) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): microsoft
- Search Type: Search All
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-36021 |
Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability Published: November 14, 2023; 1:15:31 PM -0500 |
V4.0:(not available) V3.1: 8.0 HIGH V2.0:(not available) |
| CVE-2023-36016 |
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Published: November 14, 2023; 1:15:30 PM -0500 |
V4.0:(not available) V3.1: 3.4 LOW V2.0:(not available) |
| CVE-2023-36027 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Published: November 10, 2023; 3:15:07 PM -0500 |
V4.0:(not available) V3.1: 6.3 MEDIUM V2.0:(not available) |
| CVE-2023-47800 |
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL services. Published: November 10, 2023; 2:15:07 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2023-36024 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Published: November 09, 2023; 7:15:08 PM -0500 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
| CVE-2023-36014 |
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Published: November 09, 2023; 7:15:08 PM -0500 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
| CVE-2023-4706 |
A privilege escalation vulnerability was reported in Lenovo preloaded devices deployed using Microsoft AutoPilot under a standard user account due to incorrect default privileges. Published: November 08, 2023; 5:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-36409 |
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Published: November 06, 2023; 7:15:07 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-36769 |
Microsoft OneNote Spoofing Vulnerability Published: November 06, 2023; 6:15:10 PM -0500 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-36034 |
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Published: November 02, 2023; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
| CVE-2023-36029 |
Microsoft Edge (Chromium-based) Spoofing Vulnerability Published: November 02, 2023; 9:15:07 PM -0400 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0:(not available) |
| CVE-2023-36022 |
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Published: November 02, 2023; 9:15:07 PM -0400 |
V4.0:(not available) V3.1: 6.6 MEDIUM V2.0:(not available) |
| CVE-2023-36559 |
Microsoft Edge (Chromium-based) Spoofing Vulnerability Published: October 13, 2023; 5:15:51 PM -0400 |
V4.0:(not available) V3.1: 4.2 MEDIUM V2.0:(not available) |
| CVE-2023-38817 |
An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by Microsoft itself." Published: October 11, 2023; 3:15:10 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-38171 |
Microsoft QUIC Denial of Service Vulnerability Published: October 10, 2023; 2:15:18 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-36785 |
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Published: October 10, 2023; 2:15:17 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-36778 |
Microsoft Exchange Server Remote Code Execution Vulnerability Published: October 10, 2023; 2:15:17 PM -0400 |
V4.0:(not available) V3.1: 8.0 HIGH V2.0:(not available) |
| CVE-2023-36730 |
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Published: October 10, 2023; 2:15:17 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-36728 |
Microsoft SQL Server Denial of Service Vulnerability Published: October 10, 2023; 2:15:17 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-36718 |
Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability Published: October 10, 2023; 2:15:16 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |