663 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-06-03 | 6.5 Medium |
| Windows Message Queuing Client (MSMQC) Information Disclosure | ||||
| CVE-2024-21316 | 1 Microsoft | 10 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 7 more | 2025-06-03 | 6.1 Medium |
| Windows Server Key Distribution Service Security Feature Bypass | ||||
| CVE-2024-20681 | 1 Microsoft | 7 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 4 more | 2025-06-03 | 7.8 High |
| Windows Subsystem for Linux Elevation of Privilege Vulnerability | ||||
| CVE-2024-21319 | 2 Microsoft, Redhat | 5 .net, Identity Model, Visual Studio 2022 and 2 more | 2025-06-03 | 6.8 Medium |
| Microsoft Identity Denial of service vulnerability | ||||
| CVE-2024-21638 | 1 Microsoft | 1 Azure Ipam | 2025-06-03 | 9.1 Critical |
| Azure IPAM (IP Address Management) is a lightweight solution developed on top of the Azure platform designed to help Azure customers manage their IP Address space easily and effectively. By design there is no write access to customers' Azure environments as the Service Principal used is only assigned the Reader role at the root Management Group level. Until recently, the solution lacked the validation of the passed in authentication token which may result in attacker impersonating any privileged user to access data stored within the IPAM instance and subsequently from Azure, causing an elevation of privilege. This vulnerability has been patched in version 3.0.0. | ||||
| CVE-2024-43033 | 2 Jpress, Microsoft | 2 Jpress, Windows | 2025-06-03 | 8.8 High |
| JPress through 5.1.1 on Windows has an arbitrary file upload vulnerability that could cause arbitrary code execution via ::$DATA to AttachmentController, such as a .jsp::$DATA file to io.jpress.web.commons.controller.AttachmentController#upload. NOTE: this is unrelated to the attack vector for CVE-2024-32358. | ||||
| CVE-2024-21337 | 1 Microsoft | 1 Edge Chromium | 2025-06-03 | 5.2 Medium |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2023-49647 | 2 Microsoft, Zoom | 5 Windows, Meeting Software Development Kit, Video Software Development Kit and 2 more | 2025-06-03 | 8.8 High |
| Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2024-20721 | 2 Adobe, Microsoft | 2 Acrobat, Edge Chromium | 2025-06-03 | 5.5 Medium |
| Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||