Microsoft Makers of the Windows Operating System and hundreds of products that run on it.

Do you want an email whenever new security vulnerabilities are reported in any Microsoft product?

Products by Microsoft Sorted by Most Security Vulnerabilities since 2018

Microsoft Windows 101839 vulnerabilities

Microsoft Windows Server 20161815 vulnerabilities

Microsoft Windows Server 20191540 vulnerabilities

Microsoft Windows Server 20121144 vulnerabilities

Microsoft Windows 8.11109 vulnerabilities

Microsoft Windows Rt 8 11053 vulnerabilities

Microsoft Windows Server 20081046 vulnerabilities

Microsoft Windows 71041 vulnerabilities

Microsoft Internet Explorer (IE)408 vulnerabilities
Popular web browser for windows

Microsoft Office241 vulnerabilities

Microsoft Sharepoint Server209 vulnerabilities

Microsoft Sharepoint Enterprise Server195 vulnerabilities

Microsoft ChakraCore183 vulnerabilities
ChakraCore is the core part of the Chakra JavaScript engine that powers Microsoft Edge

Microsoft Sharepoint Foundation146 vulnerabilities

Microsoft Ie146 vulnerabilities

Microsoft Excel85 vulnerabilities
Spreadsheet Software

Microsoft Office 365 Proplus83 vulnerabilities

Microsoft Office Online Server68 vulnerabilities

Microsoft 365 Apps66 vulnerabilities

Microsoft Exchange Server66 vulnerabilities

Microsoft Word54 vulnerabilities

Microsoft Visual Studio 201948 vulnerabilities

Microsoft Visual Studio 201748 vulnerabilities

Microsoft Office Web Apps45 vulnerabilities

Microsoft Office Compatibility Pack36 vulnerabilities

Microsoft Windows Server36 vulnerabilities

Microsoft Outlook34 vulnerabilities

Microsoft Edge Browser30 vulnerabilities
Web Browser based on Chromium

Microsoft Windows XP29 vulnerabilities

Microsoft Visual Studio Code28 vulnerabilities

Microsoft Azure Devops Server27 vulnerabilities

Microsoft Dynamics 36525 vulnerabilities

Microsoft Edge Chromium24 vulnerabilities

Microsoft Team Foundation Server23 vulnerabilities

Microsoft Visual Studio23 vulnerabilities
Developer IDE

Microsoft ASP.NET Core22 vulnerabilities

Microsoft Office Web Apps Server22 vulnerabilities

Microsoft .NET Core20 vulnerabilities

Microsoft Azure Sphere18 vulnerabilities

Microsoft Project Server16 vulnerabilities

Microsoft Powershell Core16 vulnerabilities

Microsoft Windows 2003 Server16 vulnerabilities

Microsoft Windows Vista16 vulnerabilities

Microsoft Windows Server 200315 vulnerabilities

Microsoft Excel Viewer14 vulnerabilities

Microsoft Windows 200013 vulnerabilities

Microsoft Hevc Video Extensions12 vulnerabilities

Microsoft High Efficiency Video Coding10 vulnerabilities

Microsoft Security Essentials9 vulnerabilities

Microsoft Onedrive8 vulnerabilities

Microsoft Outlook Express7 vulnerabilities

Microsoft Skype For Business7 vulnerabilities

Microsoft Forefront Endpoint Protection 20107 vulnerabilities

Microsoft Office Word Viewer7 vulnerabilities

Microsoft Office For Mac7 vulnerabilities

Microsoft Raw Image Extension7 vulnerabilities

Microsoft Powerpoint7 vulnerabilities

Microsoft Lync7 vulnerabilities

Microsoft Windows 86 vulnerabilities

Microsoft SQL Server6 vulnerabilities
Database Server

Microsoft Dynamics Nav6 vulnerabilities

Microsoft System Center Endpoint Protection6 vulnerabilities

Microsoft Powerpoint Viewer6 vulnerabilities

Microsoft Lync Server6 vulnerabilities

Microsoft 3d Viewer5 vulnerabilities

Microsoft Windows Me5 vulnerabilities

Microsoft Office 3655 vulnerabilities

Microsoft Skype For Business Server5 vulnerabilities

Microsoft Windows Server 18035 vulnerabilities

Microsoft Dynamics 365 Business Central5 vulnerabilities

Microsoft Windows 985 vulnerabilities

Microsoft Excel 2013 Rt5 vulnerabilities

Microsoft Sql Server Management Studio5 vulnerabilities

Microsoft Internet Information Services5 vulnerabilities

Microsoft Net5 vulnerabilities

Microsoft Access4 vulnerabilities

Microsoft Asp Net Model View Controller4 vulnerabilities

Microsoft Windows Nt4 vulnerabilities

Microsoft Business Productivity Servers4 vulnerabilities

Microsoft Project4 vulnerabilities

Microsoft Windows 98se4 vulnerabilities

Microsoft Teams4 vulnerabilities

Microsoft Open Enclave Software Development Kit4 vulnerabilities

Microsoft Outlook Rt4 vulnerabilities

Microsoft Visual Studio 20154 vulnerabilities

Microsoft Java Software Development Kit4 vulnerabilities

Microsoft Power Bi Report Server4 vulnerabilities

Microsoft Windows4 vulnerabilities

Microsoft Malware Protection Engine4 vulnerabilities

Microsoft System Net Http Winhttphandler3 vulnerabilities

Microsoft Sharepoint Services3 vulnerabilities

Microsoft System Center Endpoint Protection 20123 vulnerabilities

Microsoft System Net Websockets Client3 vulnerabilities

Microsoft System Net Http3 vulnerabilities

Microsoft System Text Encodings Web3 vulnerabilities

Microsoft System Net Security3 vulnerabilities

Microsoft Sharepoint Enterprise Server 20163 vulnerabilities

Microsoft Aspnetcore Mvc Razor3 vulnerabilities

Microsoft Aspnetcore Mvc Taghelpers3 vulnerabilities

Microsoft Aspnetcore Mvc Viewfeatures3 vulnerabilities

Recent Microsoft Security Advisories

Advisory	Title	Published
CVE-2021-30572	Chromium: CVE-2021-30572 Use after free in Autofill	July 22, 2021
CVE-2021-30571	Chromium: CVE-2021-30571 Insufficient policy enforcement in DevTools	July 22, 2021
CVE-2021-30566	Chromium: CVE-2021-30566 Stack buffer overflow in Printing	July 22, 2021
CVE-2021-30573	Chromium: CVE-2021-30573 Use after free in GPU	July 22, 2021
CVE-2021-30575	Chromium: CVE-2021-30575 Out of bounds read in Autofill	July 22, 2021
CVE-2021-30565	Chromium: CVE-2021-30565 Out of bounds write in Tab Groups	July 22, 2021
CVE-2021-30567	Chromium: CVE-2021-30567 Use after free in DevTools	July 22, 2021
CVE-2021-30574	Chromium: CVE-2021-30574 Use after free in protocol handling	July 22, 2021
CVE-2021-30569	Chromium: CVE-2021-30569 Use after free in sqlite	July 22, 2021
CVE-2021-30568	Chromium: CVE-2021-30568 Heap buffer overflow in WebGL	July 22, 2021

@msftsecurity Tweets

Are you transitioning from a traditional SIEM to Azure Sentinel? Discover the pros and cons of the five most commo… https://t.co/srxDQjGsWl
Wed Aug 04 17:00:00 +0000 2021

Learn about the rapid rise of ransomware, discover new crisis prevention and mitigation strategies, and hear the la… https://t.co/kvERSO4uNO
Wed Aug 04 14:00:01 +0000 2021

Build customer trust with passwordless authentication, a Zero Trust framework, cloud security, and fraud protection… https://t.co/dstjjAAmLk
Tue Aug 03 17:00:11 +0000 2021

Get an in-depth analysis of the malicious actions that follow a LemonDuck #malware infection, including general and… https://t.co/QgHNEIKvzy
Mon Aug 02 16:00:00 +0000 2021

RT @ZDNet: Microsoft: Zero Trust security just hit the mainstream https://t.co/rA09wMcqL4
Sat Jul 31 19:00:00 +0000 2021

By the Year

In 2021 there have been 664 vulnerabilities in Microsoft with an average score of 7.6 out of ten. Last year Microsoft had 1188 security vulnerabilities published. Right now, Microsoft is on track to have less security vulnerabilities in 2021 than it did last year. However, the average CVE base score of the vulnerabilities in 2021 is greater by 0.25.

Year	Vulnerabilities	Average Score
2021	664	7.61
2020	1188	7.36
2019	759	7.23
2018	577	6.88

It may take a day or so for new Microsoft vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Security Vulnerabilities

Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107

CVE-2021-30565 - August 03, 2021

Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.

Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107

CVE-2021-30566 - August 03, 2021

Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page.

Use after free in DevTools in Google Chrome prior to 92.0.4515.107

CVE-2021-30567 - August 03, 2021

Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture.

Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107

CVE-2021-30568 - August 03, 2021

Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Use after free in sqlite in Google Chrome prior to 92.0.4515.107

CVE-2021-30569 - August 03, 2021

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107

CVE-2021-30571 - August 03, 2021

Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.

Use after free in Autofill in Google Chrome prior to 92.0.4515.107

CVE-2021-30572 - August 03, 2021

Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Use after free in GPU in Google Chrome prior to 92.0.4515.107

CVE-2021-30573 - August 03, 2021

Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Use after free in protocol handling in Google Chrome prior to 92.0.4515.107

CVE-2021-30574 - August 03, 2021

Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107

CVE-2021-30575 - August 03, 2021

Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

Use after free in DevTools in Google Chrome prior to 92.0.4515.107

CVE-2021-30576 - August 03, 2021

Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107

CVE-2021-30577 - August 03, 2021

Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file.

Uninitialized use in Media in Google Chrome prior to 92.0.4515.107

CVE-2021-30578 - August 03, 2021

Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.

Use after free in UI framework in Google Chrome prior to 92.0.4515.107

CVE-2021-30579 - August 03, 2021

Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107

CVE-2021-30580 - August 03, 2021

Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page.

Use after free in DevTools in Google Chrome prior to 92.0.4515.107

CVE-2021-30581 - August 03, 2021

Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107

CVE-2021-30582 - August 03, 2021

Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107

CVE-2021-30583 - August 03, 2021

Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107

CVE-2021-30584 - August 03, 2021

Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107

CVE-2021-30585 - August 03, 2021

Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107

CVE-2021-30586 - August 03, 2021

Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107

CVE-2021-30587 - August 03, 2021

Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

Type confusion in V8 in Google Chrome prior to 92.0.4515.107

CVE-2021-30588 - August 03, 2021

Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107

CVE-2021-30589 - August 03, 2021

Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.

Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164

CVE-2021-30559 - August 03, 2021

Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Use after free in V8 in Google Chrome prior to 91.0.4472.164

CVE-2021-30541 - August 03, 2021

Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164

CVE-2021-30560 - August 03, 2021

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Type Confusion in V8 in Google Chrome prior to 91.0.4472.164

CVE-2021-30561 - August 03, 2021

Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Use after free in WebSerial in Google Chrome prior to 91.0.4472.164

CVE-2021-30562 - August 03, 2021

Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Type Confusion in V8 in Google Chrome prior to 91.0.4472.164

CVE-2021-30563 - August 03, 2021

Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164

CVE-2021-30564 - August 03, 2021

Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Windows Elevation of Privilege Vulnerability

CVE-2021-36934 7.8 - High - July 22, 2021

Windows Elevation of Privilege Vulnerability

Improper Privilege Management

Microsoft Windows Media Foundation Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34441 7.8 - High - July 16, 2021

Microsoft Windows Media Foundation Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34439, CVE-2021-34503.

Windows DNS Server Denial of Service Vulnerability This CVE ID is unique

CVE-2021-34442 7.5 - High - July 16, 2021

Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-33745, CVE-2021-34444, CVE-2021-34499.

Windows DNS Server Denial of Service Vulnerability This CVE ID is unique

CVE-2021-34444 6.5 - Medium - July 16, 2021

Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-33745, CVE-2021-34442, CVE-2021-34499.

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-34445 7.8 - High - July 16, 2021

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33761, CVE-2021-33773, CVE-2021-34456.

Improper Privilege Management

Windows HTML Platforms Security Feature Bypass Vulnerability

CVE-2021-34446 8.8 - High - July 16, 2021

Windows HTML Platforms Security Feature Bypass Vulnerability

Windows MSHTML Platform Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34447 8.8 - High - July 16, 2021

Windows MSHTML Platform Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34497.

Scripting Engine Memory Corruption Vulnerability

CVE-2021-34448 8.8 - High - July 16, 2021

Scripting Engine Memory Corruption Vulnerability

Memory Corruption

Win32k Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-34449 7.8 - High - July 16, 2021

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34516.

Improper Privilege Management

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2021-34450 9.9 - Critical - July 16, 2021

Windows Hyper-V Remote Code Execution Vulnerability

Microsoft Word Remote Code Execution Vulnerability

CVE-2021-34452 7.8 - High - July 16, 2021

Microsoft Word Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34467 8.8 - High - July 16, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34468, CVE-2021-34520.

Windows Font Driver Host Remote Code Execution Vulnerability

CVE-2021-34438 7.8 - High - July 16, 2021

Windows Font Driver Host Remote Code Execution Vulnerability

Microsoft Windows Media Foundation Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34439 7.8 - High - July 16, 2021

Microsoft Windows Media Foundation Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34441, CVE-2021-34503.

GDI+ Information Disclosure Vulnerability

CVE-2021-34440 5.5 - Medium - July 16, 2021

GDI+ Information Disclosure Vulnerability

Microsoft Office Online Server Spoofing Vulnerability

CVE-2021-34451 5.3 - Medium - July 16, 2021

Microsoft Office Online Server Spoofing Vulnerability

Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique

CVE-2021-34454 5.5 - Medium - July 16, 2021

Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34457.

Windows File History Service Elevation of Privilege Vulnerability

CVE-2021-34455 7.8 - High - July 16, 2021

Windows File History Service Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-34456 7.8 - High - July 16, 2021

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33761, CVE-2021-33773, CVE-2021-34445.

Improper Privilege Management

Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique

CVE-2021-34457 5.5 - Medium - July 16, 2021

Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34454.

Windows Kernel Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34458 9.9 - Critical - July 16, 2021

Windows Kernel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34508.

Windows AppContainer Elevation Of Privilege Vulnerability

CVE-2021-34459 7.8 - High - July 16, 2021

Windows AppContainer Elevation Of Privilege Vulnerability

Improper Privilege Management

Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-34460 7.8 - High - July 16, 2021

Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33751, CVE-2021-34510, CVE-2021-34512, CVE-2021-34513.

Improper Privilege Management

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability

CVE-2021-34461 7.8 - High - July 16, 2021

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability

Improper Privilege Management

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability

CVE-2021-34462 7.8 - High - July 16, 2021

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability

Improper Privilege Management

Microsoft Defender Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34464 7.8 - High - July 16, 2021

Microsoft Defender Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34522.

Windows Hello Security Feature Bypass Vulnerability

CVE-2021-34466 6.1 - Medium - July 16, 2021

Windows Hello Security Feature Bypass Vulnerability

AuthZ

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-34481 7.8 - High - July 16, 2021

Windows Print Spooler Elevation of Privilege Vulnerability

Improper Privilege Management

Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique

CVE-2021-31183 7.5 - High - July 14, 2021

Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-33772, CVE-2021-34490.

Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-31196 7.2 - High - July 14, 2021

Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31206, CVE-2021-34473.

Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-31206 9.8 - Critical - July 14, 2021

Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-34473.

HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-31947 7.8 - High - July 14, 2021

HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33775, CVE-2021-33776, CVE-2021-33777, CVE-2021-33778.

Windows InstallService Elevation of Privilege Vulnerability

CVE-2021-31961 7.1 - High - July 14, 2021

Windows InstallService Elevation of Privilege Vulnerability

Improper Privilege Management

Power BI Remote Code Execution Vulnerability

CVE-2021-31984 8.8 - High - July 14, 2021

Power BI Remote Code Execution Vulnerability

Windows Media Remote Code Execution Vulnerability

CVE-2021-33740 7.8 - High - July 14, 2021

Windows Media Remote Code Execution Vulnerability

Windows Projected File System Elevation of Privilege Vulnerability

CVE-2021-33743 7.8 - High - July 14, 2021

Windows Projected File System Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Secure Kernel Mode Security Feature Bypass Vulnerability

CVE-2021-33744 6.7 - Medium - July 14, 2021

Windows Secure Kernel Mode Security Feature Bypass Vulnerability

Improper Privilege Management

Microsoft Bing Search Spoofing Vulnerability

CVE-2021-33753 6.5 - Medium - July 14, 2021

Microsoft Bing Search Spoofing Vulnerability

Windows Hyper-V Denial of Service Vulnerability This CVE ID is unique

CVE-2021-33755 8.6 - High - July 14, 2021

Windows Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-33758.

Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability

CVE-2021-33757 9.8 - Critical - July 14, 2021

Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability

Windows Hyper-V Denial of Service Vulnerability This CVE ID is unique

CVE-2021-33758 7.7 - High - July 14, 2021

Windows Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-33755.

Windows Desktop Bridge Elevation of Privilege Vulnerability

CVE-2021-33759 7.8 - High - July 14, 2021

Windows Desktop Bridge Elevation of Privilege Vulnerability

Improper Privilege Management

Media Foundation Information Disclosure Vulnerability

CVE-2021-33760 5.5 - Medium - July 14, 2021

Media Foundation Information Disclosure Vulnerability

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-33761 7.8 - High - July 14, 2021

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33773, CVE-2021-34445, CVE-2021-34456.

Improper Privilege Management

Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique

CVE-2021-33763 5.5 - Medium - July 14, 2021

Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-34454, CVE-2021-34457.

Windows Installer Spoofing Vulnerability

CVE-2021-33765 5.5 - Medium - July 14, 2021

Windows Installer Spoofing Vulnerability

Open Enclave SDK Elevation of Privilege Vulnerability

CVE-2021-33767 6.7 - Medium - July 14, 2021

Open Enclave SDK Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-33771 7.8 - High - July 14, 2021

Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-34514.

Improper Privilege Management

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-33773 7.8 - High - July 14, 2021

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33761, CVE-2021-34445, CVE-2021-34456.

Improper Privilege Management

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-33774 7.8 - High - July 14, 2021

Windows Event Tracing Elevation of Privilege Vulnerability

Improper Privilege Management

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-33780 8.8 - High - July 14, 2021

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33746, CVE-2021-33754, CVE-2021-34494, CVE-2021-34525.

Win32k Information Disclosure Vulnerability

CVE-2021-34491 5.5 - Medium - July 14, 2021

Win32k Information Disclosure Vulnerability

Windows Certificate Spoofing Vulnerability

CVE-2021-34492 8.1 - High - July 14, 2021

Windows Certificate Spoofing Vulnerability

Windows Partition Management Driver Elevation of Privilege Vulnerability

CVE-2021-34493 6.7 - Medium - July 14, 2021

Windows Partition Management Driver Elevation of Privilege Vulnerability

Improper Privilege Management

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34494 8.8 - High - July 14, 2021

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33746, CVE-2021-33754, CVE-2021-33780, CVE-2021-34525.

Windows GDI Information Disclosure Vulnerability

CVE-2021-34496 5.5 - Medium - July 14, 2021

Windows GDI Information Disclosure Vulnerability

Windows MSHTML Platform Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34497 8.8 - High - July 14, 2021

Windows MSHTML Platform Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34447.

Windows GDI Elevation of Privilege Vulnerability

CVE-2021-34498 7.8 - High - July 14, 2021

Windows GDI Elevation of Privilege Vulnerability

Improper Privilege Management

Windows DNS Server Denial of Service Vulnerability This CVE ID is unique

CVE-2021-34499 6.5 - Medium - July 14, 2021

Windows DNS Server Denial of Service Vulnerability This CVE ID is unique from CVE-2021-33745, CVE-2021-34442, CVE-2021-34444.

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2021-34500 7.7 - High - July 14, 2021

Windows Kernel Memory Information Disclosure Vulnerability

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34501 7.8 - High - July 14, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34518.

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34518 7.8 - High - July 14, 2021

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34501.

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34468 8 - High - July 14, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34467, CVE-2021-34520.

Microsoft SharePoint Server Information Disclosure Vulnerability

CVE-2021-34519 3.5 - Low - July 14, 2021

Microsoft SharePoint Server Information Disclosure Vulnerability

Microsoft Office Security Feature Bypass Vulnerability

CVE-2021-34469 8.1 - High - July 14, 2021

Microsoft Office Security Feature Bypass Vulnerability

AuthZ

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34520 8.8 - High - July 14, 2021

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34467, CVE-2021-34468.

Marshaling, Unmarshaling

Raw Image Extension Remote Code Execution Vulnerability

CVE-2021-34521 7.8 - High - July 14, 2021

Raw Image Extension Remote Code Execution Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique

CVE-2021-34523 9.8 - Critical - July 14, 2021

Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33768, CVE-2021-34470.

Improper Privilege Management

Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique

CVE-2021-34473 9.8 - Critical - July 14, 2021

Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.

Microsoft Makers of the Windows Operating System and hundreds of products that run on it.

Products by Microsoft Sorted by Most Security Vulnerabilities since 2018

Microsoft Windows 101839 vulnerabilities

Microsoft Windows Server 20161815 vulnerabilities

Microsoft Windows Server 20191540 vulnerabilities

Microsoft Windows Server 20121144 vulnerabilities

Microsoft Windows 8.11109 vulnerabilities

Microsoft Windows Rt 8 11053 vulnerabilities

Microsoft Windows Server 20081046 vulnerabilities

Microsoft Windows 71041 vulnerabilities

Microsoft Internet Explorer (IE)408 vulnerabilitiesPopular web browser for windows

Microsoft Office241 vulnerabilities

Microsoft Sharepoint Server209 vulnerabilities

Microsoft Sharepoint Enterprise Server195 vulnerabilities

Microsoft ChakraCore183 vulnerabilitiesChakraCore is the core part of the Chakra JavaScript engine that powers Microsoft Edge

Microsoft Sharepoint Foundation146 vulnerabilities

Microsoft Ie146 vulnerabilities

Microsoft Excel85 vulnerabilitiesSpreadsheet Software

Microsoft Office 365 Proplus83 vulnerabilities

Microsoft Office Online Server68 vulnerabilities

Microsoft 365 Apps66 vulnerabilities

Microsoft Exchange Server66 vulnerabilities

Microsoft Word54 vulnerabilities

Microsoft Visual Studio 201948 vulnerabilities

Microsoft Visual Studio 201748 vulnerabilities

Microsoft Office Web Apps45 vulnerabilities

Microsoft Office Compatibility Pack36 vulnerabilities

Microsoft Windows Server36 vulnerabilities

Microsoft Outlook34 vulnerabilities

Microsoft Edge Browser30 vulnerabilitiesWeb Browser based on Chromium

Microsoft Windows XP29 vulnerabilities

Microsoft Visual Studio Code28 vulnerabilities

Microsoft Azure Devops Server27 vulnerabilities

Microsoft Dynamics 36525 vulnerabilities

Microsoft Edge Chromium24 vulnerabilities

Microsoft Team Foundation Server23 vulnerabilities

Microsoft Visual Studio23 vulnerabilitiesDeveloper IDE

Microsoft ASP.NET Core22 vulnerabilities

Microsoft Office Web Apps Server22 vulnerabilities

Microsoft .NET Core20 vulnerabilities

Microsoft Azure Sphere18 vulnerabilities

Microsoft Project Server16 vulnerabilities

Microsoft Powershell Core16 vulnerabilities

Microsoft Windows 2003 Server16 vulnerabilities

Microsoft Windows Vista16 vulnerabilities

Microsoft Windows Server 200315 vulnerabilities

Microsoft Excel Viewer14 vulnerabilities

Microsoft Windows 200013 vulnerabilities

Microsoft Hevc Video Extensions12 vulnerabilities

Microsoft High Efficiency Video Coding10 vulnerabilities

Microsoft Security Essentials9 vulnerabilities

Microsoft Onedrive8 vulnerabilities

Microsoft Outlook Express7 vulnerabilities

Microsoft Skype For Business7 vulnerabilities

Microsoft Forefront Endpoint Protection 20107 vulnerabilities

Microsoft Office Word Viewer7 vulnerabilities

Microsoft Office For Mac7 vulnerabilities

Microsoft Raw Image Extension7 vulnerabilities

Microsoft Powerpoint7 vulnerabilities

Microsoft Lync7 vulnerabilities

Microsoft Windows 86 vulnerabilities

Microsoft SQL Server6 vulnerabilitiesDatabase Server

Microsoft Dynamics Nav6 vulnerabilities

Microsoft System Center Endpoint Protection6 vulnerabilities

Microsoft Powerpoint Viewer6 vulnerabilities

Microsoft Lync Server6 vulnerabilities

Microsoft 3d Viewer5 vulnerabilities

Microsoft Windows Me5 vulnerabilities

Microsoft Office 3655 vulnerabilities

Microsoft Skype For Business Server5 vulnerabilities

Microsoft Windows Server 18035 vulnerabilities

Microsoft Dynamics 365 Business Central5 vulnerabilities

Microsoft Windows 985 vulnerabilities

Microsoft Excel 2013 Rt5 vulnerabilities

Microsoft Sql Server Management Studio5 vulnerabilities

Microsoft Internet Information Services5 vulnerabilities

Microsoft Internet Explorer (IE)408 vulnerabilities
Popular web browser for windows

Microsoft ChakraCore183 vulnerabilities
ChakraCore is the core part of the Chakra JavaScript engine that powers Microsoft Edge

Microsoft Excel85 vulnerabilities
Spreadsheet Software

Microsoft Edge Browser30 vulnerabilities
Web Browser based on Chromium

Microsoft Visual Studio23 vulnerabilities
Developer IDE

Microsoft SQL Server6 vulnerabilities
Database Server