ReportizFlow
Filtered by vendor Microsoft
Subscriptions
Total
20893 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-30076 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2025-05-16 | 6.8 Medium |
| Windows Container Manager Service Elevation of Privilege Vulnerability | ||||
| CVE-2024-30075 | 1 Microsoft | 1 Windows Server 2008 | 2025-05-16 | 8 High |
| Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | ||||
| CVE-2024-30074 | 1 Microsoft | 1 Windows Server 2008 | 2025-05-16 | 8 High |
| Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | ||||
| CVE-2024-30072 | 1 Microsoft | 3 Windows 11 22h2, Windows 11 23h2, Windows Server 2022 23h2 | 2025-05-16 | 7.8 High |
| Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | ||||
| CVE-2024-30070 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2025-05-16 | 7.5 High |
| DHCP Server Service Denial of Service Vulnerability | ||||
| CVE-2024-30069 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-05-16 | 4.7 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2024-23769 | 2 Microsoft, Samsung | 2 Windows, Magician | 2025-05-15 | 7.3 High |
| Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data. | ||||
| CVE-2024-1149 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2025-05-15 | 7.8 High |
| Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2. | ||||
| CVE-2025-30378 | 1 Microsoft | 1 Sharepoint Server | 2025-05-15 | 7 High |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. | ||||
| CVE-2022-28887 | 3 Apple, F-secure, Microsoft | 8 Macos, Atlant, Elements Endpoint Detection And Response and 5 more | 2025-05-15 | 4.3 Medium |
| Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine crash. | ||||
| CVE-2025-30328 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | 7.8 High |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-30329 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | 5.5 Medium |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-30330 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-05-15 | 7.8 High |
| Illustrator versions 29.3, 28.7.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43545 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2025-05-15 | 7.8 High |
| Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43546 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2025-05-15 | 7.8 High |
| Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43547 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2025-05-15 | 7.8 High |
| Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43555 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | 7.8 High |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43556 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | 7.8 High |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43557 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | 7.8 High |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-4660 | 2 Forescout, Microsoft | 2 Secureconnector, Windows | 2025-05-15 | 9.8 Critical |
| A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent. This does not impact Linux or OSX Secure Connector. | ||||