Microsoft Microsoft Makers of the Windows Operating System and hundreds of products that run on it.

Do you want an email whenever new security vulnerabilities are reported in any Microsoft product?

Products by Microsoft Sorted by Most Security Vulnerabilities since 2018

Microsoft Windows Server 20163075 vulnerabilities

Microsoft Windows Server 20192867 vulnerabilities

Microsoft Windows 102605 vulnerabilities

Microsoft Windows Server 20122229 vulnerabilities

Microsoft Windows Server 20082217 vulnerabilities

Microsoft Windows 71761 vulnerabilities

Microsoft Windows 8.11667 vulnerabilities

Microsoft Windows Rt 8 11536 vulnerabilities

Microsoft Windows Server 20221170 vulnerabilities

Microsoft Windows 11604 vulnerabilities

Microsoft Windows 11 21h2596 vulnerabilities

Microsoft Windows 11 22h2580 vulnerabilities

Microsoft Windows 10 1809569 vulnerabilities

Microsoft Windows 10 22h2562 vulnerabilities

Microsoft Windows 10 21h2558 vulnerabilities

Microsoft Windows 10 1607500 vulnerabilities

Microsoft Internet Explorer (IE)416 vulnerabilities
Popular web browser for windows

Microsoft Office407 vulnerabilities

Microsoft Windows 10 1507377 vulnerabilities

Microsoft Windows Vista349 vulnerabilities

Microsoft Windows XP319 vulnerabilities

Microsoft Windows Server283 vulnerabilities

Microsoft Sharepoint Server280 vulnerabilities

Microsoft Windows Server 2003249 vulnerabilities

Microsoft Windows 10 20h2236 vulnerabilities

Microsoft 365 Apps221 vulnerabilities

Microsoft ChakraCore189 vulnerabilities
ChakraCore is the core part of the Chakra JavaScript engine that powers Microsoft Edge

Microsoft Sharepoint Foundation180 vulnerabilities

Microsoft Windows 2003 Server160 vulnerabilities

Microsoft Edge Chromium151 vulnerabilities

Microsoft Ie149 vulnerabilities

Microsoft Windows 11 23h2124 vulnerabilities

Microsoft Exchange Server122 vulnerabilities

Microsoft Excel121 vulnerabilities
Spreadsheet Software

Microsoft Windows 2000109 vulnerabilities

Microsoft Office Online Server100 vulnerabilities

Microsoft Visual Studio 201995 vulnerabilities

Microsoft Office 365 Proplus84 vulnerabilities

Microsoft Dynamics 36580 vulnerabilities

Microsoft Visual Studio 201780 vulnerabilities

Microsoft Word70 vulnerabilities

Microsoft Edge Browser66 vulnerabilities
Web Browser based on Chromium

Microsoft Visual Studio 202261 vulnerabilities

Microsoft Windows Nt52 vulnerabilities

Microsoft Net52 vulnerabilities

Microsoft Office Web Apps52 vulnerabilities

Microsoft Outlook52 vulnerabilities

Microsoft Visual Studio Code45 vulnerabilities

Microsoft Windows 845 vulnerabilities

Microsoft Visual Studio38 vulnerabilities
Developer IDE

Microsoft Azure Devops Server37 vulnerabilities

Microsoft Azure Site Recovery37 vulnerabilities

Microsoft SQL Server36 vulnerabilities
Database Server

Microsoft Windows Rt33 vulnerabilities

Microsoft .NET Core32 vulnerabilities

Microsoft ASP.NET Core31 vulnerabilities

Microsoft Windows 10 21h130 vulnerabilities

Microsoft Excel Viewer29 vulnerabilities

Microsoft Azure Sphere27 vulnerabilities

Microsoft 3d Builder20 vulnerabilities

Microsoft Powershell Core18 vulnerabilities

Microsoft Windows Server 20h218 vulnerabilities

Microsoft Office Word Viewer17 vulnerabilities

Microsoft Project Server16 vulnerabilities

Microsoft Visio16 vulnerabilities

Microsoft Powershell15 vulnerabilities

Microsoft Remote Desktop14 vulnerabilities

Microsoft Windows Server 23h213 vulnerabilities

Microsoft Onedrive13 vulnerabilities

Microsoft Defender For Iot13 vulnerabilities

Microsoft Windows 9812 vulnerabilities

Microsoft Project11 vulnerabilities

Microsoft Lync11 vulnerabilities

Microsoft Skype For Business11 vulnerabilities

Microsoft 3d Viewer10 vulnerabilities

Microsoft Raw Image Extension10 vulnerabilities

Microsoft Word Viewer10 vulnerabilities

Microsoft Azure Rtos Usbx10 vulnerabilities

Microsoft Powerpoint9 vulnerabilities

Microsoft Dynamics Nav9 vulnerabilities

Microsoft Teams9 vulnerabilities

Recent Microsoft Security Advisories

Advisory Title Published
CVE-2024-29991 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability April 19, 2024
CVE-2024-3847 Chromium: CVE-2024-3847 Insufficient policy enforcement in WebUI April 18, 2024
CVE-2024-3846 Chromium: CVE-2024-3846 Inappropriate implementation in Prompts April 18, 2024
CVE-2024-3845 Chromium: CVE-2024-3845 Inappropriate implementation in Network April 18, 2024
CVE-2024-3844 Chromium: CVE-2024-3844 Inappropriate implementation in Extensions April 18, 2024
CVE-2024-3843 Chromium: CVE-2024-3843 Insufficient data validation in Downloads April 18, 2024
CVE-2024-3841 Chromium: CVE-2024-3841 Insufficient data validation in Browser Switcher April 18, 2024
CVE-2024-3840 Chromium: CVE-2024-3840 Insufficient policy enforcement in Site Isolation April 18, 2024
CVE-2024-3839 Chromium: CVE-2024-3839 Out of bounds read in Fonts April 18, 2024
CVE-2024-3838 Chromium: CVE-2024-3838 Inappropriate implementation in Autofill April 18, 2024

Known Exploited Microsoft Vulnerabilities

The following Microsoft vulnerabilities have recently been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Microsoft SharePoint Server Code Injection Vulnerability Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely. CVE-2023-24955 March 26, 2024
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation. CVE-2024-21338 March 4, 2024
Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. CVE-2023-29360 February 29, 2024
Microsoft Exchange Server Privilege Escalation Vulnerability Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. CVE-2024-21410 February 15, 2024
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both. CVE-2024-21351 February 13, 2024
Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass. CVE-2024-21412 February 13, 2024
Microsoft SharePoint Server Privilege Escalation Vulnerability Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges. CVE-2023-29357 January 10, 2024
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features. CVE-2023-36584 November 16, 2023
Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability Microsoft Windows Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation. CVE-2023-36033 November 14, 2023
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts. CVE-2023-36025 November 14, 2023
Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability Microsoft Windows Cloud Files Mini Filter Driver contains a privilege escalation vulnerability that could allow an attacker to gain SYSTEM privileges. CVE-2023-36036 November 14, 2023
Microsoft WordPad Information Disclosure Vulnerability Microsoft WordPad contains an unspecified vulnerability that allows for information disclosure. CVE-2023-36563 October 10, 2023
Microsoft Skype for Business Privilege Escalation Vulnerability Microsoft Skype for Business contains an unspecified vulnerability that allows for privilege escalation. CVE-2023-41763 October 10, 2023
Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges. CVE-2023-28229 October 4, 2023
Microsoft Streaming Service Proxy Privilege Escalation Vulnerability Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation. CVE-2023-36802 September 12, 2023
Microsoft Word Information Disclosure Vulnerability Microsoft Word contains an unspecified vulnerability that allows for information disclosure. CVE-2023-36761 September 12, 2023
Microsoft .NET Core and Visual Studio Denial of Service Vulnerability Microsoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial of service. CVE-2023-38180 August 9, 2023
Microsoft Office and Windows HTML Remote Code Execution Vulnerability Microsoft Office and Windows contain an unspecified vulnerability that allows an attacker to perform remote code execution via a specially crafted Microsoft Office document. CVE-2023-36884 July 17, 2023
Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation. CVE-2023-36874 July 11, 2023
Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt. CVE-2023-32049 July 11, 2023

By the Year

In 2024 there have been 435 vulnerabilities in Microsoft with an average score of 7.4 out of ten. Last year Microsoft had 1461 security vulnerabilities published. Right now, Microsoft is on track to have less security vulnerabilities in 2024 than it did last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.13.

Year Vulnerabilities Average Score
2024 435 7.41
2023 1461 7.27
2022 1296 7.44
2021 1111 7.45
2020 1207 7.26
2019 761 7.23
2018 580 6.89

It may take a day or so for new Microsoft vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Security Vulnerabilities

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

CVE-2024-29991 5 - Medium - April 19, 2024

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2024-29987 - April 18, 2024

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

CVE-2024-29986 5.4 - Medium - April 18, 2024

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

Use after free in V8 in Google Chrome prior to 124.0.6367.60

CVE-2024-3914 - April 17, 2024

Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60

CVE-2024-3847 - April 17, 2024

Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60

CVE-2024-3846 - April 17, 2024

Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60

CVE-2024-3845 - April 17, 2024

Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low)

Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60

CVE-2024-3844 - April 17, 2024

Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60

CVE-2024-3843 - April 17, 2024

Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60

CVE-2024-3841 - April 17, 2024

Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. (Chromium security severity: Medium)

Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60

CVE-2024-3840 - April 17, 2024

Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60

CVE-2024-3839 6.5 - Medium - April 17, 2024

Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Out-of-bounds Read

Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60

CVE-2024-3838 5.5 - Medium - April 17, 2024

Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium)

Use after free in QUIC in Google Chrome prior to 124.0.6367.60

CVE-2024-3837 8.8 - High - April 17, 2024

Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Dangling pointer

Use after free in Downloads in Google Chrome prior to 124.0.6367.60

CVE-2024-3834 8.8 - High - April 17, 2024

Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Dangling pointer

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60

CVE-2024-3833 - April 17, 2024

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

Object corruption in V8 in Google Chrome prior to 124.0.6367.60

CVE-2024-3832 - April 17, 2024

Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

A vulnerability was reported in a system recovery bootloader

CVE-2024-23593 6.7 - Medium - April 15, 2024

A vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to modify the boot manager and escalate privileges.

A buffer overflow vulnerability was reported in a system recovery bootloader

CVE-2024-23594 6.4 - Medium - April 15, 2024

A buffer overflow vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to execute arbitrary code.

Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122

CVE-2024-3157 - April 10, 2024

Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)

Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122

CVE-2024-3516 - April 10, 2024

Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Use after free in Dawn in Google Chrome prior to 123.0.6312.122

CVE-2024-3515 - April 10, 2024

Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Azure CycleCloud Elevation of Privilege Vulnerability

CVE-2024-29993 8.8 - High - April 09, 2024

Azure CycleCloud Elevation of Privilege Vulnerability

Azure Identity Library for .NET Information Disclosure Vulnerability

CVE-2024-29992 5.5 - Medium - April 09, 2024

Azure Identity Library for .NET Information Disclosure Vulnerability

Azure Monitor Agent Elevation of Privilege Vulnerability

CVE-2024-29989 8.4 - High - April 09, 2024

Azure Monitor Agent Elevation of Privilege Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-29985 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-29984 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-29983 - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-29982 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

CVE-2024-29990 9 - Critical - April 09, 2024

Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

SmartScreen Prompt Security Feature Bypass Vulnerability

CVE-2024-29988 8.8 - High - April 09, 2024

SmartScreen Prompt Security Feature Bypass Vulnerability

Windows Distributed File System (DFS) Remote Code Execution Vulnerability

CVE-2024-29066 7.2 - High - April 09, 2024

Windows Distributed File System (DFS) Remote Code Execution Vulnerability

Windows Hyper-V Denial of Service Vulnerability

CVE-2024-29064 - April 09, 2024

Windows Hyper-V Denial of Service Vulnerability

Azure AI Search Information Disclosure Vulnerability

CVE-2024-29063 7.3 - High - April 09, 2024

Azure AI Search Information Disclosure Vulnerability

DHCP Server Service Remote Code Execution Vulnerability

CVE-2024-26195 7.2 - High - April 09, 2024

DHCP Server Service Remote Code Execution Vulnerability

Windows DNS Server Remote Code Execution Vulnerability

CVE-2024-26223 7.2 - High - April 09, 2024

Windows DNS Server Remote Code Execution Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-26194 7.4 - High - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-26189 - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Windows Kerberos Denial of Service Vulnerability

CVE-2024-26183 6.5 - Medium - April 09, 2024

Windows Kerberos Denial of Service Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-26180 8 - High - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-26175 7.8 - High - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-26171 6.7 - Medium - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-26168 6.8 - Medium - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Azure Migrate Remote Code Execution Vulnerability

CVE-2024-26193 6.4 - Medium - April 09, 2024

Azure Migrate Remote Code Execution Vulnerability

Windows Authentication Elevation of Privilege Vulnerability

CVE-2024-21447 7.8 - High - April 09, 2024

Windows Authentication Elevation of Privilege Vulnerability

Microsoft Defender for IoT Elevation of Privilege Vulnerability

CVE-2024-21324 7.2 - High - April 09, 2024

Microsoft Defender for IoT Elevation of Privilege Vulnerability

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVE-2024-21323 8.8 - High - April 09, 2024

Microsoft Defender for IoT Remote Code Execution Vulnerability

Microsoft Defender for IoT Remote Code Execution Vulnerability

CVE-2024-21322 7.2 - High - April 09, 2024

Microsoft Defender for IoT Remote Code Execution Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-20693 7.8 - High - April 09, 2024

Windows Kernel Elevation of Privilege Vulnerability

BitLocker Security Feature Bypass Vulnerability

CVE-2024-20665 6.1 - Medium - April 09, 2024

BitLocker Security Feature Bypass Vulnerability

Remote Procedure Call Runtime Remote Code Execution Vulnerability

CVE-2024-20678 8.8 - High - April 09, 2024

Remote Procedure Call Runtime Remote Code Execution Vulnerability

Azure Private 5G Core Denial of Service Vulnerability

CVE-2024-20685 - April 09, 2024

Azure Private 5G Core Denial of Service Vulnerability

Windows Cryptographic Services Remote Code Execution Vulnerability

CVE-2024-29050 8.4 - High - April 09, 2024

Windows Cryptographic Services Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-29047 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-29045 7.5 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-29043 - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28945 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28942 - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28939 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28936 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28932 - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28931 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28929 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28915 - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-28920 7.8 - High - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-20669 6.7 - Medium - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-20688 7.1 - High - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-20689 7.1 - High - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

CVE-2024-21409 7.3 - High - April 09, 2024

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

Azure Compute Gallery Elevation of Privilege Vulnerability

CVE-2024-21424 6.5 - Medium - April 09, 2024

Azure Compute Gallery Elevation of Privilege Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-26250 6.7 - Medium - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Windows rndismp6.sys Remote Code Execution Vulnerability

CVE-2024-26252 - April 09, 2024

Windows rndismp6.sys Remote Code Execution Vulnerability

Windows rndismp6.sys Remote Code Execution Vulnerability

CVE-2024-26253 6.8 - Medium - April 09, 2024

Windows rndismp6.sys Remote Code Execution Vulnerability

Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability

CVE-2024-26254 7.5 - High - April 09, 2024

Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability

Windows Remote Access Connection Manager Information Disclosure Vulnerability

CVE-2024-26255 5.5 - Medium - April 09, 2024

Windows Remote Access Connection Manager Information Disclosure Vulnerability

libarchive Remote Code Execution Vulnerability

CVE-2024-26256 7.8 - High - April 09, 2024

libarchive Remote Code Execution Vulnerability

Windows DWM Core Library Information Disclosure Vulnerability

CVE-2024-26172 5.5 - Medium - April 09, 2024

Windows DWM Core Library Information Disclosure Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-26179 8.8 - High - April 09, 2024

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-26200 8.8 - High - April 09, 2024

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-26205 8.8 - High - April 09, 2024

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Microsoft Install Service Elevation of Privilege Vulnerability

CVE-2024-26158 - April 09, 2024

Microsoft Install Service Elevation of Privilege Vulnerability

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CVE-2024-26232 7.3 - High - April 09, 2024

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-28903 6.7 - Medium - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28913 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28912 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28911 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28910 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28909 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28908 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28906 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft Brokering File System Elevation of Privilege Vulnerability

CVE-2024-28905 - April 09, 2024

Microsoft Brokering File System Elevation of Privilege Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-28896 7.5 - High - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-28922 4.1 - Medium - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-28921 6.7 - Medium - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-28919 6.7 - Medium - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-28923 6.4 - Medium - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Windows Remote Access Connection Manager Information Disclosure Vulnerability

CVE-2024-28901 5.5 - Medium - April 09, 2024

Windows Remote Access Connection Manager Information Disclosure Vulnerability

Windows Remote Access Connection Manager Information Disclosure Vulnerability

CVE-2024-28902 5.5 - Medium - April 09, 2024

Windows Remote Access Connection Manager Information Disclosure Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28914 8.8 - High - April 09, 2024

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Secure Boot Security Feature Bypass Vulnerability

CVE-2024-28898 6.3 - Medium - April 09, 2024

Secure Boot Security Feature Bypass Vulnerability

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.