Filtered by vendor Microsoft
Subscribe
Total
19922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-35250 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-12-17 | N/A | 7.8 HIGH |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | |||||
| CVE-2023-25922 | 3 Ibm, Linux, Microsoft | 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more | 2024-12-13 | N/A | 4.3 MEDIUM |
| IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247621. | |||||
| CVE-2023-25925 | 3 Ibm, Linux, Microsoft | 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more | 2024-12-13 | N/A | 8.5 HIGH |
| IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632. | |||||
| CVE-2023-25921 | 3 Ibm, Linux, Microsoft | 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more | 2024-12-13 | N/A | 8.5 HIGH |
| IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620. | |||||
| CVE-2023-25926 | 3 Ibm, Linux, Microsoft | 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more | 2024-12-13 | N/A | 5.5 MEDIUM |
| IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599. | |||||
| CVE-2024-53955 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2024-12-13 | N/A | 7.8 HIGH |
| Bridge versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-53956 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-12-13 | N/A | 7.8 HIGH |
| Premiere Pro versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-49138 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-12-13 | N/A | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-53959 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-12-13 | N/A | 7.8 HIGH |
| Adobe Framemaker versions 2020.7, 2022.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-30314 | 3 Adobe, Apple, Microsoft | 3 Dreamweaver, Macos, Windows | 2024-12-12 | N/A | 7.8 HIGH |
| Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does require user interaction. | |||||
| CVE-2024-41836 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-12 | N/A | 5.5 MEDIUM |
| InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-41871 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-12-12 | N/A | 5.5 MEDIUM |
| Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-36606 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2023-36581 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2023-36579 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2023-36576 | 1 Microsoft | 9 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 6 more | 2024-12-12 | N/A | 5.5 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2023-36559 | 1 Microsoft | 1 Edge Chromium | 2024-12-12 | N/A | 4.2 MEDIUM |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||
| CVE-2023-36431 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2023-36409 | 1 Microsoft | 1 Edge Chromium | 2024-12-12 | N/A | 6.5 MEDIUM |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | |||||
| CVE-2023-29348 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-12-12 | N/A | 7.5 HIGH |
| Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability | |||||