Microsoft CVEs & Vulnerabilities
1.621 CVEs affecting Microsoft products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
Most Affected Products
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally.
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally.
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Integer overflow or wraparound in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network.
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network.
Improper authentication in Azure SDK allows an unauthorized attacker to bypass a security feature over a network.
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.
Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally.
Double free in Windows Rich Text Edit Control allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent network.
Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM
An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section.
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.
Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.
Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network.
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network.
Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.
Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.
Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network.
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.
Improper neutralization of special elements in output used by a downstream component ('injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted MHTML page. (Chromium security severity: Low)
Script injection in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low)
Insufficient policy enforcement in WebApp in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromium security severity: Low)
Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)