microsoft

15,045 tracked vulnerabilities.

CVE-2025-21215 MEDIUM
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2008-2012 - Secure Boot Security Feature Bypass
Jan 14, 2025
CVSS 4.6
EPSS 0.01
CVE-2025-21214 MEDIUM
Windows BitLocker - Information Disclosure
Jan 14, 2025
CVSS 4.2
EPSS 0.01
CVE-2025-21213 MEDIUM
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2012/2016 - Secure Boot Security Feature Bypass
Jan 14, 2025
CVSS 4.6
EPSS 0.01
CVE-2025-21211 MEDIUM
Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2012/2016 - Secure Boot Security Feature Bypass
Jan 14, 2025
CVSS 6.8
EPSS 0.01
CVE-2025-21210 MEDIUM
Windows BitLocker - Information Disclosure via Failing Open
Jan 14, 2025
CVSS 4.2
EPSS 0.01
CVE-2025-21207 HIGH
Windows Connected Devices Platform Service - Denial of Service
Jan 14, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-21202 MEDIUM
Windows Recovery Environment Agent - Elevation of Privilege
Jan 14, 2025
CVSS 6.1
EPSS 0.01
CVE-2025-21193 MEDIUM
Windows Server 2016, 2019, 2022, 2022 23H2, 2025 - Active Directory Federation Server Spoofing
Jan 14, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-21189 MEDIUM
Microsoft Windows MapUrlToZone - Security Feature Bypass
Jan 14, 2025
CVSS 4.3
EPSS 0.03
CVE-2025-21187 HIGH
Microsoft Power Automate for Desktop 2.46-2.46.184.25013 - Remote Code Execution
Jan 14, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-21186 HIGH
Microsoft Access - Remote Code Execution via Heap-based Buffer Overflow
Jan 14, 2025
CVSS 7.8
EPSS 0.01
CVE-2025-21178 HIGH
Visual Studio 2017 15.0-15.9.5, 2019 16.0-16.11.3, 2022 17.6.0-17.6.21 - Remote Code Execution
Jan 14, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-21176 HIGH
.NET and .NET Framework - Remote Code Execution
Jan 14, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-21173 HIGH
.NET - Privilege Escalation
Jan 14, 2025
CVSS 7.3
EPSS 0.01
CVE-2025-21172 HIGH
.NET and Visual Studio - Remote Code Execution via Integer Overflow
Jan 14, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-21171 HIGH
.NET - Remote Code Execution via Heap-based Buffer Overflow
Jan 14, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-21380 HIGH
Azure Marketplace - Improper Access Control
Jan 09, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-21385 HIGH
Microsoft Purview - Server-Side Request Forgery
Jan 09, 2025
CVSS 8.8
EPSS 0.24
CVE-2024-57972 MEDIUM
Microsoft HoloLens <10.0.17763.3046-10.0.22621.1244 - DoS
Mar 06, 2025
CVSS 6.5
EPSS 0.02
CVE-2024-43106 HIGH
Microsoft Excel 16.83 - Code Injection
Dec 18, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-42220 HIGH
Microsoft Outlook 16.83.3 - Library Injection via Cryptographic Signature Verification Bypass
Dec 18, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-42004 HIGH
Microsoft Teams 24046.2813.2770.1094 for macOS - Library Injection via Crafted Library
Dec 18, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-41165 HIGH
Microsoft Word 16.83 for macOS - Library Injection via Cryptographic Signature Verification Bypass
Dec 18, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-41159 HIGH
Microsoft OneNote 16.83 for macOS - Library Injection via Cryptographic Signature Verification Bypass
Dec 18, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-41145 HIGH
Microsoft Teams 24046.2813.2770.1094 - Library Injection via WebView.app Helper App
Dec 18, 2024
CVSS 7.1
EPSS 0.01