Filtered by vendor Microsoft
Subscribe
Total
21775 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-43176 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2025-08-27 | N/A | 5.4 MEDIUM |
| IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users. | |||||
| CVE-2024-31914 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2025-08-27 | N/A | 6.4 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2024-30039 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-27 | N/A | 5.5 MEDIUM |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
| CVE-2024-30030 | 1 Microsoft | 1 Windows Server 2008 | 2025-08-27 | N/A | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2024-30025 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-27 | N/A | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-30020 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-08-27 | N/A | 8.1 HIGH |
| Windows Cryptographic Services Remote Code Execution Vulnerability | |||||
| CVE-2024-30018 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-08-27 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2024-30011 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more | 2025-08-27 | N/A | 6.5 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| CVE-2022-34704 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-08-27 | N/A | 4.7 MEDIUM |
| Windows Defender Credential Guard Information Disclosure Vulnerability | |||||
| CVE-2025-49385 | 2 Microsoft, Trendmicro | 2 Windows, Maximum Security 2022 | 2025-08-26 | N/A | 7.8 HIGH |
| Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. | |||||
| CVE-2025-49384 | 2 Microsoft, Trendmicro | 2 Windows, Maximum Security 2022 | 2025-08-26 | N/A | 7.8 HIGH |
| Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. | |||||
| CVE-2024-24912 | 2 Checkpoint, Microsoft | 2 Harmony Endpoint, Windows | 2025-08-26 | N/A | 6.7 MEDIUM |
| A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system. | |||||
| CVE-2024-24910 | 2 Checkpoint, Microsoft | 3 Identity Agent, Zonealarm Extreme Security, Windows | 2025-08-26 | N/A | 7.3 HIGH |
| A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system. | |||||
| CVE-2025-52521 | 2 Microsoft, Trendmicro | 2 Windows, Maximum Security 2022 | 2025-08-26 | N/A | 7.8 HIGH |
| Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. | |||||
| CVE-2022-40732 | 1 Microsoft | 2 Windows 11 21h2, Windows Server 2022 | 2025-08-26 | N/A | 5.0 MEDIUM |
| An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service. | |||||
| CVE-2022-40733 | 1 Microsoft | 2 Windows 11 21h2, Windows Server 2022 | 2025-08-26 | N/A | 5.0 MEDIUM |
| An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service. | |||||
| CVE-2024-41138 | 1 Microsoft | 1 Teams | 2025-08-26 | N/A | 7.1 HIGH |
| A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions. | |||||
| CVE-2024-42004 | 1 Microsoft | 1 Teams | 2025-08-26 | N/A | 7.1 HIGH |
| A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions. | |||||
| CVE-2024-41145 | 1 Microsoft | 1 Teams | 2025-08-26 | N/A | 7.1 HIGH |
| A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions. | |||||
| CVE-2025-4609 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-08-25 | N/A | 9.6 CRITICAL |
| Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) | |||||