U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Microsoft
  • Search Type: Search Last 3 Months
  • CPE Name Search: false
There are 118 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2024-39804

A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafted library can leverage PowerPoint's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

Published: December 18, 2024; 6:15:07 PM -0500
V4.0:(not available)
V3.1: 7.1 HIGH
V2.0:(not available)
CVE-2024-49147

Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver.

Published: December 12, 2024; 2:15:13 PM -0500
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2024-49142

Microsoft Access Remote Code Execution Vulnerability

Published: December 11, 2024; 9:04:40 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-49122

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Published: December 11, 2024; 9:04:38 PM -0500
V4.0:(not available)
V3.1: 8.1 HIGH
V2.0:(not available)
CVE-2024-49118

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Published: December 11, 2024; 9:04:38 PM -0500
V4.0:(not available)
V3.1: 8.1 HIGH
V2.0:(not available)
CVE-2024-49096

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Published: December 11, 2024; 9:04:35 PM -0500
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2024-49070

Microsoft SharePoint Remote Code Execution Vulnerability

Published: December 11, 2024; 9:04:31 PM -0500
V4.0:(not available)
V3.1: 7.4 HIGH
V2.0:(not available)
CVE-2024-49069

Microsoft Excel Remote Code Execution Vulnerability

Published: December 11, 2024; 9:04:30 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-49068

Microsoft SharePoint Elevation of Privilege Vulnerability

Published: December 11, 2024; 9:04:30 PM -0500
V4.0:(not available)
V3.1: 8.2 HIGH
V2.0:(not available)
CVE-2024-49065

Microsoft Office Remote Code Execution Vulnerability

Published: December 11, 2024; 9:04:30 PM -0500
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-49064

Microsoft SharePoint Information Disclosure Vulnerability

Published: December 11, 2024; 9:04:30 PM -0500
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2024-49063

Microsoft/Muzic Remote Code Execution Vulnerability

Published: December 11, 2024; 9:04:30 PM -0500
V4.0:(not available)
V3.1: 8.4 HIGH
V2.0:(not available)
CVE-2024-49062

Microsoft SharePoint Information Disclosure Vulnerability

Published: December 11, 2024; 9:04:30 PM -0500
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2024-49059

Microsoft Office Elevation of Privilege Vulnerability

Published: December 11, 2024; 9:04:30 PM -0500
V4.0:(not available)
V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2024-49057

Microsoft Defender for Endpoint on Android Spoofing Vulnerability

Published: December 11, 2024; 9:04:29 PM -0500
V4.0:(not available)
V3.1: 8.1 HIGH
V2.0:(not available)
CVE-2024-43600

Microsoft Office Elevation of Privilege Vulnerability

Published: December 11, 2024; 9:00:55 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-43594

Microsoft System Center Elevation of Privilege Vulnerability

Published: December 11, 2024; 9:00:54 PM -0500
V4.0:(not available)
V3.1: 7.3 HIGH
V2.0:(not available)
CVE-2024-49041

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Published: December 05, 2024; 9:15:18 PM -0500
V4.0:(not available)
V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2024-49053

Microsoft Dynamics 365 Sales Spoofing Vulnerability

Published: November 26, 2024; 3:15:32 PM -0500
V4.0:(not available)
V3.1: 7.6 HIGH
V2.0:(not available)
CVE-2024-49052

Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network.

Published: November 26, 2024; 3:15:32 PM -0500
V4.0:(not available)
V3.1: 9.8 CRITICAL
V2.0:(not available)