microsoft

15,045 tracked vulnerabilities.

CVE-2024-54138 MEDIUM
NuGetGallery < 2024.12.06 - Cross-Site Scripting via Autolink Handling
Dec 06, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-49041 MEDIUM
Microsoft Edge Chromium < 131.0.2903.86 - Spoofing
Dec 06, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-49053 HIGH
Microsoft Dynamics 365 Sales - Spoofing
Nov 26, 2024
CVSS 7.6
EPSS 0.01
CVE-2024-49052 HIGH
Microsoft Azure PolicyWatch - Unauthenticated Privilege Escalation
Nov 26, 2024
CVSS 8.2
EPSS 0.01
CVE-2024-49038 CRITICAL
Copilot Studio - Cross-Site Scripting
Nov 26, 2024
CVSS 9.3
EPSS 0.01
CVE-2024-49035 HIGH KEV
Partner.Microsoft.com - Unauthenticated Privilege Escalation
Nov 26, 2024
CVSS 8.7
EPSS 0.01
CVE-2024-49054 MEDIUM
Microsoft Edge Chromium < 131.0.2903.63 - Spoofing via Insufficient UI Warning
Nov 22, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-49060 HIGH
Azure Stack HCI < 2411 - Elevation of Privilege via Hard-coded Credentials
Nov 15, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-49025 MEDIUM
Microsoft Edge Chromium < 131.0.2903.48 - Exposure of Private Personal Information
Nov 14, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-49042 HIGH
Azure Database for PostgreSQL Flexible Server 12.0-12.19 - Privilege Escalation via Extension
Nov 12, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-43613 HIGH
Azure Database for PostgreSQL Flexible Server 12.0-12.19 - Privilege Escalation via Extension
Nov 12, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-49056 HIGH
airlift.microsoft.com - Authentication Bypass by Assumed-Immutable Data
Nov 12, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-49051 HIGH
Microsoft PC Manager < 3.14.10.0 - Elevation of Privilege via Improper Link Resolution
Nov 12, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-49050 HIGH
Visual Studio Code Python Extension < 2024.18.2 - Remote Code Execution
Nov 12, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-49049 HIGH
Visual Studio Code Remote Extension < 0.115.1 - Elevation of Privilege
Nov 12, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-49048 HIGH
TorchGeo < 0.6.1 - Remote Code Execution
Nov 12, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-49046 HIGH
Windows 10 1507-22H2 and Windows 11 22H2 - Elevation of Privilege via Win32 Kernel Subsystem Race Condition
Nov 12, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-49044 MEDIUM
Visual Studio 2022 17.6.0-17.6.21 - Elevation of Privilege
Nov 12, 2024
CVSS 6.7
EPSS 0.01
CVE-2024-49043 HIGH
Microsoft SQL Server 2016-2022 Remote Code Execution via Untrusted Search Path
Nov 12, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-49040 HIGH
Microsoft Exchange Server - Spoofing via UI Misrepresentation
Nov 12, 2024
CVSS 7.5
EPSS 0.08
CVE-2024-49039 HIGH KEV
Windows 10 1507-22H2 and Windows 11 22H2 - Elevation of Privilege via Task Scheduler
Nov 12, 2024
CVSS 8.8
EPSS 0.14
CVE-2024-49033 HIGH
Microsoft Word - Security Feature Bypass via Improper Input Validation
Nov 12, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-49032 HIGH
Microsoft 365 Apps and Office - Remote Code Execution via Graphics Use-After-Free
Nov 12, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-49031 HIGH
Microsoft 365 Apps and Office - Remote Code Execution via Graphics Buffer Over-read
Nov 12, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-49030 HIGH
Microsoft Excel - Remote Code Execution via Heap-based Buffer Overflow
Nov 12, 2024
CVSS 7.8
EPSS 0.01