Filtered by vendor Microsoft
Subscriptions
Total
20792 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-0005 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1511, Windows 10 1607 and 7 more | 2025-02-10 | 7.8 High |
| The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0001, CVE-2017-0025, and CVE-2017-0047. | ||||
| CVE-2017-0001 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1511, Windows 10 1607 and 7 more | 2025-02-10 | 7.8 High |
| The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0005, CVE-2017-0025, and CVE-2017-0047. | ||||
| CVE-2017-8570 | 1 Microsoft | 1 Office | 2025-02-10 | 7.8 High |
| Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243. | ||||
| CVE-2017-11826 | 1 Microsoft | 7 Office Compatibility Pack, Office Online Server, Office Web Apps Server and 4 more | 2025-02-10 | 7.8 High |
| Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory. | ||||
| CVE-2025-21107 | 3 Dell, Linux, Microsoft | 3 Networker, Linux Kernel, Windows | 2025-02-07 | 7.8 High |
| Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | ||||
| CVE-2023-27497 | 2 Microsoft, Sap | 2 Windows, Diagnostics Agent | 2025-02-07 | 10 Critical |
| Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an attacker to execute malicious scripts on all connected Diagnostics Agents running on Windows. On successful exploitation, the attacker can completely compromise confidentiality, integrity and availability of the system. | ||||
| CVE-2024-20765 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-02-07 | 7.8 High |
| Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-31979 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2025-02-07 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2020-1350 | 1 Microsoft | 4 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 1 more | 2025-02-07 | 10 Critical |
| A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'. | ||||
| CVE-2019-1388 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2025-02-07 | 7.8 High |
| An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'. | ||||
| CVE-2019-1385 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2025-02-07 | 7.8 High |
| An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. | ||||
| CVE-2019-1367 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2025-02-07 | 7.5 High |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1221. | ||||
| CVE-2019-1315 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2025-02-07 | 7.8 High |
| An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342. | ||||
| CVE-2019-1297 | 1 Microsoft | 3 Excel, Office, Office 365 Proplus | 2025-02-07 | 8.8 High |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | ||||
| CVE-2019-1215 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2025-02-07 | 7.8 High |
| An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303. | ||||
| CVE-2019-1214 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2025-02-07 | 7.8 High |
| An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. | ||||
| CVE-2019-1132 | 1 Microsoft | 2 Windows 7, Windows Server 2008 | 2025-02-07 | 7.8 High |
| An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. | ||||
| CVE-2019-1130 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2025-02-07 | 7.8 High |
| An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129. | ||||
| CVE-2019-1129 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2025-02-07 | 7.8 High |
| An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130. | ||||
| CVE-2019-1064 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2025-02-07 | 7.8 High |
| An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. | ||||