microsoft

15,045 tracked vulnerabilities.

CVE-2024-38115 HIGH
Windows IP Routing Management Snapin - Remote Code Execution
Aug 13, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-38114 HIGH
Windows IP Routing Management Snapin - Remote Code Execution
Aug 13, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-38109 CRITICAL
Microsoft Azure Health Bot - Authenticated Server-Side Request Forgery
Aug 13, 2024
CVSS 9.1
EPSS 0.02
CVE-2024-38108 CRITICAL
Azure Stack Hub < 1.2311.1.22 - Spoofing
Aug 13, 2024
CVSS 9.3
EPSS 0.01
CVE-2024-38107 HIGH KEV
Windows Power Dependency Coordinator - Privilege Escalation
Aug 13, 2024
CVSS 7.8
EPSS 0.02
CVE-2024-38106 HIGH KEV
Windows Kernel - Privilege Escalation
Aug 13, 2024
CVSS 7.0
EPSS 0.06
CVE-2024-38098 HIGH
Azure Connected Machine Agent - Privilege Escalation
Aug 13, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-38084 HIGH
Microsoft OfficePlus - Privilege Escalation
Aug 13, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-38063 CRITICAL
Windows TCP/IP - Remote Code Execution
Aug 13, 2024
CVSS 9.8
EPSS 0.71
CVE-2024-37968 HIGH
Windows Server DNS Spoofing (2008, 2012, 2016, 2019, 2022, 23H2)
Aug 13, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-29995 HIGH
Windows Kerberos - Privilege Escalation
Aug 13, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-6768 MEDIUM
Windows 10, 11, Server 2016, 2019, 2022 - Authenticated Denial of Service via CLFS.sys KeBugCheckEx Call
Aug 12, 2024
EPSS 0.03
CVE-2024-38219 MEDIUM
Microsoft Edge Chromium < 127.0.2651.98 - Remote Code Execution
Aug 12, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-38218 HIGH
Microsoft Edge Chromium < 127.0.2651.98 - Memory Corruption
Aug 12, 2024
CVSS 8.4
EPSS 0.01
CVE-2024-38200 MEDIUM
Microsoft 365 Apps and Office - Exposure of Sensitive Information via Spoofing
Aug 12, 2024
CVSS 6.5
EPSS 0.20
CVE-2024-38202 HIGH
Windows Update - Privilege Escalation
Aug 08, 2024
CVSS 7.3
EPSS 0.02
CVE-2024-21302 MEDIUM
Windows 10/11, Server 2016-2018 EoP via Virtualization-Based Security Rollback
Aug 08, 2024
CVSS 6.7
EPSS 0.02
CVE-2024-38206 HIGH
Microsoft Copilot Studio - Authenticated Server-Side Request Forgery
Aug 06, 2024
CVSS 8.5
EPSS 0.12
CVE-2024-38166 HIGH
Microsoft Dynamics 365 - Unauthenticated Cross-Site Scripting
Aug 06, 2024
CVSS 8.2
EPSS 0.01
CVE-2024-38182 CRITICAL
Microsoft Dynamics 365 - Privilege Escalation
Jul 31, 2024
CVSS 9.0
EPSS 0.01
CVE-2024-38103 MEDIUM
Microsoft Edge < 127.0.2651.74 - Information Disclosure
Jul 25, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-38176 HIGH
GroupMe - Unauthenticated Privilege Escalation via Excessive Authentication Attempts
Jul 23, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-38164 CRITICAL
GroupMe - Unauthenticated Privilege Escalation via Malicious Link
Jul 23, 2024
CVSS 9.6
EPSS 0.01
CVE-2024-38156 MEDIUM
Microsoft Edge < 126.0.2592.102 - Spoofing
Jul 19, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-21417 HIGH
Windows Text Services Framework - Elevation of Privilege via Missing Authorization
Jul 10, 2024
CVSS 8.8
EPSS 0.00