Filtered by vendor Microsoft
Subscribe
Total
20641 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9555 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2025-05-05 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge versions 10.0.1 and earlier version have a stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-9554 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2025-05-05 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2020-3765 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2025-05-05 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-8246 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-8244 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 4.3 MEDIUM | 4.3 MEDIUM |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-8243 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 4.3 MEDIUM | 4.3 MEDIUM |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-8242 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 4.3 MEDIUM | 4.3 MEDIUM |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-8241 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 4.3 MEDIUM | 4.3 MEDIUM |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2023-39143 | 2 Microsoft, Papercut | 3 Windows, Papercut Mf, Papercut Ng | 2025-05-05 | N/A | 9.8 CRITICAL |
| PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common configuration). | |||||
| CVE-2023-2939 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-05-05 | N/A | 7.8 HIGH |
| Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium) | |||||
| CVE-2023-28005 | 2 Microsoft, Trendmicro | 2 Windows, Trend Micro Endpoint Encryption | 2025-05-05 | N/A | 6.8 MEDIUM |
| A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows? Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the device. An attacker must first obtain physical access to the target system in order to exploit this vulnerability. It is also important to note that the contents of the drive(s) encrypted with TMEE FDE would still be protected and would NOT be accessible by the attacker by exploitation of this vulnerability alone. | |||||
| CVE-2023-5174 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2025-05-05 | N/A | 9.8 CRITICAL |
| If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. | |||||
| CVE-2022-40747 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-05-05 | N/A | 9.1 CRITICAL |
| "IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 236584." | |||||
| CVE-2022-30615 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-05-05 | N/A | 5.4 MEDIUM |
| "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227592. | |||||
| CVE-2022-30608 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-05-05 | N/A | 8.8 HIGH |
| "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a "user that the website trusts. IBM X-Force ID: 227295. | |||||
| CVE-2022-22442 | 3 Ibm, Linux, Microsoft | 5 Aix, Infosphere Information Server, Infosphere Information Server On Cloud and 2 more | 2025-05-05 | N/A | 6.5 MEDIUM |
| "IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. IBM X-Force ID: 224427." | |||||
| CVE-2022-22425 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-05-05 | N/A | 9.8 CRITICAL |
| "IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598." | |||||
| CVE-2023-41747 | 2 Acronis, Microsoft | 2 Cloud Manager, Windows | 2025-05-05 | N/A | 6.5 MEDIUM |
| Sensitive information disclosure due to unauthenticated path traversal. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203. | |||||
| CVE-2022-40235 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-05-02 | N/A | 6.5 MEDIUM |
| "IBM InfoSphere Information Server 11.7 could allow a user to cause a denial of service by removing the ability to run jobs due to improper input validation. IBM X-Force ID: 235725." | |||||
| CVE-2022-38712 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2025-05-02 | N/A | 5.9 MEDIUM |
| "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID: 234762." | |||||