CVE-2024-38176 CVSS:8.1 EPSS:0.09%
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network. (Last Update:2024-07-25 04:15:06) (Publish Update:2024-07-23 21:26:48)
CVE-2024-38164 CVSS:9.6 EPSS:0.09%
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link. (Last Update:2024-07-25 04:15:05) (Publish Update:2024-07-23 21:26:49)
CVE-2024-35260 CVSS:8.0 EPSS:0.05%
An authenticated attacker can exploit an Untrusted Search Path vulnerability in Microsoft Dataverse to execute code over a network. (Last Update:2024-07-25 04:15:05) (Publish Update:2024-06-27 18:15:19)
CVE-2017-0199 CVSS:9.3 EPSS:97.52%
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." (Last Update:2024-07-24 17:11:36) (Publish Update:2017-04-12 14:59:01)
CVE-2017-8759 CVSS:9.3 EPSS:97.15%
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability." (Last Update:2024-07-24 17:11:20) (Publish Update:2017-09-13 01:29:12)
CVE-2021-40449 CVSS:7.8 EPSS:0.21%
Win32k Elevation of Privilege Vulnerability (Last Update:2024-07-24 17:07:46) (Publish Update:2021-10-13 01:15:10)
CVE-2021-42292 CVSS:7.8 EPSS:4.00%
Microsoft Excel Security Feature Bypass Vulnerability (Last Update:2024-07-24 17:07:29) (Publish Update:2021-11-10 01:19:47)
CVE-2021-42321 CVSS:8.8 EPSS:96.54%
Microsoft Exchange Server Remote Code Execution Vulnerability (Last Update:2024-07-24 17:07:19) (Publish Update:2021-11-10 01:19:50)
CVE-2012-0158 CVSS:9.3 EPSS:97.42%
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers "system state" corruption, as exploited in the wild in April 2012, aka "MSCOMCTL.OCX RCE Vulnerability." (Last Update:2024-07-24 17:07:12) (Publish Update:2012-04-10 21:55:02)
CVE-2015-1641 CVSS:9.3 EPSS:89.00%
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability." (Last Update:2024-07-24 17:06:42) (Publish Update:2015-04-14 20:59:05)
This vulnerability list widget is provided by is updated! Visit to see what's new in the new version!