ReportizFlow
Filtered by vendor Microsoft
Subscriptions
Total
24859 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-41773 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-15 | 8.1 High |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-41772 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2025-04-15 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2023-41769 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-15 | 8.1 High |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-41771 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-15 | 8.1 High |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-41767 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-15 | 8.1 High |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-41768 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-15 | 8.1 High |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-41770 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-15 | 8.1 High |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-41766 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-15 | 7.8 High |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | ||||
| CVE-2023-41765 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-15 | 8.1 High |
| Layer 2 Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-36789 | 1 Microsoft | 1 Skype For Business Server | 2025-04-15 | 7.2 High |
| Skype for Business Remote Code Execution Vulnerability | ||||
| CVE-2023-36786 | 1 Microsoft | 1 Skype For Business Server | 2025-04-15 | 7.2 High |
| Skype for Business Remote Code Execution Vulnerability | ||||
| CVE-2023-36737 | 1 Microsoft | 1 Azure Network Watcher | 2025-04-15 | 7.8 High |
| Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | ||||
| CVE-2023-38171 | 1 Microsoft | 4 .net, Visual Studio 2022, Windows 11 22h2 and 1 more | 2025-04-15 | 7.5 High |
| Microsoft QUIC Denial of Service Vulnerability | ||||
| CVE-2023-36902 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2025-04-15 | 7 High |
| Windows Runtime Remote Code Execution Vulnerability | ||||
| CVE-2023-35349 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-15 | 9.8 Critical |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | ||||
| CVE-2022-4326 | 2 Microsoft, Trellix | 2 Windows, Endpoint Security | 2025-04-14 | 5.5 Medium |
| Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality. | ||||
| CVE-2025-27179 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-04-14 | 5.5 Medium |
| InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27176 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-04-14 | 5.5 Medium |
| InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-45433 | 2 Dahuasecurity, Microsoft | 9 Dhi-dss4004-s2, Dhi-dss4004-s2 Firmware, Dhi-dss7016d-s2 and 6 more | 2025-04-14 | 3.7 Low |
| Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could get the traceroute results. | ||||
| CVE-2022-45432 | 2 Dahuasecurity, Microsoft | 9 Dhi-dss4004-s2, Dhi-dss4004-s2 Firmware, Dhi-dss7016d-s2 and 6 more | 2025-04-14 | 5.3 Medium |
| Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from remote DSS Server. | ||||