Products
Other
473 CVEs since tracking began. Latest: 2026-06.
Total CVEs
473
Critical
102
Important
362
Exploited
9
Publicly Disclosed
21
All CVEs for this product 473
| CVE | Title | Severity | CVSS | Component | Month | Exploited | Disclosed |
|---|---|---|---|---|---|---|---|
| CVE-2026-47655 | Microsoft Graph Information Disclosure Vulnerability | Critical | 6.5 |
Microsoft Graph | 2026-06 | - | - |
| CVE-2026-47633 | Microsoft Cost Management Information Disclosure Vulnerability | Critical | 7.5 |
Cost Management Interactive Experiences | 2026-06 | - | - |
| CVE-2026-42895 | Microsoft Copilot Tampering Vulnerability | Critical | 6.5 |
Microsoft Copilot | 2026-06 | - | - |
| CVE-2026-54130 | M365 Copilot Information Disclosure Vulnerability | Critical | 9.8 |
M365 Copilot | 2026-06 | - | - |
| CVE-2026-42902 | Microsoft PowerToys Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft PowerToys | 2026-06 | - | - |
| CVE-2026-45650 | Microsoft Bing Search Spoofing Vulnerability | Important | 4.3 |
Microsoft Bing | 2026-06 | - | - |
| CVE-2026-49161 | Microsoft PC Manager Security Feature Bypass Vulnerability | Important | 7.8 |
Microsoft PC Manager | 2026-06 | - | - |
| CVE-2026-26142 | Nuance PowerScribe Remote Code Execution Vulnerability | Critical | 9.8 |
Nuance PowerScribe | 2026-06 | - | - |
| CVE-2026-50656 | Microsoft Defender Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Defender | 2026-06 | - | Yes |
| CVE-2026-50519 | Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability | Important | 6.5 |
GitHub Copilot and Visual Studio Code | 2026-06 | - | - |
| CVE-2026-42835 | Microsoft Teams for Android Information Disclosure Vulnerability | Important | 8.1 |
Microsoft Teams for Android | 2026-06 | - | - |
| CVE-2026-45476 | Microsoft Azure Network Adapter Elevation of Privilege Vulnerability | Critical | 8.2 |
Linux MANA Driver | 2026-06 | - | - |
| CVE-2026-45644 | Microsoft Live Share Canvas SDK Elevation of Privilege Vulnerability | Important | 8 |
Microsoft Live Share Canvas SDK | 2026-06 | - | - |
| CVE-2026-45647 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | Important | 5.5 |
Microsoft Defender for Endpoint | 2026-06 | - | - |
| CVE-2026-50511 | Microsoft PC Manager Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft PC Manager | 2026-06 | - | - |
| CVE-2026-50512 | Microsoft PC Manager Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft PC Manager | 2026-06 | - | - |
| CVE-2026-45497 | Microsoft M365 Copilot Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Copilot | 2026-06 | - | - |
| CVE-2026-42824 | M365 Copilot Information Disclosure Vulnerability | Critical | 7.5 |
M365 Copilot | 2026-06 | - | - |
| CVE-2026-48579 | Microsoft Exchange Online Information Disclosure Vulnerability | Critical | 7.5 |
Microsoft Exchange Online | 2026-06 | - | - |
| CVE-2026-48582 | Microsoft Exchange Online Elevation of Privilege Vulnerability | Critical | 9.6 |
Microsoft Exchange Online | 2026-06 | - | - |
| CVE-2026-47645 | Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability | Critical | 8.8 |
Microsoft 365 Copilot's Business Chat | 2026-06 | - | - |
| CVE-2026-23652 | Microsoft Power Pages Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Power Pages | 2026-05 | - | - |
| CVE-2026-42827 | M365 Copilot Information Disclosure Vulnerability | Critical | 7.5 |
M365 Copilot | 2026-05 | - | - |
| CVE-2026-41090 | Microsoft Copilot Tampering Vulnerability | Critical | 9.3 |
Microsoft Copilot | 2026-05 | - | - |
| CVE-2026-40374 | Microsoft Power Automate Desktop Information Disclosure Vulnerability | Important | 6.5 |
Power Automate | 2026-05 | - | - |
| CVE-2026-41094 | Microsoft Data Formulator Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Data Formulator | 2026-05 | - | - |
| CVE-2026-41614 | M365 Copilot for Desktop Spoofing Vulnerability | Important | 6.2 |
M365 Copilot for Desktop | 2026-05 | - | - |
| CVE-2026-32185 | Microsoft Teams Spoofing Vulnerability | Important | 5.5 |
Microsoft Teams | 2026-05 | - | - |
| CVE-2026-41615 | Microsoft Authenticator Information Disclosure Vulnerability | Critical | 7.4 |
Microsoft Authenticator | 2026-05 | - | - |
| CVE-2026-45498 | Microsoft Defender Denial of Service Vulnerability | Low | 7.5 |
Microsoft Defender | 2026-05 | Yes | Yes |
| CVE-2026-41103 | Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability | Critical | 9.1 |
Microsoft SSO Plugin for Jira & Confluence | 2026-05 | - | - |
| CVE-2026-45584 | Microsoft Defender Remote Code Execution Vulnerability | Critical | 8.1 |
Microsoft Defender | 2026-05 | - | - |
| CVE-2026-41091 | Microsoft Defender Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Defender | 2026-05 | Yes | Yes |
| CVE-2026-26129 | M365 Copilot Information Disclosure Vulnerability | Critical | 7.5 |
M365 Copilot | 2026-05 | - | - |
| CVE-2026-26164 | M365 Copilot Information Disclosure Vulnerability | Critical | 7.5 |
M365 Copilot | 2026-05 | - | - |
| CVE-2026-33823 | Microsoft Team Events Portal Information Disclosure Vulnerability | Critical | 6.5 |
Microsoft Teams | 2026-05 | - | - |
| CVE-2026-34327 | Microsoft Partner Center Spoofing Vulnerability | Critical | 8.2 |
Microsoft Partner Center | 2026-05 | - | - |
| CVE-2026-41104 | Microsoft Planetary Computer Pro Information Disclosure Vulnerability | Critical | 7.5 |
Microsoft Planetary Computer Pro | 2026-05 | - | - |
| CVE-2026-42901 | Microsoft Entra ID Elevation of Privilege Vulnerability | Critical | 10 |
Microsoft Entra ID | 2026-05 | - | - |
| CVE-2026-33102 | Microsoft 365 Copilot Elevation of Privilege Vulnerability | Critical | 9.3 |
M365 Copilot | 2026-04 | - | - |
| CVE-2026-33819 | Microsoft Bing Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Bing | 2026-04 | - | - |
| CVE-2026-26149 | Microsoft Power Apps Desktop Client Spoofing Vulnerability | Important | 9 |
Microsoft Power Apps | 2026-04 | - | - |
| CVE-2026-32184 | Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft High Performance Compute Pack (HPC) | 2026-04 | - | - |
| CVE-2026-33120 | Microsoft SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2026-04 | - | - |
| CVE-2026-33825 | Microsoft Defender Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Defender | 2026-04 | - | Yes |
| CVE-2026-32186 | Microsoft Bing Elevation of Privilege Vulnerability | Critical | 9.8 |
Microsoft Bing | 2026-04 | - | - |
| CVE-2026-26143 | Microsoft PowerShell Security Feature Bypass Vulnerability | Important | 7.8 |
Microsoft PowerShell | 2026-04 | - | - |
| CVE-2026-26150 | Microsoft Purview eDiscovery Elevation of Privilege Vulnerability | Critical | 10 |
Microsoft Purview | 2026-04 | - | - |
| CVE-2026-24303 | Microsoft Partner Center Elevation of Privilege Vulnerability | Critical | 9.6 |
Microsoft Partner Center | 2026-04 | - | - |
| CVE-2026-35431 | Microsoft Entra ID Entitlement Management Spoofing Vulnerability | Critical | 10 |
Microsoft Entra ID Entitlement Management | 2026-04 | - | - |
| CVE-2026-32172 | Microsoft Power Apps Remote Code Execution Vulnerability | Critical | 8 |
Microsoft Power Apps | 2026-04 | - | - |
| CVE-2026-20967 | System Center Operations Manager (SCOM) Elevation of Privilege Vulnerability | Important | 8.8 |
System Center Operations Manager | 2026-03 | - | - |
| CVE-2026-26116 | SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2026-03 | - | - |
| CVE-2026-21536 | Microsoft Devices Pricing Program Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Devices Pricing Program | 2026-03 | - | - |
| CVE-2026-26125 | Payment Orchestrator Service Elevation of Privilege Vulnerability | Critical | 9.8 |
Payment Orchestrator Service | 2026-03 | - | - |
| CVE-2026-26139 | Microsoft Purview Elevation of Privilege Vulnerability | Critical | 8.6 |
Microsoft Purview | 2026-03 | - | - |
| CVE-2026-26138 | Microsoft Purview Elevation of Privilege Vulnerability | Critical | 10 |
Microsoft Purview | 2026-03 | - | - |
| CVE-2026-32191 | Microsoft Bing Images Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Bing Images | 2026-03 | - | - |
| CVE-2026-26120 | Microsoft Bing Tampering Vulnerability | Critical | 7.5 |
Microsoft Bing | 2026-03 | - | - |
| CVE-2026-24299 | M365 Copilot Information Disclosure Vulnerability | Critical | 5.3 |
M365 Copilot | 2026-03 | - | - |
| CVE-2026-26136 | Microsoft Copilot Information Disclosure Vulnerability | Critical | 7.5 |
Microsoft Copilot | 2026-03 | - | - |
| CVE-2026-26137 | Microsoft Exchange Elevation of Privilege Vulnerability | Critical | 9.9 |
Microsoft Exchange | 2026-03 | - | - |
| CVE-2026-32194 | Microsoft Bing Images Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Bing Images | 2026-03 | - | - |
| CVE-2026-23654 | GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerability | Important | 8.8 |
GitHub Repo: zero-shot-scfoundation | 2026-03 | - | - |
| CVE-2026-26123 | Microsoft Authenticator Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Authenticator | 2026-03 | - | - |
| CVE-2026-21229 | Power BI Remote Code Execution Vulnerability | Important | 8.8 |
Power BI | 2026-02 | - | - |
| CVE-2026-21522 | Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability | Critical | 6.7 |
Azure Compute Gallery | 2026-02 | - | - |
| CVE-2026-21535 | Microsoft Teams Information Disclosure Vulnerability | Critical | 7.5 |
Microsoft Teams | 2026-02 | - | - |
| CVE-2026-21537 | Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Defender for Linux | 2026-02 | - | - |
| CVE-2026-21516 | GitHub Copilot for Jetbrains Remote Code Execution Vulnerability | Important | 7.8 |
Github Copilot | 2026-02 | - | - |
| CVE-2026-20803 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 7.2 |
SQL Server | 2026-01 | - | - |
| CVE-2026-21520 | Copilot Studio Information Disclosure Vulnerability | Critical | 7.5 |
Copilot Studio | 2026-01 | - | - |
| CVE-2026-24307 | M365 Copilot Information Disclosure Vulnerability | Critical | 7.5 |
M365 Copilot | 2026-01 | - | - |
| CVE-2026-21521 | Word Copilot Information Disclosure Vulnerability | Critical | 7.4 |
Copilot | 2026-01 | - | - |
| CVE-2026-21264 | Microsoft Account Spoofing Vulnerability | Critical | 6.1 |
Microsoft Account | 2026-01 | - | - |
| CVE-2026-20960 | PowerApps Desktop Client Remote Code Execution Vulnerability | Important | 8 |
Microsoft Power Apps | 2026-01 | - | - |
| CVE-2025-62469 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Brokering File System | 2025-12 | - | - |
| CVE-2025-62572 | Application Information Service Elevation of Privilege Vulnerability | Important | 7.8 |
Application Information Services | 2025-12 | - | - |
| CVE-2025-64671 | GitHub Copilot for Jetbrains Remote Code Execution Vulnerability | Important | 7.8 |
Copilot | 2025-12 | - | Yes |
| CVE-2025-65041 | Microsoft Partner Center Elevation of Privilege Vulnerability | Critical | 9.8 |
Microsoft Partner Center | 2025-12 | - | - |
| CVE-2025-64676 | Microsoft Purview eDiscovery Remote Code Execution Vulnerability | Critical | 7.2 |
Microsoft Purview | 2025-12 | - | - |
| CVE-2025-64656 | Azure Application Gateway Elevation of Privilege Vulnerability | Critical | 9.8 |
Application Gateway | 2025-11 | - | - |
| CVE-2025-60722 | Microsoft OneDrive for Android Elevation of Privilege Vulnerability | Important | 6.5 |
OneDrive for Android | 2025-11 | - | - |
| CVE-2025-49752 | Azure Bastion Elevation of Privilege Vulnerability | Critical | 10 |
Software for Open Networking in the Cloud (SONiC) | 2025-11 | - | - |
| CVE-2025-47179 | Configuration Manager Elevation of Privilege Vulnerability | Important | 6.7 |
Microsoft Configuration Manager | 2025-11 | - | - |
| CVE-2025-62459 | Microsoft Defender Portal Spoofing Vulnerability | Critical | 6.1 |
Microsoft Defender Portal | 2025-11 | - | - |
| CVE-2025-30398 | Nuance PowerScribe 360 Information Disclosure Vulnerability | Critical | 8.1 |
Nuance PowerScribe | 2025-11 | - | - |
| CVE-2025-55320 | Configuration Manager Elevation of Privilege Vulnerability | Important | 6.8 |
Microsoft Configuration Manager | 2025-10 | - | - |
| CVE-2025-59250 | JDBC Driver for SQL Server Spoofing Vulnerability | Important | 8.1 |
JDBC Driver for SQL Server | 2025-10 | - | - |
| CVE-2025-59281 | Xbox Gaming Services Elevation of Privilege Vulnerability | Important | 7.8 |
XBox Gaming Services | 2025-10 | - | - |
| CVE-2025-59288 | Playwright Spoofing Vulnerability | Moderate | 5.3 |
Github: Playwright | 2025-10 | - | - |
| CVE-2025-59213 | Configuration Manager Elevation of Privilege Vulnerability | Important | 8.8 |
Microsoft Configuration Manager | 2025-10 | - | - |
| CVE-2025-59497 | Microsoft Defender for Linux Denial of Service Vulnerability | Important | 4.7 |
Microsoft Defender for Linux | 2025-10 | - | - |
| CVE-2025-59252 | M365 Copilot Information Disclosure Vulnerability | Critical | 9.3 |
Copilot | 2025-10 | - | - |
| CVE-2025-59271 | Redis Enterprise Elevation of Privilege Vulnerability | Critical | 8.7 |
Redis Enterprise | 2025-10 | - | - |
| CVE-2025-59272 | Copilot Information Disclosure Vulnerability | Critical | 9.3 |
Copilot | 2025-10 | - | - |
| CVE-2025-59286 | Copilot Information Disclosure Vulnerability | Critical | 9.3 |
Copilot | 2025-10 | - | - |
| CVE-2025-59501 | Microsoft Configuration Manager Spoofing Vulnerability | Important | 4.8 |
Microsoft Configuration Manager | 2025-10 | - | - |
| CVE-2025-55232 | Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability | Important | 9.8 |
Microsoft High Performance Compute Pack (HPC) | 2025-09 | - | - |
| CVE-2025-55245 | Xbox Gaming Services Elevation of Privilege Vulnerability | Important | 7.8 |
XBox Gaming Services | 2025-09 | - | - |
| CVE-2025-55317 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft AutoUpdate (MAU) | 2025-09 | - | - |
| CVE-2025-54108 | Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability | Important | 7 |
Capability Access Management Service (camsvc) | 2025-09 | - | - |
| CVE-2025-55242 | Xbox Certification Bug Copilot Djando Information Disclosure Vulnerability | Critical | 7.5 |
Xbox | 2025-09 | - | - |
| CVE-2025-53772 | Web Deploy Remote Code Execution Vulnerability | Important | 8.8 |
Web Deploy | 2025-08 | - | - |
| CVE-2025-50165 | Windows Graphics Component Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Graphics Component | 2025-08 | - | - |
| CVE-2025-47954 | Microsoft SQL Server Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2025-08 | - | - |
| CVE-2025-53783 | Microsoft Teams Remote Code Execution Vulnerability | Important | 7.5 |
Microsoft Teams | 2025-08 | - | - |
| CVE-2025-53774 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | Critical | 7.5 |
Microsoft 365 Copilot's Business Chat | 2025-08 | - | - |
| CVE-2025-53787 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | Critical | 7.5 |
Microsoft 365 Copilot's Business Chat | 2025-08 | - | - |
| CVE-2025-49717 | Microsoft SQL Server Remote Code Execution Vulnerability | Important | 8.5 |
SQL Server | 2025-07 | - | - |
| CVE-2025-49731 | Microsoft Teams Elevation of Privilege Vulnerability | Important | 3.1 |
Microsoft Teams | 2025-07 | - | - |
| CVE-2025-47178 | Microsoft Configuration Manager Remote Code Execution Vulnerability | Important | 8 |
Microsoft Configuration Manager | 2025-07 | - | - |
| CVE-2025-49718 | Microsoft SQL Server Information Disclosure Vulnerability | Important | 7.5 |
SQL Server | 2025-07 | - | - |
| CVE-2025-49737 | Microsoft Teams Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Teams | 2025-07 | - | - |
| CVE-2025-49738 | Microsoft PC Manager Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft PC Manager | 2025-07 | - | - |
| CVE-2025-53762 | Microsoft Purview Elevation of Privilege Vulnerability | Critical | 9.9 |
Microsoft Purview | 2025-07 | - | - |
| CVE-2025-47966 | Power Automate Elevation of Privilege Vulnerability | Critical | 9.8 |
Power Automate | 2025-06 | - | - |
| CVE-2025-32711 | M365 Copilot Information Disclosure Vulnerability | Critical | 7.5 |
M365 Copilot | 2025-06 | - | - |
| CVE-2025-33069 | Windows App Control for Business Security Feature Bypass Vulnerability | Important | 5.1 |
App Control for Business (WDAC) | 2025-06 | - | - |
| CVE-2025-47968 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft AutoUpdate (MAU) | 2025-06 | - | - |
| CVE-2025-47977 | Nuance Digital Engagement Platform Spoofing Vulnerability | Important | 8.2 |
Nuance Digital Engagement Platform | 2025-06 | - | - |
| CVE-2025-26684 | Microsoft Defender Elevation of Privilege Vulnerability | Important | 6.7 |
Microsoft Defender for Endpoint | 2025-05 | - | - |
| CVE-2025-29975 | Microsoft PC Manager Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft PC Manager | 2025-05 | - | - |
| CVE-2025-29826 | Microsoft Dataverse Elevation of Privilege Vulnerability | Important | 8.8 |
Microsoft Dataverse | 2025-05 | - | - |
| CVE-2025-26685 | Microsoft Defender for Identity Spoofing Vulnerability | Important | 6.5 |
Microsoft Defender for Identity | 2025-05 | - | Yes |
| CVE-2025-47733 | Microsoft Power Apps Information Disclosure Vulnerability | Critical | 7.5 |
Microsoft Power Apps | 2025-05 | - | - |
| CVE-2025-47732 | Microsoft Dataverse Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Dataverse | 2025-05 | - | - |
| CVE-2025-47161 | Microsoft Defender for Endpoint Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Defender for Endpoint for Linux | 2025-05 | - | - |
| CVE-2025-27743 | Microsoft System Center Elevation of Privilege Vulnerability | Important | 7.8 |
System Center | 2025-04 | - | - |
| CVE-2025-29817 | Microsoft Power Automate Desktop Information Disclosure Vulnerability | Important | 5.7 |
Power Automate | 2025-04 | - | - |
| CVE-2025-29800 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft AutoUpdate (MAU) | 2025-04 | - | - |
| CVE-2025-29801 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft AutoUpdate (MAU) | 2025-04 | - | - |
| CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability | Important | 7.5 |
.NET | 2025-03 | - | - |
| CVE-2025-29807 | Microsoft Dataverse Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Dataverse | 2025-03 | - | - |
| CVE-2025-29814 | Microsoft Partner Center Elevation of Privilege Vulnerability | Critical | 8.8 |
Microsoft Partner Center | 2025-03 | - | - |
| CVE-2025-24053 | Microsoft Dataverse Elevation of Privilege Vulnerability | Critical | 7.2 |
Microsoft Dataverse | 2025-03 | - | - |
| CVE-2025-24036 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important | 7 |
Microsoft AutoUpdate (MAU) | 2025-02 | - | - |
| CVE-2025-21194 | Microsoft Surface Security Feature Bypass Vulnerability | Important | 7.1 |
Microsoft Surface | 2025-02 | - | Yes |
| CVE-2025-21198 | Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability | Important | 9 |
Microsoft High Performance Compute Pack (HPC) Linux Node Agent | 2025-02 | - | - |
| CVE-2025-21322 | Microsoft PC Manager Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft PC Manager | 2025-02 | - | - |
| CVE-2025-21355 | Microsoft Bing Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Bing | 2025-02 | - | - |
| CVE-2025-24989 | Microsoft Power Pages Elevation of Privilege Vulnerability | Critical | 9.8 |
Microsoft Power Pages | 2025-02 | Yes | - |
| CVE-2025-21403 | On-Premises Data Gateway Information Disclosure Vulnerability | Important | 6.4 |
Microsoft Azure Gateway Manager | 2025-01 | - | - |
| CVE-2025-21187 | Microsoft Power Automate Remote Code Execution Vulnerability | Important | 7.8 |
Power Automate | 2025-01 | - | - |
| CVE-2025-21385 | Microsoft Purview Information Disclosure Vulnerability | Critical | 6.5 |
Microsoft Purview | 2025-01 | - | - |
| CVE-2025-21396 | Microsoft Account Elevation of Privilege Vulnerability | Critical | 8.2 |
Microsoft Account | 2025-01 | - | - |
| CVE-2025-21360 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft AutoUpdate (MAU) | 2025-01 | - | - |
| CVE-2024-43594 | Microsoft System Center Elevation of Privilege Vulnerability | Important | 7.3 |
System Center | 2024-12 | - | - |
| CVE-2024-49057 | Microsoft Defender for Endpoint on Android Spoofing Vulnerability | Important | 8.1 |
Microsoft Defender for Endpoint | 2024-12 | - | - |
| CVE-2024-49147 | Microsoft Update Catalog Elevation of Privilege Vulnerability | Critical | 9.8 |
Microsoft Update Catalog | 2024-12 | - | - |
| CVE-2024-49063 | Microsoft/Muzic Remote Code Execution Vulnerability | Important | 8.4 |
GitHub | 2024-12 | - | - |
| CVE-2024-49056 | Airlift.microsoft.com Elevation of Privilege Vulnerability | Critical | 8.8 |
Airlift.microsoft.com | 2024-11 | - | - |
| CVE-2024-49038 | Microsoft Copilot Studio Elevation Of Privilege Vulnerability | Critical | 9.6 |
Copilot Studio | 2024-11 | - | - |
| CVE-2024-49035 | Partner.Microsoft.Com Elevation of Privilege Vulnerability | Critical | 9.8 |
Microsoft Partner Center | 2024-11 | Yes | - |
| CVE-2024-43598 | LightGBM Remote Code Execution Vulnerability | Important | 8.1 |
LightGBM | 2024-11 | - | - |
| CVE-2024-49048 | TorchGeo Remote Code Execution Vulnerability | Important | 8.1 |
TorchGeo | 2024-11 | - | - |
| CVE-2024-49051 | Microsoft PC Manager Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft PC Manager | 2024-11 | - | - |
| CVE-2024-43481 | Power BI Report Server Spoofing Vulnerability | Important | 8.8 |
Power BI | 2024-10 | - | - |
| CVE-2024-43612 | Power BI Report Server Spoofing Vulnerability | Important | 4.7 |
Power BI | 2024-10 | - | - |
| CVE-2024-43497 | DeepSpeed Remote Code Execution Vulnerability | Important | 7.8 |
DeepSpeed | 2024-10 | - | - |
| CVE-2024-43468 | Microsoft Configuration Manager Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Configuration Manager | 2024-10 | - | - |
| CVE-2024-43614 | Microsoft Defender for Endpoint for Linux Spoofing Vulnerability | Important | 5.5 |
Microsoft Defender for Endpoint | 2024-10 | - | - |
| CVE-2024-43610 | Copilot Studio Information Disclosure Vulnerability | Unknown | 7.5 |
Copilot Studio | 2024-10 | - | - |
| CVE-2024-37338 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-09 | - | - |
| CVE-2024-37966 | Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | Important | 7.1 |
SQL Server | 2024-09 | - | - |
| CVE-2024-37335 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-09 | - | - |
| CVE-2024-37340 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-09 | - | - |
| CVE-2024-37339 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-09 | - | - |
| CVE-2024-37337 | Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | Important | 4.3 |
SQL Server | 2024-09 | - | - |
| CVE-2024-37342 | Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | Important | 4.3 |
SQL Server | 2024-09 | - | - |
| CVE-2024-26186 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-09 | - | - |
| CVE-2024-26191 | Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-09 | - | - |
| CVE-2024-43474 | Microsoft SQL Server Information Disclosure Vulnerability | Important | 7.5 |
SQL Server | 2024-09 | - | - |
| CVE-2024-43492 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft AutoUpdate (MAU) | 2024-09 | - | - |
| CVE-2024-43479 | Microsoft Power Automate Desktop Remote Code Execution Vulnerability | Important | 8.5 |
Power Automate | 2024-09 | - | - |
| CVE-2024-38183 | GroupMe Elevation of Privilege Vulnerability | Critical | 9.8 |
GroupMe | 2024-09 | - | - |
| CVE-2024-38197 | Microsoft Teams for iOS Spoofing Vulnerability | Important | 6.5 |
Microsoft Teams | 2024-08 | - | - |
| CVE-2024-43477 | Microsoft Entra ID Elevation of Privilege Vulnerability | Critical | 7.5 |
Entra ID | 2024-08 | - | - |
| CVE-2024-38177 | Windows App Installer Spoofing Vulnerability | Important | 7.8 |
Windows App Installer | 2024-08 | - | - |
| CVE-2024-38206 | Microsoft Copilot Studio Information Disclosure Vulnerability | Critical | 6.5 |
Microsoft Copilot Studio | 2024-08 | - | - |
| CVE-2024-37334 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-07 | - | - |
| CVE-2024-38089 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Important | 9.9 |
Microsoft Defender for IoT | 2024-07 | - | - |
| CVE-2024-38176 | GroupMe Elevation of Privilege Vulnerability | Critical | 8.1 |
GroupMe | 2024-07 | - | - |
| CVE-2024-38164 | GroupMe Elevation of Privilege Vulnerability | Critical | 8.8 |
GroupMe | 2024-07 | - | - |
| CVE-2024-35260 | Microsoft Dataverse Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Dataverse | 2024-06 | - | - |
| CVE-2024-30059 | Microsoft Intune for Android Mobile Application Management Tampering Vulnerability | Important | 5.5 |
Microsoft Intune | 2024-05 | - | - |
| CVE-2024-30041 | Microsoft Bing Search Spoofing Vulnerability | Important | 5.4 |
Microsoft Bing | 2024-05 | - | - |
| CVE-2024-30054 | Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability | Important | 6.5 |
Power BI | 2024-05 | - | - |
| CVE-2024-28906 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28908 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28909 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28910 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28911 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28912 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28913 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28914 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28915 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28939 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28942 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28945 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-29045 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 7.5 |
SQL Server | 2024-04 | - | - |
| CVE-2024-29047 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-21322 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Critical | 7.2 |
Microsoft Defender for IoT | 2024-04 | - | - |
| CVE-2024-21323 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Defender for IoT | 2024-04 | - | - |
| CVE-2024-21324 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Important | 7.2 |
Microsoft Defender for IoT | 2024-04 | - | - |
| CVE-2024-28926 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28927 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28940 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-28944 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-29044 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-29046 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-29048 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-29053 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Defender for IoT | 2024-04 | - | - |
| CVE-2024-29055 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Important | 7.2 |
Microsoft Defender for IoT | 2024-04 | - | - |
| CVE-2024-29054 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Important | 7.2 |
Microsoft Defender for IoT | 2024-04 | - | - |
| CVE-2024-29982 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-29983 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-29984 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-29985 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2024-04 | - | - |
| CVE-2024-26201 | Microsoft Intune Linux Agent Elevation of Privilege Vulnerability | Important | 6.6 |
Microsoft Intune | 2024-03 | - | - |
| CVE-2024-26164 | Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Django Backend for SQL Server | 2024-03 | - | - |
| CVE-2024-21390 | Microsoft Authenticator Elevation of Privilege Vulnerability | Important | 7.1 |
Microsoft Authenticator | 2024-03 | - | - |
| CVE-2024-21334 | Open Management Infrastructure (OMI) Remote Code Execution Vulnerability | Important | 9.8 |
Open Management Infrastructure | 2024-03 | - | - |
| CVE-2024-21418 | Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability | Important | 7.8 |
Software for Open Networking in the Cloud (SONiC) | 2024-03 | - | - |
| CVE-2024-21448 | Microsoft Teams for Android Information Disclosure Vulnerability | Important | 5 |
Microsoft Teams for Android | 2024-03 | - | - |
| CVE-2024-21411 | Skype for Consumer Remote Code Execution Vulnerability | Important | 8.8 |
Skype for Consumer | 2024-03 | - | - |
| CVE-2024-28916 | Unknown | Important | 8.8 |
XBox Crypto Graphic Services | 2024-03 | - | Yes |
| CVE-2024-21401 | Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability | Important | 9.8 |
Azure Active Directory | 2024-02 | - | - |
| CVE-2024-20695 | Skype for Business Information Disclosure Vulnerability | Important | 5.7 |
Skype for Business | 2024-02 | - | - |
| CVE-2024-21374 | Microsoft Teams for Android Information Disclosure Vulnerability | Important | 5 |
Microsoft Teams for Android | 2024-02 | - | - |
| CVE-2024-21325 | Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Devices | 2024-01 | - | - |
| CVE-2023-36010 | Microsoft Defender Denial of Service Vulnerability | Important | 7.5 |
Windows Defender | 2023-12 | - | - |
| CVE-2023-38151 | Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability | Important | 8.8 |
Azure | 2023-11 | - | - |
| CVE-2023-36052 | Azure CLI REST Command Information Disclosure Vulnerability | Critical | 8.6 |
Azure | 2023-11 | - | - |
| CVE-2023-36043 | Open Management Infrastructure Information Disclosure Vulnerability | Important | 6.5 |
Open Management Infrastructure | 2023-11 | - | - |
| CVE-2023-36021 | Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability | Important | 8 |
Azure | 2023-11 | - | - |
| CVE-2023-36013 | PowerShell Information Disclosure Vulnerability | Important | 6.5 |
Microsoft PowerShell | 2023-11 | - | - |
| CVE-2023-36786 | Skype for Business Remote Code Execution Vulnerability | Important | 7.2 |
Skype for Business | 2023-10 | - | - |
| CVE-2023-36789 | Skype for Business Remote Code Execution Vulnerability | Important | 7.2 |
Skype for Business | 2023-10 | - | - |
| CVE-2023-41763 | Skype for Business Elevation of Privilege Vulnerability | Important | 5.3 |
Skype for Business | 2023-10 | Yes | Yes |
| CVE-2023-36417 | Microsoft SQL OLE DB Remote Code Execution Vulnerability | Important | 7.8 |
SQL Server | 2023-10 | - | - |
| CVE-2023-36780 | Skype for Business Remote Code Execution Vulnerability | Important | 7.2 |
Skype for Business | 2023-10 | - | - |
| CVE-2023-36566 | Microsoft Common Data Model SDK Denial of Service Vulnerability | Important | 6.5 |
Microsoft Common Data Model SDK | 2023-10 | - | - |
| CVE-2023-36736 | Microsoft Identity Linux Broker Remote Code Execution Vulnerability | Important | 4.4 |
Microsoft Identity Linux Broker | 2023-09 | - | - |
| CVE-2023-36773 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-09 | - | - |
| CVE-2023-36772 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-09 | - | - |
| CVE-2023-36771 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-09 | - | - |
| CVE-2023-36770 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-09 | - | - |
| CVE-2023-36760 | 3D Viewer Remote Code Execution Vulnerability | Important | 7.8 |
3D Viewer | 2023-09 | - | - |
| CVE-2023-36740 | 3D Viewer Remote Code Execution Vulnerability | Important | 7.8 |
3D Viewer | 2023-09 | - | - |
| CVE-2023-36739 | 3D Viewer Remote Code Execution Vulnerability | Important | 7.8 |
3D Viewer | 2023-09 | - | - |
| CVE-2023-38163 | Windows Defender Attack Surface Reduction Security Feature Bypass | Important | 7.8 |
Windows Defender | 2023-09 | - | - |
| CVE-2023-36876 | Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability | Important | 7.1 |
Reliability Analysis Metrics Calculation Engine | 2023-08 | - | - |
| CVE-2023-38170 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2023-08 | - | - |
| CVE-2023-29330 | Microsoft Teams Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Teams | 2023-08 | - | - |
| CVE-2023-29328 | Microsoft Teams Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Teams | 2023-08 | - | - |
| CVE-2023-32047 | Paint 3D Remote Code Execution Vulnerability | Important | 7.8 |
Paint 3D | 2023-07 | - | - |
| CVE-2023-35333 | MediaWiki PandocUpload Extension Remote Code Execution Vulnerability | Important | 7.5 |
Microsoft Media-Wiki Extensions | 2023-07 | - | - |
| CVE-2023-36872 | VP9 Video Extensions Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Windows Codecs Library | 2023-07 | - | - |
| CVE-2023-33156 | Microsoft Defender Elevation of Privilege Vulnerability | Important | 7 |
Windows Defender | 2023-07 | - | - |
| CVE-2023-32052 | Microsoft Power Apps (online) Spoofing Vulnerability | Important | 5.4 |
Microsoft Power Apps | 2023-07 | - | - |
| CVE-2023-35374 | Paint 3D Remote Code Execution Vulnerability | Important | 7.8 |
Paint 3D | 2023-07 | - | - |
| CVE-2023-35373 | Mono Authenticode Validation Spoofing Vulnerability | Important | 5.3 |
Mono Authenticode | 2023-07 | - | - |
| CVE-2023-32024 | Microsoft Power Apps Spoofing Vulnerability | Important | 3 |
Microsoft Power Apps | 2023-06 | - | - |
| CVE-2023-29337 | NuGet Client Remote Code Execution Vulnerability | Important | 7.1 |
NuGet Client | 2023-06 | - | - |
| CVE-2023-33140 | Microsoft OneNote Spoofing Vulnerability | Important | 6.5 |
Microsoft Office OneNote | 2023-06 | - | - |
| CVE-2023-33141 | Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability | Important | 7.5 |
ASP.NET | 2023-06 | - | - |
| CVE-2023-29340 | AV1 Video Extension Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2023-05 | - | - |
| CVE-2023-29341 | AV1 Video Extension Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2023-05 | - | - |
| CVE-2023-28290 | Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability | Important | 5.3 |
Windows RDP Client | 2023-05 | - | - |
| CVE-2023-24881 | Microsoft Teams Information Disclosure Vulnerability | Important | 6.5 |
Microsoft Teams | 2023-05 | - | - |
| CVE-2023-23375 | Microsoft ODBC and OLE DB Remote Code Execution Vulnerability | Important | 7.8 |
SQL Server | 2023-04 | - | - |
| CVE-2023-24860 | Microsoft Defender Denial of Service Vulnerability | Important | 7.5 |
Microsoft Defender for Endpoint | 2023-04 | - | - |
| CVE-2023-28304 | Microsoft ODBC and OLE DB Remote Code Execution Vulnerability | Important | 7.8 |
SQL Server | 2023-04 | - | - |
| CVE-2023-24934 | Microsoft Defender Security Feature Bypass Vulnerability | Important | 5.5 |
Windows Defender | 2023-04 | - | - |
| CVE-2023-23389 | Microsoft Defender Elevation of Privilege Vulnerability | Important | 6.3 |
Windows Defender | 2023-03 | - | - |
| CVE-2023-24923 | Microsoft OneDrive for Android Information Disclosure Vulnerability | Important | 5.5 |
Microsoft OneDrive | 2023-03 | - | - |
| CVE-2023-24882 | Microsoft OneDrive for Android Information Disclosure Vulnerability | Important | 5.5 |
Microsoft OneDrive | 2023-03 | - | - |
| CVE-2023-24930 | Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft OneDrive | 2023-03 | - | - |
| CVE-2023-24890 | Microsoft OneDrive for iOS Security Feature Bypass Vulnerability | Important | 6.5 |
Microsoft OneDrive | 2023-03 | - | - |
| CVE-2023-21806 | Power BI Report Server Spoofing Vulnerability | Important | 8.2 |
Power BI | 2023-02 | - | - |
| CVE-2023-21809 | Microsoft Defender for Endpoint Security Feature Bypass Vulnerability | Important | 7.8 |
Microsoft Defender for Endpoint | 2023-02 | - | - |
| CVE-2023-23378 | Print 3D Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-02 | - | - |
| CVE-2023-23379 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Defender for IoT | 2023-02 | - | - |
| CVE-2023-23377 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-02 | - | - |
| CVE-2023-23390 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-02 | - | - |
| CVE-2023-21721 | Microsoft OneNote Elevation of Privilege Vulnerability | Important | 6.5 |
Microsoft Office OneNote | 2023-02 | - | - |
| CVE-2023-21781 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21782 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21784 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21786 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21791 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21793 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21783 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21785 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21787 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21788 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21789 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21790 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2023-21792 | 3D Builder Remote Code Execution Vulnerability | Important | 7.8 |
3D Builder | 2023-01 | - | - |
| CVE-2022-37971 | Microsoft Windows Defender Elevation of Privilege Vulnerability | Important | 7.1 |
Windows Defender | 2022-10 | - | - |
| CVE-2022-35828 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Defender | 2022-09 | - | - |
| CVE-2022-38019 | AV1 Video Extension Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-09 | - | - |
| CVE-2022-37972 | Microsoft Endpoint Configuration Manager Spoofing Vulnerability | Important | 7.5 |
Microsoft Endpoint Configuration Manager | 2022-09 | - | Yes |
| CVE-2022-33640 | System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | Important | 7.8 |
System Center Operations Manager | 2022-08 | - | - |
| CVE-2022-33637 | Microsoft Defender for Endpoint Tampering Vulnerability | Important | 6.5 |
Microsoft Defender for Endpoint | 2022-07 | - | - |
| CVE-2022-33633 | Skype for Business and Lync Remote Code Execution Vulnerability | Important | 7.2 |
Skype for Business and Microsoft Lync | 2022-07 | - | - |
| CVE-2022-29119 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-06 | - | - |
| CVE-2022-22018 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-06 | - | - |
| CVE-2022-29111 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-06 | - | - |
| CVE-2022-30167 | AV1 Video Extension Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-06 | - | - |
| CVE-2022-30188 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-06 | - | - |
| CVE-2022-30168 | Microsoft Photos App Remote Code Execution Vulnerability | Important | 7.8 |
Windows App Store | 2022-06 | - | - |
| CVE-2022-30193 | AV1 Video Extension Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-06 | - | - |
| CVE-2022-23292 | Microsoft Power BI Spoofing Vulnerability | Important | 3.7 |
Power BI | 2022-04 | - | - |
| CVE-2022-24548 | Microsoft Defender Denial of Service Vulnerability | Important | 5.5 |
Windows Defender | 2022-04 | - | - |
| CVE-2022-24527 | Microsoft Endpoint Configuration Manager Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Endpoint Configuration Manager | 2022-04 | - | - |
| CVE-2022-24532 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-04 | - | - |
| CVE-2022-26910 | Skype for Business and Lync Spoofing Vulnerability | Important | 5.3 |
Skype for Business | 2022-04 | - | - |
| CVE-2022-26911 | Skype for Business Information Disclosure Vulnerability | Important | 6.5 |
Skype for Business | 2022-04 | - | - |
| CVE-2022-26924 | YARP Denial of Service Vulnerability | Important | 7.5 |
YARP reverse proxy | 2022-04 | - | - |
| CVE-2022-23265 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important | 7.2 |
Microsoft Defender for IoT | 2022-03 | - | - |
| CVE-2022-23266 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Defender for IoT | 2022-03 | - | - |
| CVE-2022-23301 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-03 | - | - |
| CVE-2022-22006 | HEVC Video Extensions Remote Code Execution Vulnerability | Critical | 7.8 |
Microsoft Windows Codecs Library | 2022-03 | - | - |
| CVE-2022-22007 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-03 | - | - |
| CVE-2022-24451 | VP9 Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-03 | - | - |
| CVE-2022-24452 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-03 | - | - |
| CVE-2022-24453 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-03 | - | - |
| CVE-2022-24501 | VP9 Video Extensions Remote Code Execution Vulnerability | Critical | 7.8 |
Microsoft Windows Codecs Library | 2022-03 | - | - |
| CVE-2022-24456 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-03 | - | - |
| CVE-2022-24457 | HEIF Image Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-03 | - | - |
| CVE-2022-24465 | Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability | Important | 3.3 |
Microsoft Intune | 2022-03 | - | - |
| CVE-2022-24522 | Skype Extension for Chrome Information Disclosure Vulnerability | Important | 6.5 |
Skype Extension for Chrome | 2022-03 | - | - |
| CVE-2022-23282 | Paint 3D Remote Code Execution Vulnerability | Important | 7.8 |
Paint 3D | 2022-03 | - | - |
| CVE-2022-21844 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-02 | - | - |
| CVE-2022-21926 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-02 | - | - |
| CVE-2022-21927 | HEVC Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-02 | - | - |
| CVE-2022-21965 | Microsoft Teams Denial of Service Vulnerability | Important | 7.5 |
Microsoft Teams | 2022-02 | - | - |
| CVE-2022-22709 | VP9 Video Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2022-02 | - | - |
| CVE-2022-23254 | Microsoft Power BI Information Disclosure Vulnerability | Important | 4.9 |
Power BI | 2022-02 | - | - |
| CVE-2022-23276 | SQL Server for Linux Containers Elevation of Privilege Vulnerability | Important | 7.8 |
SQL Server | 2022-02 | - | - |
| CVE-2022-23255 | Microsoft OneDrive for Android Security Feature Bypass Vulnerability | Important | 5.9 |
Microsoft OneDrive | 2022-02 | - | - |
| CVE-2022-21917 | HEVC Video Extensions Remote Code Execution Vulnerability | Critical | 7.8 |
Microsoft Windows Codecs Library | 2022-01 | - | - |
| CVE-2013-3900 | WinVerifyTrust Signature Validation Vulnerability | Important | 7.4 |
WinVerifyTrust Signature Verification | 2022-01 | Yes | Yes |
| CVE-2021-42310 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Defender for IoT | 2021-12 | - | - |
| CVE-2021-42311 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important | 10 |
Microsoft Defender for IoT | 2021-12 | - | - |
| CVE-2021-42312 | Microsoft Defender for IoT Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Defender for IoT | 2021-12 | - | - |
| CVE-2021-42313 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important | 10 |
Microsoft Defender for IoT | 2021-12 | - | - |
| CVE-2021-42314 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Defender for IoT | 2021-12 | - | - |
| CVE-2021-42315 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Defender for IoT | 2021-12 | - | - |
| CVE-2021-43882 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important | 9.8 |
Microsoft Defender for IoT | 2021-12 | - | - |
| CVE-2021-43888 | Microsoft Defender for IoT Information Disclosure Vulnerability | Important | 7.5 |
Microsoft Defender for IoT | 2021-12 | - | - |
| CVE-2021-43889 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important | 7.2 |
Microsoft Defender for IoT | 2021-12 | - | - |
| CVE-2021-43899 | Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability | Critical | 9.8 |
Microsoft Devices | 2021-12 | - | - |
| CVE-2021-43890 | Windows AppX Installer Spoofing Vulnerability | Important | 7.1 |
Apps | 2021-12 | Yes | Yes |
| CVE-2021-41365 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important | 8.8 |
Microsoft Defender for IoT | 2021-12 | - | - |
| CVE-2021-43896 | Microsoft PowerShell Spoofing Vulnerability | Important | 5.5 |
Microsoft PowerShell | 2021-12 | - | - |
| CVE-2021-43892 | Microsoft BizTalk ESB Toolkit Spoofing Vulnerability | Important | 7.4 |
BizTalk ESB Toolkit | 2021-12 | - | - |
| CVE-2021-41372 | Power BI Report Server Spoofing Vulnerability | Important | 7.6 |
Power BI | 2021-11 | - | - |
| CVE-2021-43208 | 3D Viewer Remote Code Execution Vulnerability | Important | 7.8 |
3D Viewer | 2021-11 | - | Yes |
| CVE-2021-43209 | 3D Viewer Remote Code Execution Vulnerability | Important | 7.8 |
3D Viewer | 2021-11 | - | Yes |
| CVE-2021-41373 | FSLogix Information Disclosure Vulnerability | Important | 5.5 |
Azure | 2021-11 | - | - |
| CVE-2021-42298 | Microsoft Defender Remote Code Execution Vulnerability | Critical | 7.8 |
Windows Defender | 2021-11 | - | - |
| CVE-2021-42299 | Microsoft Surface Pro 3 Security Feature Bypass Vulnerability | Important | 5.6 |
Microsoft Devices | 2021-10 | - | - |
| CVE-2021-41352 | SCOM Information Disclosure Vulnerability | Important | 7.5 |
System Center | 2021-10 | - | - |
| CVE-2021-41363 | Intune Management Extension Security Feature Bypass Vulnerability | Important | 4.2 |
Microsoft Intune | 2021-10 | - | - |
| CVE-2021-38644 | Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft MPEG-2 Video Extension | 2021-09 | - | - |
| CVE-2021-40448 | Microsoft Accessibility Insights for Android Information Disclosure Vulnerability | Important | 6.3 |
Microsoft Accessibility Insights for Android | 2021-09 | - | - |
| CVE-2021-31942 | 3D Viewer Remote Code Execution Vulnerability | Important | 7.8 |
3D Viewer | 2021-07 | - | - |
| CVE-2021-31943 | 3D Viewer Remote Code Execution Vulnerability | Important | 7.8 |
3D Viewer | 2021-07 | - | - |
| CVE-2021-31944 | 3D Viewer Information Disclosure Vulnerability | Important | 5 |
3D Viewer | 2021-07 | - | - |
| CVE-2021-31945 | Paint 3D Remote Code Execution Vulnerability | Important | 7.8 |
Paint 3D | 2021-07 | - | - |
| CVE-2021-31946 | Paint 3D Remote Code Execution Vulnerability | Important | 7.8 |
Paint 3D | 2021-07 | - | - |
| CVE-2021-31967 | VP9 Video Extensions Remote Code Execution Vulnerability | Critical | 7.8 |
Microsoft Windows Codecs Library | 2021-07 | - | - |
| CVE-2021-31980 | Microsoft Intune Management Extension Remote Code Execution Vulnerability | Important | 8.1 |
Microsoft Intune | 2021-07 | - | - |
| CVE-2021-31983 | Paint 3D Remote Code Execution Vulnerability | Important | 7.8 |
Paint 3D | 2021-07 | - | - |
| CVE-2021-31978 | Microsoft Defender Denial of Service Vulnerability | Important | 5.5 |
Windows Defender | 2021-07 | - | - |
| CVE-2021-31985 | Microsoft Defender Remote Code Execution Vulnerability | Critical | 7.8 |
Windows Defender | 2021-07 | - | - |
| CVE-2021-26421 | Skype for Business and Lync Spoofing Vulnerability | Important | 6.5 |
Skype for Business and Microsoft Lync | 2021-05 | - | - |
| CVE-2021-26422 | Skype for Business and Lync Remote Code Execution Vulnerability | Important | 7.2 |
Skype for Business and Microsoft Lync | 2021-05 | - | - |
| CVE-2021-28465 | Web Media Extensions Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Windows Codecs Library | 2021-05 | - | - |
| CVE-2021-31200 | Common Utilities Remote Code Execution Vulnerability | Important | 7.2 |
Open Source Software | 2021-05 | - | Yes |
| CVE-2021-31936 | Microsoft Accessibility Insights for Web Information Disclosure Vulnerability | Important | 7.4 |
Microsoft Accessibility Insights for Web | 2021-05 | - | - |
| CVE-2021-1728 | System Center Operations Manager Elevation of Privilege Vulnerability | Important | 8.8 |
System Center | 2021-03 | - | - |
| CVE-2021-1733 | Sysinternals PsExec Elevation of Privilege Vulnerability | Important | 7.8 |
SysInternals | 2021-03 | - | Yes |
| CVE-2021-24114 | Microsoft Teams iOS Information Disclosure Vulnerability | Important | 5.7 |
Microsoft Teams | 2021-03 | - | - |
| CVE-2021-24073 | Skype for Business and Lync Spoofing Vulnerability | Important | 6.5 |
Skype for Business | 2021-03 | - | - |
| CVE-2021-24099 | Skype for Business and Lync Denial of Service Vulnerability | Important | 6.5 |
Skype for Business | 2021-03 | - | - |
| CVE-2021-24105 | Package Managers Configurations Remote Code Execution Vulnerability | Important | 8.4 |
Developer Tools | 2021-03 | - | - |
| CVE-2021-1636 | Microsoft SQL Elevation of Privilege Vulnerability | Important | 8.8 |
SQL Server | 2021-01 | - | - |
| CVE-2021-1647 | Microsoft Defender Remote Code Execution Vulnerability | Critical | 7.8 |
Microsoft Malware Protection Engine | 2021-01 | Yes | - |
| CVE-2020-17160 | RETRACTED | Unknown | - | 2020-12 | - | - | |
| CVE-2020-17091 | Microsoft Teams Remote Code Execution Vulnerability | Important | 7.8 |
Microsoft Teams | 2020-11 | - | - |
| CVE-2020-16995 | Network Watcher Agent Virtual Machine Extension for Linux Elevation of Privilege Vulnerability | Important | 7.8 |
Azure | 2020-10 | - | - |
| CVE-2020-17003 | Base3D Remote Code Execution Vulnerability | Critical | 7.8 |
Microsoft Office | 2020-10 | - | - |
| CVE-2020-16886 | PowerShellGet Module WDAC Security Feature Bypass Vulnerability | Important | 5.3 |
PowerShellGet | 2020-10 | - | - |
| CVE-2020-1044 | SQL Server Reporting Services Security Feature Bypass Vulnerability | Moderate | 4.3 |
SQL Server | 2020-09 | - | - |
| CVE-2020-16873 | Xamarin.Forms Spoofing Vulnerability | Important | 4.7 |
Open Source Software | 2020-09 | - | - |
| CVE-2020-1455 | Microsoft SQL Server Management Studio Denial of Service Vulnerability | Important | 5.3 |
SQL Server | 2020-08 | - | - |
| CVE-2020-1461 | Microsoft Defender Elevation of Privilege Vulnerability | Important | 7.1 |
Microsoft Malware Protection Engine | 2020-07 | - | - |
| CVE-2020-1469 | Bond Denial of Service Vulnerability | Important | 7.5 |
Open Source Software | 2020-07 | - | - |
| CVE-2020-1340 | NuGetGallery Spoofing Vulnerability | Important | 5.4 |
Open Source Software | 2020-06 | - | - |
| CVE-2020-1331 | System Center Operations Manager Spoofing Vulnerability | Important | 5.4 |
System Center | 2020-06 | - | - |
| CVE-2020-1163 | Microsoft Windows Defender Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Malware Protection Engine | 2020-06 | - | - |
| CVE-2020-1170 | Microsoft Windows Defender Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Malware Protection Engine | 2020-06 | - | - |
| CVE-2020-1329 | Microsoft Bing Search Spoofing Vulnerability | Important | 6.5 |
Apps | 2020-06 | - | - |
| CVE-2020-1173 | Microsoft Power BI Report Server Spoofing Vulnerability | Important | 6.8 |
Power BI | 2020-05 | - | - |
| CVE-2020-0931 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Office | 2020-04 | - | - |
| CVE-2020-1019 | Microsoft RMS Sharing App for Mac Elevation of Privilege Vulnerability | Important | 7.8 |
Apps | 2020-04 | - | - |
| CVE-2020-1026 | MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability | Important | 9.8 |
Open Source Software | 2020-04 | - | - |
| CVE-2020-0919 | Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability | Important | 7.8 |
Remote Desktop Client | 2020-04 | - | - |
| CVE-2020-0943 | Microsoft YourPhone Application for Android Authentication Bypass Vulnerability | Important | 4.6 |
Android App | 2020-04 | - | - |
| CVE-2020-0984 | Microsoft (MAU) Office Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Office | 2020-04 | - | - |
| CVE-2020-0765 | Remote Desktop Connection Manager Information Disclosure Vulnerability | Important | 5.5 |
Remote Desktop Connection Manager | 2020-03 | - | - |
| CVE-2020-0872 | Remote Code Execution Vulnerability in Application Inspector | Important | 9.6 |
Open Source Software | 2020-03 | - | - |
| CVE-2020-0902 | Service Fabric Elevation of Privilege | Important | 9.8 |
Azure | 2020-03 | - | - |
| CVE-2020-0618 | Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2020-02 | - | - |
| CVE-2020-0702 | Surface Hub Security Feature Bypass Vulnerability | Important | 6.8 |
Windows Shell | 2020-02 | - | - |
| CVE-2020-0654 | Microsoft OneDrive for Android Security Feature Bypass Vulnerability | Important | 9.1 |
Apps | 2020-01 | - | - |
| CVE-2019-1487 | Microsoft Authentication Library for Android Information Disclosure Vulnerability | Important | 6.5 |
Open Source Software | 2019-12 | - | - |
| CVE-2019-1489 | Remote Desktop Protocol Information Disclosure Vulnerability | Important | 7.5 |
End of Life Software | 2019-12 | - | - |
| CVE-2019-1332 | Microsoft SQL Server Reporting Services XSS Vulnerability | Important | 6.1 |
SQL Server | 2019-12 | - | - |
| CVE-2019-1490 | Skype for Business Server Spoofing Vulnerability | Important | 5.4 |
Skype for Business | 2019-12 | - | - |
| CVE-2019-1441 | Win32k Graphics Remote Code Execution Vulnerability | Critical | 8.8 |
Microsoft Graphics Component | 2019-11 | - | - |
| CVE-2019-1370 | Open Enclave SDK Information Disclosure Vulnerability | Important | 5.5 |
Open Source Software | 2019-11 | - | - |
| CVE-2019-1313 | SQL Server Management Studio Information Disclosure Vulnerability | Important | 6.5 |
SQL Server | 2019-10 | - | - |
| CVE-2019-1314 | Windows 10 Mobile Security Feature Bypass Vulnerability | Important | 6.8 |
Microsoft Devices | 2019-10 | - | - |
| CVE-2019-1361 | Microsoft Graphics Components Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | 2019-10 | - | - |
| CVE-2019-1362 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Graphics Component | 2019-10 | - | - |
| CVE-2019-1363 | Windows GDI Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | 2019-10 | - | - |
| CVE-2019-1364 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Graphics Component | 2019-10 | - | - |
| CVE-2019-1369 | Open Enclave SDK Information Disclosure Vulnerability | Important | 5.5 |
Open Source Software | 2019-10 | - | - |
| CVE-2019-1376 | SQL Server Management Studio Information Disclosure Vulnerability | Important | 6.5 |
SQL Server | 2019-10 | - | - |
| CVE-2019-1209 | Lync 2013 Information Disclosure Vulnerability | Important | 6.5 |
Skype for Business and Microsoft Lync | 2019-09 | - | - |
| CVE-2019-1231 | Rome SDK Information Disclosure Vulnerability | Important | 5.9 |
Project Rome | 2019-09 | - | - |
| CVE-2019-1283 | Microsoft Graphics Components Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | 2019-09 | - | - |
| CVE-2019-1284 | DirectX Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Graphics Component | 2019-09 | - | - |
| CVE-2019-1154 | Windows Graphics Component Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | 2019-08 | - | - |
| CVE-2019-1161 | Microsoft Defender Elevation of Privilege Vulnerability | Important | 7.1 |
Microsoft Malware Protection Engine | 2019-08 | - | - |
| CVE-2019-1098 | Windows GDI Information Disclosure Vulnerability | Important | 6.5 |
Microsoft Graphics Component | 2019-07 | - | - |
| CVE-2019-1100 | Windows GDI Information Disclosure Vulnerability | Important | 6.5 |
Microsoft Graphics Component | 2019-07 | - | - |
| CVE-2019-1101 | Windows GDI Information Disclosure Vulnerability | Important | 6.5 |
Microsoft Graphics Component | 2019-07 | - | - |
| CVE-2019-1116 | Windows GDI Information Disclosure Vulnerability | Important | 6.5 |
Microsoft Graphics Component | 2019-07 | - | - |
| CVE-2019-1068 | Microsoft SQL Server Remote Code Execution Vulnerability | Important | 8.8 |
SQL Server | 2019-07 | - | Yes |
| CVE-2019-1167 | Windows Defender Application Control Security Feature Bypass Vulnerability | Important | 4.1 |
Microsoft PowerShell | 2019-07 | - | - |
| CVE-2019-1009 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-1011 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-1013 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-1015 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-1016 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-1029 | Skype for Business and Lync Server Denial of Service Vulnerability | Important | 5.9 |
Skype for Business and Microsoft Lync | 2019-06 | - | - |
| CVE-2019-1047 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-1048 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-1049 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-0960 | Win32k Elevation of Privilege Vulnerability | Important | 7 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-0968 | Windows GDI Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-0977 | Windows GDI Information Disclosure Vulnerability | Important | 4.7 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-0985 | Microsoft Speech API Remote Code Execution Vulnerability | Critical | 7.8 |
Microsoft Graphics Component | 2019-06 | - | - |
| CVE-2019-0932 | Skype for Android Information Disclosure Vulnerability | Important | 5.9 |
Skype for Android | 2019-05 | - | Yes |
| CVE-2019-0819 | Microsoft SQL Server Analysis Services Information Disclosure Vulnerability | Important | 6.5 |
SQL Server | 2019-05 | - | - |
| CVE-2019-0976 | NuGet Package Manager Tampering Vulnerability | Important | 5.5 |
NuGet | 2019-05 | - | - |
| CVE-2019-0876 | Open Enclave SDK Information Disclosure Vulnerability | Important | 5.5 |
Open Source Software | 2019-04 | - | - |
| CVE-2019-0777 | Team Foundation Server Cross-site Scripting Vulnerability | Low | 5.4 |
Team Foundation Server | 2019-03 | - | - |
| CVE-2019-0798 | Skype for Business and Lync Spoofing Vulnerability | Important | 6.1 |
Skype for Business | 2019-03 | - | - |
| CVE-2019-0808 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Graphics Component | 2019-03 | Yes | Yes |
| CVE-2019-0816 | Azure SSH Keypairs Security Feature Bypass Vulnerability | Moderate | 5.1 |
Azure | 2019-03 | - | - |
| CVE-2019-0743 | Team Foundation Server Cross-site Scripting Vulnerability | Important | 5.4 |
Team Foundation Server | 2019-02 | - | - |
| CVE-2019-0742 | Team Foundation Server Cross-site Scripting Vulnerability | Important | 5.4 |
Team Foundation Server | 2019-02 | - | - |
| CVE-2019-0646 | Team Foundation Server Cross-site Scripting Vulnerability | Important | 5.4 |
Team Foundation Server | 2019-01 | - | Yes |
| CVE-2019-0647 | Team Foundation Server Information Disclosure Vulnerability | Moderate | 6.5 |
Team Foundation Server | 2019-01 | - | Yes |
| CVE-2019-0622 | Skype for Android Elevation of Privilege Vulnerability | Moderate | 4.6 |
Android App | 2019-01 | - | - |
| CVE-2019-0624 | Skype for Business and Lync Spoofing Vulnerability | Important | 5.4 |
Skype for Business | 2019-01 | - | - |
Threat Categories 8
| Threat Category | CVEs | Critical |
|---|---|---|
| Remote Code Execution | 176 | 34 |
| Elevation of Privilege | 114 | 32 |
| Information Disclosure | 89 | 26 |
| Spoofing | 50 | 7 |
| Security Feature Bypass | 22 | - |
| Denial of Service | 14 | - |
| Tampering | 6 | 3 |
| Unknown | 2 | - |
Components 133
| Component | CVEs | Exploited |
|---|---|---|
| SQL Server | 55 | - |
| Microsoft Windows Codecs Library | 28 | - |
| Microsoft Graphics Component | 26 | 1 |
| 3D Builder | 20 | - |
| Microsoft Defender for IoT | 20 | - |
| Microsoft Teams | 13 | - |
| Skype for Business | 12 | 1 |
| Windows Defender | 11 | - |
| Open Source Software | 10 | - |
| M365 Copilot | 9 | - |
| Power BI | 9 | - |
| 3D Viewer | 8 | - |
| Azure | 7 | - |
| Microsoft AutoUpdate (MAU) | 7 | - |
| Microsoft Defender for Endpoint | 7 | - |
| Microsoft PC Manager | 7 | - |
| Microsoft Bing | 6 | - |
| Microsoft Configuration Manager | 6 | - |
| Microsoft Power Apps | 6 | - |
| Microsoft Purview | 6 | - |
| Paint 3D | 6 | - |
| Copilot | 5 | - |
| Microsoft Dataverse | 5 | - |
| Microsoft Defender | 5 | 2 |
| Microsoft Intune | 5 | - |
| Microsoft Malware Protection Engine | 5 | 1 |
| Microsoft OneDrive | 5 | - |
| Microsoft Partner Center | 5 | 1 |
| Power Automate | 5 | - |
| Skype for Business and Microsoft Lync | 5 | - |
| System Center | 5 | - |
| Team Foundation Server | 5 | - |
| Apps | 4 | 1 |
| Microsoft Copilot | 4 | - |
| Microsoft Devices | 4 | - |
| Microsoft PowerShell | 4 | - |
| Copilot Studio | 3 | - |
| GroupMe | 3 | - |
| Microsoft 365 Copilot's Business Chat | 3 | - |
| Microsoft Authenticator | 3 | - |
| Microsoft Office | 3 | - |
| Microsoft Teams for Android | 3 | - |
| Android App | 2 | - |
| Microsoft Account | 2 | - |
| Microsoft Bing Images | 2 | - |
| Microsoft Defender for Linux | 2 | - |
| Microsoft Endpoint Configuration Manager | 2 | - |
| Microsoft Exchange Online | 2 | - |
| Microsoft High Performance Compute Pack (HPC) | 2 | - |
| Microsoft Office OneNote | 2 | - |
| Microsoft Power Pages | 2 | 1 |
| Nuance PowerScribe | 2 | - |
| Open Management Infrastructure | 2 | - |
| Software for Open Networking in the Cloud (SONiC) | 2 | - |
| System Center Operations Manager | 2 | - |
| XBox Gaming Services | 2 | - |
| .NET | 1 | - |
| ASP.NET | 1 | - |
| Airlift.microsoft.com | 1 | - |
| App Control for Business (WDAC) | 1 | - |
| Application Gateway | 1 | - |
| Application Information Services | 1 | - |
| Azure Active Directory | 1 | - |
| Azure Compute Gallery | 1 | - |
| BizTalk ESB Toolkit | 1 | - |
| Capability Access Management Service (camsvc) | 1 | - |
| Cost Management Interactive Experiences | 1 | - |
| DeepSpeed | 1 | - |
| Developer Tools | 1 | - |
| End of Life Software | 1 | - |
| Entra ID | 1 | - |
| GitHub | 1 | - |
| GitHub Copilot and Visual Studio Code | 1 | - |
| GitHub Repo: zero-shot-scfoundation | 1 | - |
| Github Copilot | 1 | - |
| Github: Playwright | 1 | - |
| JDBC Driver for SQL Server | 1 | - |
| LightGBM | 1 | - |
| Linux MANA Driver | 1 | - |
| M365 Copilot for Desktop | 1 | - |
| Microsoft Accessibility Insights for Android | 1 | - |
| Microsoft Accessibility Insights for Web | 1 | - |
| Microsoft Azure Gateway Manager | 1 | - |
| Microsoft Brokering File System | 1 | - |
| Microsoft Common Data Model SDK | 1 | - |
| Microsoft Copilot Studio | 1 | - |
| Microsoft Data Formulator | 1 | - |
| Microsoft Defender Portal | 1 | - |
| Microsoft Defender for Endpoint for Linux | 1 | - |
| Microsoft Defender for Identity | 1 | - |
| Microsoft Devices Pricing Program | 1 | - |
| Microsoft Django Backend for SQL Server | 1 | - |
| Microsoft Entra ID | 1 | - |
| Microsoft Entra ID Entitlement Management | 1 | - |
| Microsoft Exchange | 1 | - |
| Microsoft Graph | 1 | - |
| Microsoft High Performance Compute Pack (HPC) Linux Node Agent | 1 | - |
| Microsoft Identity Linux Broker | 1 | - |
| Microsoft Live Share Canvas SDK | 1 | - |
| Microsoft MPEG-2 Video Extension | 1 | - |
| Microsoft Media-Wiki Extensions | 1 | - |
| Microsoft Planetary Computer Pro | 1 | - |
| Microsoft PowerToys | 1 | - |
| Microsoft SSO Plugin for Jira & Confluence | 1 | - |
| Microsoft Surface | 1 | - |
| Microsoft Update Catalog | 1 | - |
| Mono Authenticode | 1 | - |
| NuGet | 1 | - |
| NuGet Client | 1 | - |
| Nuance Digital Engagement Platform | 1 | - |
| OneDrive for Android | 1 | - |
| Payment Orchestrator Service | 1 | - |
| PowerShellGet | 1 | - |
| Project Rome | 1 | - |
| Redis Enterprise | 1 | - |
| Reliability Analysis Metrics Calculation Engine | 1 | - |
| Remote Desktop Client | 1 | - |
| Remote Desktop Connection Manager | 1 | - |
| Skype Extension for Chrome | 1 | - |
| Skype for Android | 1 | - |
| Skype for Consumer | 1 | - |
| SysInternals | 1 | - |
| TorchGeo | 1 | - |
| Unknown | 1 | - |
| Web Deploy | 1 | - |
| WinVerifyTrust Signature Verification | 1 | 1 |
| Windows App Installer | 1 | - |
| Windows App Store | 1 | - |
| Windows RDP Client | 1 | - |
| Windows Shell | 1 | - |
| XBox Crypto Graphic Services | 1 | - |
| Xbox | 1 | - |
| YARP reverse proxy | 1 | - |