Filtered by vendor Microsoft
Subscriptions
Total
20988 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49091 | 1 Microsoft | 6 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 3 more | 2025-05-13 | 7.2 High |
| Windows Domain Name Service Remote Code Execution Vulnerability | ||||
| CVE-2024-49089 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-13 | 7.2 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-49087 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-05-13 | 4.6 Medium |
| Windows Mobile Broadband Driver Information Disclosure Vulnerability | ||||
| CVE-2024-49086 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-05-13 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-49085 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-05-13 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-49084 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-13 | 7 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2024-49074 | 1 Microsoft | 4 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 1 more | 2025-05-13 | 7.8 High |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-49073 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-05-13 | 6.8 Medium |
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-49070 | 1 Microsoft | 1 Sharepoint Server | 2025-05-13 | 7.4 High |
| Microsoft SharePoint Remote Code Execution Vulnerability | ||||
| CVE-2024-49069 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2025-05-13 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2024-49068 | 1 Microsoft | 1 Sharepoint Server | 2025-05-13 | 8.2 High |
| Microsoft SharePoint Elevation of Privilege Vulnerability | ||||
| CVE-2024-49064 | 1 Microsoft | 1 Sharepoint Server | 2025-05-13 | 6.5 Medium |
| Microsoft SharePoint Information Disclosure Vulnerability | ||||
| CVE-2024-49059 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-05-13 | 7 High |
| Microsoft Office Elevation of Privilege Vulnerability | ||||
| CVE-2024-49057 | 1 Microsoft | 1 Defender For Endpoint | 2025-05-13 | 8.1 High |
| Microsoft Defender for Endpoint on Android Spoofing Vulnerability | ||||
| CVE-2024-43594 | 1 Microsoft | 3 System Center 2019, System Center 2022, System Center 2025 | 2025-05-13 | 7.3 High |
| Microsoft System Center Elevation of Privilege Vulnerability | ||||
| CVE-2024-25709 | 3 Esri, Linux, Microsoft | 3 Portal For Arcgis, Linux Kernel, Windows | 2025-05-12 | 6.1 Medium |
| There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS versions 11.2 and below that may allow a remote, authenticated attacker to create a crafted link that can be saved as a new location when moving an existing item which will potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high. | ||||
| CVE-2024-25705 | 3 Esri, Linux, Microsoft | 3 Portal For Arcgis, Linux Kernel, Windows | 2025-05-12 | 5.4 Medium |
| There is a cross site scripting vulnerability in the Esri Portal for ArcGIS Experience Builder 11.1 and below on Windows and Linux that allows a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are low. | ||||
| CVE-2023-50387 | 8 Fedoraproject, Isc, Microsoft and 5 more | 18 Fedora, Bind, Windows Server 2008 and 15 more | 2025-05-12 | 7.5 High |
| Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. | ||||
| CVE-2024-21311 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-09 | 5.5 Medium |
| Windows Cryptographic Services Information Disclosure Vulnerability | ||||
| CVE-2024-21403 | 1 Microsoft | 1 Azure Kubernetes Service | 2025-05-09 | 9 Critical |
| Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | ||||