Filtered by vendor Microsoft
Subscriptions
Total
22482 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-38144 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-10-30 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-38146 | 1 Microsoft | 2 Windows 11 21h2, Windows 11 22h2 | 2025-10-30 | 8.8 High |
| Windows Themes Remote Code Execution Vulnerability | ||||
| CVE-2023-38147 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2025-10-30 | 8.8 High |
| Windows Miracast Wireless Display Remote Code Execution Vulnerability | ||||
| CVE-2023-38148 | 1 Microsoft | 4 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 1 more | 2025-10-30 | 8.8 High |
| Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | ||||
| CVE-2023-38149 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-10-30 | 7.5 High |
| Windows TCP/IP Denial of Service Vulnerability | ||||
| CVE-2023-38150 | 1 Microsoft | 2 Windows 11 21h2, Windows 11 22h2 | 2025-10-30 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-38152 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-10-30 | 5.3 Medium |
| DHCP Server Service Information Disclosure Vulnerability | ||||
| CVE-2023-38156 | 1 Microsoft | 1 Azure Hdinsights | 2025-10-30 | 7.2 High |
| Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability | ||||
| CVE-2023-38161 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-10-30 | 7.8 High |
| Windows GDI Elevation of Privilege Vulnerability | ||||
| CVE-2023-38162 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2025-10-30 | 7.5 High |
| DHCP Server Service Denial of Service Vulnerability | ||||
| CVE-2023-33136 | 1 Microsoft | 1 Azure Devops Server | 2025-10-30 | 8.8 High |
| Azure DevOps Server Remote Code Execution Vulnerability | ||||
| CVE-2023-35355 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2025-10-30 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-29332 | 1 Microsoft | 1 Azure Kubernetes Service | 2025-10-30 | 7.5 High |
| Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | ||||
| CVE-2025-11719 | 2 Microsoft, Mozilla | 3 Windows, Firefox, Thunderbird | 2025-10-30 | 9.8 Critical |
| Starting in Firefox 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox < 144 and Thunderbird < 144. | ||||
| CVE-2025-11713 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2025-10-30 | 8.1 High |
| Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect Firefox running on other operating systems. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4. | ||||
| CVE-2024-43573 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-30 | 6.5 Medium |
| Windows MSHTML Platform Spoofing Vulnerability | ||||
| CVE-2024-43556 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-10-30 | 7.8 High |
| Windows Graphics Component Elevation of Privilege Vulnerability | ||||
| CVE-2024-43572 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-10-30 | 7.8 High |
| Microsoft Management Console Remote Code Execution Vulnerability | ||||
| CVE-2025-10585 | 4 Apple, Google, Linux and 1 more | 5 Macos, Chrome, V8 and 2 more | 2025-10-30 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2019-18187 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2025-10-30 | 8.8 High |
| Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication. | ||||