Filtered by vendor Microsoft
Subscriptions
Total
22670 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-38144 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-10-30 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-38146 | 1 Microsoft | 2 Windows 11 21h2, Windows 11 22h2 | 2025-10-30 | 8.8 High |
| Windows Themes Remote Code Execution Vulnerability | ||||
| CVE-2023-38147 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2025-10-30 | 8.8 High |
| Windows Miracast Wireless Display Remote Code Execution Vulnerability | ||||
| CVE-2023-38148 | 1 Microsoft | 4 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 1 more | 2025-10-30 | 8.8 High |
| Internet Connection Sharing (ICS) Remote Code Execution Vulnerability | ||||
| CVE-2023-38149 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-10-30 | 7.5 High |
| Windows TCP/IP Denial of Service Vulnerability | ||||
| CVE-2023-38150 | 1 Microsoft | 2 Windows 11 21h2, Windows 11 22h2 | 2025-10-30 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-38152 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-10-30 | 5.3 Medium |
| DHCP Server Service Information Disclosure Vulnerability | ||||
| CVE-2023-38156 | 1 Microsoft | 1 Azure Hdinsights | 2025-10-30 | 7.2 High |
| Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability | ||||
| CVE-2023-38161 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-10-30 | 7.8 High |
| Windows GDI Elevation of Privilege Vulnerability | ||||
| CVE-2023-38162 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2025-10-30 | 7.5 High |
| DHCP Server Service Denial of Service Vulnerability | ||||
| CVE-2023-33136 | 1 Microsoft | 1 Azure Devops Server | 2025-10-30 | 8.8 High |
| Azure DevOps Server Remote Code Execution Vulnerability | ||||
| CVE-2023-35355 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2025-10-30 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-29332 | 1 Microsoft | 1 Azure Kubernetes Service | 2025-10-30 | 7.5 High |
| Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | ||||
| CVE-2024-43573 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-30 | 6.5 Medium |
| Windows MSHTML Platform Spoofing Vulnerability | ||||
| CVE-2024-43556 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-10-30 | 7.8 High |
| Windows Graphics Component Elevation of Privilege Vulnerability | ||||
| CVE-2024-43572 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-10-30 | 7.8 High |
| Microsoft Management Console Remote Code Execution Vulnerability | ||||
| CVE-2025-10585 | 4 Apple, Google, Linux and 1 more | 5 Macos, Chrome, V8 and 2 more | 2025-10-30 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2019-18187 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2025-10-30 | 8.8 High |
| Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication. | ||||
| CVE-2025-8088 | 3 Dtsearch, Microsoft, Rarlab | 3 Dtsearch, Windows, Winrar | 2025-10-30 | 8.8 High |
| A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET. | ||||
| CVE-2025-9164 | 2 Docker, Microsoft | 2 Desktop, Windows | 2025-10-30 | N/A |
| Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker Desktop: through 4.48.0. | ||||