microsoft

14,176 tracked vulnerabilities.

CVE-2024-49064 MEDIUM
Microsoft SharePoint Server - XML External Entity Injection
Dec 12, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-49063 HIGH
Microsoft Muzic < 196.0 - Remote Code Execution via Untrusted Data Deserialization
Dec 12, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-49062 MEDIUM
Microsoft SharePoint Server - Information Disclosure via Relative Path Traversal
Dec 12, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-49059 HIGH
Microsoft 365 Apps and Office - Elevation of Privilege via Race Condition
Dec 12, 2024
CVSS 7.0
EPSS 0.00
CVE-2024-49057 HIGH
Microsoft Defender for Endpoint < 1.0.7128.0101 - Spoofing
Dec 12, 2024
CVSS 8.1
EPSS 0.03
CVE-2024-43600 HIGH
Microsoft Office - Elevation of Privilege
Dec 12, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-43594 HIGH
Microsoft System Center 2019 < 10.19.10050.0, 2022 < 10.22.10118.0, 2025 < 10.25.10132.0 - Elevation of Privilege
Dec 12, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-54138 MEDIUM
NuGetGallery < 2024.12.06 - Cross-Site Scripting via Autolink Handling
Dec 06, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-49041 MEDIUM
Microsoft Edge Chromium < 131.0.2903.86 - Spoofing
Dec 06, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-49053 HIGH
Microsoft Dynamics 365 Sales - Spoofing
Nov 26, 2024
CVSS 7.6
EPSS 0.00
CVE-2024-49052 HIGH
Microsoft Azure PolicyWatch - Unauthenticated Privilege Escalation
Nov 26, 2024
CVSS 8.2
EPSS 0.02
CVE-2024-49038 CRITICAL
Copilot Studio - Cross-Site Scripting
Nov 26, 2024
CVSS 9.3
EPSS 0.00
CVE-2024-49035 HIGH KEV
Partner.Microsoft.com - Unauthenticated Privilege Escalation
Nov 26, 2024
CVSS 8.7
EPSS 0.06
CVE-2024-49054 MEDIUM
Microsoft Edge Chromium < 131.0.2903.63 - Spoofing via Insufficient UI Warning
Nov 22, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-49060 HIGH
Azure Stack HCI < 2411 - Elevation of Privilege via Hard-coded Credentials
Nov 15, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-49025 MEDIUM
Microsoft Edge Chromium < 131.0.2903.48 - Exposure of Private Personal Information
Nov 14, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-49042 HIGH
Azure Database for PostgreSQL Flexible Server 12.0-12.19 - Privilege Escalation via Extension
Nov 12, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-43613 HIGH
Azure Database for PostgreSQL Flexible Server 12.0-12.19 - Privilege Escalation via Extension
Nov 12, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-49056 HIGH
airlift.microsoft.com - Authentication Bypass by Assumed-Immutable Data
Nov 12, 2024
CVSS 7.3
EPSS 0.02
CVE-2024-49051 HIGH
Microsoft PC Manager < 3.14.10.0 - Elevation of Privilege via Improper Link Resolution
Nov 12, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-49050 HIGH
Visual Studio Code Python Extension < 2024.18.2 - Remote Code Execution
Nov 12, 2024
CVSS 8.8
EPSS 0.03
CVE-2024-49049 HIGH
Visual Studio Code Remote Extension < 0.115.1 - Elevation of Privilege
Nov 12, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-49048 HIGH
TorchGeo < 0.6.1 - Remote Code Execution
Nov 12, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-49046 HIGH
Windows 10 1507-22H2 and Windows 11 22H2 - Elevation of Privilege via Win32 Kernel Subsystem Race Condition
Nov 12, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-49044 MEDIUM
Visual Studio 2022 17.6.0-17.6.21 - Elevation of Privilege
Nov 12, 2024
CVSS 6.7
EPSS 0.00
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 478 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV