microsoft

14,176 tracked vulnerabilities.

CVE-2024-38129 HIGH
Windows Kerberos - Privilege Escalation
Oct 08, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-38124 CRITICAL
Windows Netlogon < - Privilege Escalation
Oct 08, 2024
CVSS 9.0
EPSS 0.00
CVE-2024-38097 HIGH
Azure Monitor Agent - Privilege Escalation
Oct 08, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-38029 HIGH
Microsoft OpenSSH for Windows - RCE
Oct 08, 2024
CVSS 7.5
EPSS 0.05
CVE-2024-37983 MEDIUM
Windows Resume Extensible Firmware Interface - Privilege Escalation
Oct 08, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-37982 MEDIUM
Windows Resume Extensible Firmware Interface - Privilege Escalation
Oct 08, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-37979 MEDIUM
Windows Kernel - Privilege Escalation
Oct 08, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-37976 MEDIUM
Windows 10/11, Server 2012 Security Feature Bypass via Resume EFI
Oct 08, 2024
CVSS 6.7
EPSS 0.01
CVE-2024-30092 HIGH
Windows Hyper-V - Remote Code Execution
Oct 08, 2024
CVSS 8.0
EPSS 0.00
CVE-2024-20659 HIGH
Windows Hyper-V < - Privilege Escalation
Oct 08, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-47604 HIGH
NuGetGallery 2024.06.21-2024.09.25 - Stored Cross-Site Scripting via HTML Attribute Handling
Oct 01, 2024
CVSS 8.2
EPSS 0.01
CVE-2024-6769 MEDIUM
Microsoft Windows <2022 - Privilege Escalation
Sep 26, 2024
CVSS 6.7
EPSS 0.16
CVE-2024-47083 HIGH
Power Platform Terraform Provider <3.0.0 - Info Disclosure
Sep 25, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-43496 MEDIUM
Microsoft Edge Chromium < 129.0.2792.52 - Remote Code Execution via Out-of-bounds Write
Sep 19, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-43489 MEDIUM
Microsoft Edge Chromium < 129.0.2792.52 - Remote Code Execution via Type Confusion
Sep 19, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-38221 MEDIUM
Microsoft Edge Chromium < 129.0.2792.52 - Spoofing
Sep 19, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-38016 HIGH
Microsoft Office Visio - Remote Code Execution
Sep 19, 2024
CVSS 7.8
EPSS 0.02
CVE-2024-37985 MEDIUM
Windows 11 22H2 < 10.0.22621.3880 and 23H2 < 10.0.22631.3880 - Kernel Information Disclosure
Sep 17, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-43460 HIGH
Dynamics 365 Business Central - Authenticated Privilege Escalation
Sep 17, 2024
CVSS 8.1
EPSS 0.03
CVE-2024-38183 CRITICAL
GroupMe - Unauthenticated Privilege Escalation
Sep 17, 2024
CVSS 9.8
EPSS 0.04
CVE-2024-45383 MEDIUM
Microsoft High Definition Audio Bus Driver 10.0.19041.3636 - DoS
Sep 12, 2024
CVSS 5.0
EPSS 0.09
CVE-2024-38222 MEDIUM
Microsoft Edge < 128.0.2739.42 - Information Disclosure via Incorrect Default Permissions
Sep 12, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-43495 HIGH
Windows 11/23H2 & Server 2022 23H2 < 10.0.22621.3880/10.0.22631.3880/10.0.25398.1009 RCE via libarchive Integer Overflow
Sep 10, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-43492 HIGH
Microsoft AutoUpdate < 4.72 - Elevation of Privilege
Sep 10, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-43491 CRITICAL
Windows 10 1507 < 10.0.10240.20766 - Use-After-Free in Servicing Stack
Sep 10, 2024
CVSS 9.8
EPSS 0.18
Products
windows_server_2016 4,606 windows_server_2019 4,345 windows_server_2012 3,825 windows_server_2008 3,554 windows_10 2,974 windows_server_2022 2,699 windows_7 2,368 windows_8.1 2,216 windows_rt_8.1 2,020 windows_10_1809 1,935 windows_10_21h2 1,934 windows_10_22h2 1,932 windows_server_2022_23h2 1,666 windows_10_1607 1,658 windows_11_22h2 1,651 internet_explorer 1,635 windows_11_23h2 1,548 windows_11_24h2 1,234 windows_10_1507 1,230 windows_server_2025 1,195 office 1,032 windows_11_21h2 1,001 windows_vista 828 edge 756 windows_xp 739 windows_11 573 windows_2000 515 windows_11_25h2 502 sharepoint_server 478 365_apps 472
Quick Filters
Critical CVEs With Exploits In CISA KEV