CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft : Security Vulnerabilities (Bypass)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-31971 Bypass 2021-06-08 2021-06-11
6.8
 None Remote Medium Not required Partial Partial Partial
Windows HTML Platform Security Feature Bypass Vulnerability
2 CVE-2021-31970 Bypass 2021-06-08 2021-06-11
2.1
 None Local Low Not required None None Partial
Windows TCP/IP Driver Security Feature Bypass Vulnerability
3 CVE-2021-31962 Bypass 2021-06-08 2021-06-17
7.5
 None Remote Low Not required Partial Partial Partial
Kerberos AppContainer Security Feature Bypass Vulnerability
4 CVE-2021-31207 Bypass 2021-05-11 2021-05-18
6.5
 None Remote Low ??? Partial Partial Partial
Microsoft Exchange Server Security Feature Bypass Vulnerability
5 CVE-2021-31205 Bypass 2021-05-11 2021-05-18
4.3
 None Remote Medium Not required Partial None None
Windows SMB Client Security Feature Bypass Vulnerability
6 CVE-2021-28447 Bypass 2021-04-13 2021-04-21
2.1
 None Local Low Not required None Partial None
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-27094.
7 CVE-2021-28444 Bypass 2021-04-13 2021-04-21
4.0
 None Remote Low ??? None Partial None
Windows Hyper-V Security Feature Bypass Vulnerability
8 CVE-2021-28316 Bypass 2021-04-13 2021-04-15
2.1
 None Local Low Not required Partial None None
Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability
9 CVE-2021-27094 Bypass 2021-04-13 2021-04-16
2.1
 None Local Low Not required None Partial None
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-28447.
10 CVE-2021-27092 Bypass 2021-04-13 2021-04-16
7.5
 None Remote Low Not required Partial Partial Partial
Azure AD Web Sign-in Security Feature Bypass Vulnerability
11 CVE-2021-27066 Bypass 2021-03-11 2021-03-16
4.0
 None Remote Low ??? Partial None None
Windows Admin Center Security Feature Bypass Vulnerability
12 CVE-2021-27055 Bypass 2021-03-11 2021-03-16
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Visio Security Feature Bypass Vulnerability
13 CVE-2021-26892 Bypass 2021-03-11 2021-03-23
2.1
 None Local Low Not required None None Partial
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
14 CVE-2021-26414 Bypass 2021-06-08 2021-06-17
4.3
 None Remote Medium Not required None Partial None
Windows DCOM Server Security Feature Bypass
15 CVE-2021-24113 Bypass 2021-02-25 2021-03-03
5.8
 None Remote Medium Not required Partial Partial None
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
16 CVE-2021-24082 Bypass 2021-02-25 2021-03-04
4.0
 None Remote Low ??? Partial None None
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
17 CVE-2021-21141 287 Bypass 2021-02-09 2021-02-25
4.3
 None Remote Medium Not required None Partial None
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page.
18 CVE-2021-21139 1021 Bypass 2021-02-09 2021-03-15
4.3
 None Remote Medium Not required None Partial None
Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
19 CVE-2021-21133 287 Bypass 2021-02-09 2021-03-08
4.3
 None Remote Medium Not required Partial None None
Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.
20 CVE-2021-21131 287 Bypass 2021-02-09 2021-03-04
4.3
 None Remote Medium Not required None Partial None
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
21 CVE-2021-21130 287 Bypass 2021-02-09 2021-03-04
4.3
 None Remote Medium Not required None Partial None
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
22 CVE-2021-21129 287 Bypass 2021-02-09 2021-03-04
4.3
 None Remote Medium Not required None Partial None
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
23 CVE-2021-21127 287 Bypass 2021-02-09 2021-03-04
6.8
 None Remote Medium Not required Partial Partial Partial
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension.
24 CVE-2021-21126 287 Bypass 2021-02-09 2021-03-04
4.3
 None Remote Medium Not required Partial None None
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.
25 CVE-2021-21125 287 Bypass 2021-02-09 2021-03-08
5.8
 None Remote Medium Not required Partial Partial None
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
26 CVE-2021-21123 20 Bypass 2021-02-09 2021-03-08
4.3
 None Remote Medium Not required None Partial None
Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
27 CVE-2021-1731 Bypass 2021-02-25 2021-03-03
2.1
 None Local Low Not required Partial None None
PFX Encryption Security Feature Bypass Vulnerability
28 CVE-2021-1684 Bypass 2021-01-12 2021-01-20
2.1
 None Local Low Not required Partial None None
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683.
29 CVE-2021-1683 Bypass 2021-01-12 2021-01-20
2.1
 None Local Low Not required Partial None None
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684.
30 CVE-2021-1678 Bypass 2021-01-12 2021-01-20
5.0
 None Remote Low Not required Partial None None
NTLM Security Feature Bypass Vulnerability
31 CVE-2021-1674 Bypass 2021-01-12 2021-01-20
6.5
 None Remote Low ??? Partial Partial Partial
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
32 CVE-2021-1669 863 Bypass 2021-01-12 2021-01-20
6.5
 None Remote Low ??? Partial Partial Partial
Windows Remote Desktop Security Feature Bypass Vulnerability
33 CVE-2021-1638 863 Bypass 2021-01-12 2021-01-14
2.1
 None Local Low Not required Partial None None
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1683, CVE-2021-1684.
34 CVE-2020-17162 Bypass 2021-02-25 2021-03-03
6.5
 None Remote Low ??? Partial Partial Partial
Microsoft Windows Security Feature Bypass Vulnerability
35 CVE-2020-17139 Bypass 2020-12-10 2021-03-03
4.6
 None Local Low Not required Partial Partial Partial
Windows Overlay Filter Security Feature Bypass Vulnerability
36 CVE-2020-17130 Bypass 2020-12-10 2021-03-04
6.0
 None Remote Medium ??? Partial Partial Partial
Microsoft Excel Security Feature Bypass Vulnerability
37 CVE-2020-17099 Bypass 2020-12-10 2021-03-03
4.6
 None Local Low Not required Partial Partial Partial
Windows Lock Screen Security Feature Bypass Vulnerability
38 CVE-2020-17090 Bypass 2020-11-11 2020-12-01
7.5
 None Remote Low Not required Partial Partial Partial
Microsoft Defender for Endpoint Security Feature Bypass Vulnerability
39 CVE-2020-17067 Bypass 2020-11-11 2020-11-23
6.8
 None Remote Medium Not required Partial Partial Partial
Microsoft Excel Security Feature Bypass Vulnerability
40 CVE-2020-17049 269 Bypass 2020-11-11 2020-11-23
9.0
 None Remote Low ??? Complete Complete Complete
Kerberos Security Feature Bypass Vulnerability
41 CVE-2020-17040 287 Bypass 2020-11-11 2020-11-19
7.5
 None Remote Low Not required Partial Partial Partial
Windows Hyper-V Security Feature Bypass Vulnerability
42 CVE-2020-17020 287 Bypass 2020-11-11 2020-11-19
2.1
 None Local Low Not required Partial None None
Microsoft Word Security Feature Bypass Vulnerability
43 CVE-2020-17002 Bypass 2020-12-10 2021-03-03
9.4
 None Remote Low Not required Complete Complete None
Azure SDK for C Security Feature Bypass Vulnerability
44 CVE-2020-16996 Bypass 2020-12-10 2021-03-03
4.0
 None Remote Low ??? None Partial None
Kerberos Security Feature Bypass Vulnerability
45 CVE-2020-16971 Bypass 2020-12-10 2021-03-03
6.4
 None Remote Low Not required Partial Partial None
Azure SDK for Java Security Feature Bypass Vulnerability
46 CVE-2020-16933 755 Bypass 2020-10-16 2020-10-21
6.8
 None Remote Medium Not required Partial Partial Partial
A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files, aka 'Microsoft Word Security Feature Bypass Vulnerability'.
47 CVE-2020-16910 281 Bypass 2020-10-16 2020-10-21
4.3
 None Remote Medium Not required None Partial None
A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location.To exploit this vulnerability, an attacker could run a specially crafted application to bypass Unified Extensible Firmware Interface (UEFI) variable security in Windows.The security update addresses the vulnerability by correcting security feature behavior to enforce permissions., aka 'Windows Security Feature Bypass Vulnerability'.
48 CVE-2020-16886 Bypass 2020-10-16 2020-10-21
7.2
 None Local Low Not required Complete Complete Complete
A security feature bypass vulnerability exists in the PowerShellGet V2 module, aka 'PowerShellGet Module WDAC Security Feature Bypass Vulnerability'.
49 CVE-2020-15707 362 Exec Code Overflow Bypass 2020-07-29 2021-05-01
4.4
 None Local Medium Not required Partial Partial Partial
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.
50 CVE-2020-15706 362 Exec Code Bypass 2020-07-29 2021-05-01
4.4
 None Local Medium Not required Partial Partial Partial
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.
Total number of vulnerabilities : 475   Page : 1 (This Page)2 3 4 5 6 7 8 9 10
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.