CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft : Security Vulnerabilities

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2023-24930 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability
2 CVE-2023-24923 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft OneDrive for Android Information Disclosure Vulnerability
3 CVE-2023-24922 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft Dynamics 365 Information Disclosure Vulnerability
4 CVE-2023-24921 79 XSS 2023-03-14 2023-03-17
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
5 CVE-2023-24920 79 XSS 2023-03-14 2023-03-17
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
6 CVE-2023-24919 79 XSS 2023-03-14 2023-03-17
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
7 CVE-2023-24913 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
8 CVE-2023-24911 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
9 CVE-2023-24891 79 XSS 2023-03-14 2023-03-17
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
10 CVE-2023-24859 DoS 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
11 CVE-2023-24858 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
12 CVE-2023-24857 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
13 CVE-2023-24856 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
14 CVE-2023-23939 732 2023-03-06 2023-03-13
0.0
 None ??? ??? ??? ??? ??? ???
Azure/setup-kubectl is a GitHub Action for installing Kubectl. This vulnerability only impacts versions before version 3. An insecure temporary creation of a file allows other actors on the Actions runner to replace the Kubectl binary created by this action because it is world writable. This Kubectl tool installer runs `fs.chmodSync(kubectlPath, 777)` to set permissions on the Kubectl binary, however, this allows any local user to replace the Kubectl binary. This allows privilege escalation to the user that can also run kubectl, most likely root. This attack is only possible if an attacker somehow breached the GitHub actions runner or if a user is utilizing an Action that maliciously executes this attack. This has been fixed and released in all versions `v3` and later. 775 permissions are used instead. Users are advised to upgrade. There are no known workarounds for this issue.
15 CVE-2023-23423 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Kernel Elevation of Privilege Vulnerability
16 CVE-2023-23422 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Kernel Elevation of Privilege Vulnerability
17 CVE-2023-23421 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Kernel Elevation of Privilege Vulnerability
18 CVE-2023-23420 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Kernel Elevation of Privilege Vulnerability
19 CVE-2023-23418 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
20 CVE-2023-23417 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Partition Management Driver Elevation of Privilege Vulnerability
21 CVE-2023-23416 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Cryptographic Services Remote Code Execution Vulnerability
22 CVE-2023-23415 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
23 CVE-2023-23414 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
24 CVE-2023-23413 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
25 CVE-2023-23412 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Accounts Picture Elevation of Privilege Vulnerability
26 CVE-2023-23411 400 DoS 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Hyper-V Denial of Service Vulnerability
27 CVE-2023-23410 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows HTTP.sys Elevation of Privilege Vulnerability
28 CVE-2023-23409 668 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
29 CVE-2023-23408 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Azure Apache Ambari Spoofing Vulnerability
30 CVE-2023-23407 362 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability
31 CVE-2023-23406 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
32 CVE-2023-23405 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Remote Procedure Call Runtime Remote Code Execution Vulnerability
33 CVE-2023-23404 362 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
34 CVE-2023-23403 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
35 CVE-2023-23402 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Media Remote Code Execution Vulnerability
36 CVE-2023-23401 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Media Remote Code Execution Vulnerability
37 CVE-2023-23400 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows DNS Server Remote Code Execution Vulnerability
38 CVE-2023-23399 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft Excel Remote Code Execution Vulnerability
39 CVE-2023-23398 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft Excel Spoofing Vulnerability
40 CVE-2023-23397 294 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft Outlook Elevation of Privilege Vulnerability
41 CVE-2023-23396 400 DoS 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft Excel Denial of Service Vulnerability
42 CVE-2023-23395 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft SharePoint Server Spoofing Vulnerability
43 CVE-2023-23394 668 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
44 CVE-2023-23393 362 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability
45 CVE-2023-23392 Exec Code 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
HTTP Protocol Stack Remote Code Execution Vulnerability
46 CVE-2023-23390 Exec Code 2023-02-14 2023-02-23
0.0
 None ??? ??? ??? ??? ??? ???
3D Builder Remote Code Execution Vulnerability
47 CVE-2023-23389 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Microsoft Defender Elevation of Privilege Vulnerability
48 CVE-2023-23388 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Bluetooth Driver Elevation of Privilege Vulnerability
49 CVE-2023-23385 2023-03-14 2023-03-20
0.0
 None ??? ??? ??? ??? ??? ???
Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability
50 CVE-2023-23382 2023-02-14 2023-02-23
0.0
 None ??? ??? ??? ??? ??? ???
Azure Machine Learning Compute Instance Information Disclosure Vulnerability
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.