Microsoft Makers of the Windows Operating System and hundreds of products that run on it.
Products by Microsoft Sorted by Most Security Vulnerabilities since 2018
Microsoft ChakraCore189 vulnerabilities
ChakraCore is the core part of the Chakra JavaScript engine that powers Microsoft Edge
Recent Microsoft Security Advisories
Advisory | Title | Published |
---|---|---|
CVE-2024-29991 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | April 19, 2024 |
CVE-2024-3847 | Chromium: CVE-2024-3847 Insufficient policy enforcement in WebUI | April 18, 2024 |
CVE-2024-3846 | Chromium: CVE-2024-3846 Inappropriate implementation in Prompts | April 18, 2024 |
CVE-2024-3845 | Chromium: CVE-2024-3845 Inappropriate implementation in Network | April 18, 2024 |
CVE-2024-3844 | Chromium: CVE-2024-3844 Inappropriate implementation in Extensions | April 18, 2024 |
CVE-2024-3843 | Chromium: CVE-2024-3843 Insufficient data validation in Downloads | April 18, 2024 |
CVE-2024-3841 | Chromium: CVE-2024-3841 Insufficient data validation in Browser Switcher | April 18, 2024 |
CVE-2024-3840 | Chromium: CVE-2024-3840 Insufficient policy enforcement in Site Isolation | April 18, 2024 |
CVE-2024-3839 | Chromium: CVE-2024-3839 Out of bounds read in Fonts | April 18, 2024 |
CVE-2024-3838 | Chromium: CVE-2024-3838 Inappropriate implementation in Autofill | April 18, 2024 |
Known Exploited Microsoft Vulnerabilities
The following Microsoft vulnerabilities have recently been marked by CISA as Known to be Exploited by threat actors.
Title | Description | Added |
---|---|---|
Microsoft Windows Print Spooler Privilege Escalation Vulnerability | Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permissions. CVE-2022-38028 | April 23, 2024 |
Microsoft SharePoint Server Code Injection Vulnerability | Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely. CVE-2023-24955 | March 26, 2024 |
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability | Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation. CVE-2024-21338 | March 4, 2024 |
Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability | Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. CVE-2023-29360 | February 29, 2024 |
Microsoft Exchange Server Privilege Escalation Vulnerability | Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. CVE-2024-21410 | February 15, 2024 |
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability | Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both. CVE-2024-21351 | February 13, 2024 |
Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability | Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass. CVE-2024-21412 | February 13, 2024 |
Microsoft SharePoint Server Privilege Escalation Vulnerability | Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges. CVE-2023-29357 | January 10, 2024 |
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability | Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features. CVE-2023-36584 | November 16, 2023 |
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability | Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts. CVE-2023-36025 | November 14, 2023 |
Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability | Microsoft Windows Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation. CVE-2023-36033 | November 14, 2023 |
Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability | Microsoft Windows Cloud Files Mini Filter Driver contains a privilege escalation vulnerability that could allow an attacker to gain SYSTEM privileges. CVE-2023-36036 | November 14, 2023 |
Microsoft Skype for Business Privilege Escalation Vulnerability | Microsoft Skype for Business contains an unspecified vulnerability that allows for privilege escalation. CVE-2023-41763 | October 10, 2023 |
Microsoft WordPad Information Disclosure Vulnerability | Microsoft WordPad contains an unspecified vulnerability that allows for information disclosure. CVE-2023-36563 | October 10, 2023 |
Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability | Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges. CVE-2023-28229 | October 4, 2023 |
Microsoft Streaming Service Proxy Privilege Escalation Vulnerability | Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation. CVE-2023-36802 | September 12, 2023 |
Microsoft Word Information Disclosure Vulnerability | Microsoft Word contains an unspecified vulnerability that allows for information disclosure. CVE-2023-36761 | September 12, 2023 |
Microsoft .NET Core and Visual Studio Denial of Service Vulnerability | Microsoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial of service. CVE-2023-38180 | August 9, 2023 |
Microsoft Office and Windows HTML Remote Code Execution Vulnerability | Microsoft Office and Windows contain an unspecified vulnerability that allows an attacker to perform remote code execution via a specially crafted Microsoft Office document. CVE-2023-36884 | July 17, 2023 |
Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability | Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation. CVE-2023-36874 | July 11, 2023 |
By the Year
In 2024 there have been 439 vulnerabilities in Microsoft with an average score of 7.4 out of ten. Last year Microsoft had 1464 security vulnerabilities published. Right now, Microsoft is on track to have less security vulnerabilities in 2024 than it did last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.14.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 439 | 7.42 |
2023 | 1464 | 7.27 |
2022 | 1297 | 7.44 |
2021 | 1111 | 7.45 |
2020 | 1207 | 7.26 |
2019 | 761 | 7.23 |
2018 | 580 | 6.89 |
It may take a day or so for new Microsoft vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Security Vulnerabilities
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2024-29991
5 - Medium
- April 19, 2024
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVE-2024-29987
- April 18, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
CVE-2024-29986
5.4 - Medium
- April 18, 2024
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
Use after free in V8 in Google Chrome prior to 124.0.6367.60
CVE-2024-3914
- April 17, 2024
Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60
CVE-2024-3847
- April 17, 2024
Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60
CVE-2024-3846
- April 17, 2024
Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60
CVE-2024-3845
- April 17, 2024
Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low)
Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60
CVE-2024-3844
- April 17, 2024
Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60
CVE-2024-3843
- April 17, 2024
Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60
CVE-2024-3841
- April 17, 2024
Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. (Chromium security severity: Medium)
Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60
CVE-2024-3840
- April 17, 2024
Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60
CVE-2024-3839
6.5 - Medium
- April 17, 2024
Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Out-of-bounds Read
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60
CVE-2024-3838
5.5 - Medium
- April 17, 2024
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium)
Use after free in QUIC in Google Chrome prior to 124.0.6367.60
CVE-2024-3837
8.8 - High
- April 17, 2024
Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Dangling pointer
Use after free in Downloads in Google Chrome prior to 124.0.6367.60
CVE-2024-3834
8.8 - High
- April 17, 2024
Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Dangling pointer
Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60
CVE-2024-3833
- April 17, 2024
Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
Object corruption in V8 in Google Chrome prior to 124.0.6367.60
CVE-2024-3832
- April 17, 2024
Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
A vulnerability was reported
in a system recovery bootloader
CVE-2024-23593
6.7 - Medium
- April 15, 2024
A vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to modify the boot manager and escalate privileges.
A buffer overflow vulnerability was reported
in a system recovery bootloader
CVE-2024-23594
6.4 - Medium
- April 15, 2024
A buffer overflow vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to execute arbitrary code.
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122
CVE-2024-3157
- April 10, 2024
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)
Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122
CVE-2024-3516
- April 10, 2024
Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Use after free in Dawn in Google Chrome prior to 123.0.6312.122
CVE-2024-3515
- April 10, 2024
Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Azure CycleCloud Elevation of Privilege Vulnerability
CVE-2024-29993
8.8 - High
- April 09, 2024
Azure CycleCloud Elevation of Privilege Vulnerability
Azure Identity Library for .NET Information Disclosure Vulnerability
CVE-2024-29992
5.5 - Medium
- April 09, 2024
Azure Identity Library for .NET Information Disclosure Vulnerability
Azure Monitor Agent Elevation of Privilege Vulnerability
CVE-2024-29989
8.4 - High
- April 09, 2024
Azure Monitor Agent Elevation of Privilege Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29985
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29984
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29983
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29982
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
CVE-2024-29990
9 - Critical
- April 09, 2024
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
SmartScreen Prompt Security Feature Bypass Vulnerability
CVE-2024-29988
8.8 - High
- April 09, 2024
SmartScreen Prompt Security Feature Bypass Vulnerability
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVE-2024-29066
7.2 - High
- April 09, 2024
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-29064
- April 09, 2024
Windows Hyper-V Denial of Service Vulnerability
Azure AI Search Information Disclosure Vulnerability
CVE-2024-29063
7.3 - High
- April 09, 2024
Azure AI Search Information Disclosure Vulnerability
Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2024-28905
- April 09, 2024
Microsoft Brokering File System Elevation of Privilege Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26222
7.2 - High
- April 09, 2024
Windows DNS Server Remote Code Execution Vulnerability
Windows DNS Server Remote Code Execution Vulnerability
CVE-2024-26221
7.2 - High
- April 09, 2024
Windows DNS Server Remote Code Execution Vulnerability
Windows Mobile Hotspot Information Disclosure Vulnerability
CVE-2024-26220
5 - Medium
- April 09, 2024
Windows Mobile Hotspot Information Disclosure Vulnerability
HTTP.sys Denial of Service Vulnerability
CVE-2024-26219
7.5 - High
- April 09, 2024
HTTP.sys Denial of Service Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-26218
7.8 - High
- April 09, 2024
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2024-26209
5.5 - Medium
- April 09, 2024
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
DHCP Server Service Remote Code Execution Vulnerability
CVE-2024-26202
7.2 - High
- April 09, 2024
DHCP Server Service Remote Code Execution Vulnerability
DHCP Server Service Remote Code Execution Vulnerability
CVE-2024-26195
7.2 - High
- April 09, 2024
DHCP Server Service Remote Code Execution Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26194
7.4 - High
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26189
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Windows Kerberos Denial of Service Vulnerability
CVE-2024-26183
6.5 - Medium
- April 09, 2024
Windows Kerberos Denial of Service Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26180
8 - High
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26175
7.8 - High
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26171
6.7 - Medium
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26168
6.8 - Medium
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Azure Migrate Remote Code Execution Vulnerability
CVE-2024-26193
6.4 - Medium
- April 09, 2024
Azure Migrate Remote Code Execution Vulnerability
Windows Authentication Elevation of Privilege Vulnerability
CVE-2024-21447
7.8 - High
- April 09, 2024
Windows Authentication Elevation of Privilege Vulnerability
Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2024-21324
7.2 - High
- April 09, 2024
Microsoft Defender for IoT Elevation of Privilege Vulnerability
Microsoft Defender for IoT Remote Code Execution Vulnerability
CVE-2024-21323
8.8 - High
- April 09, 2024
Microsoft Defender for IoT Remote Code Execution Vulnerability
Microsoft Defender for IoT Remote Code Execution Vulnerability
CVE-2024-21322
7.2 - High
- April 09, 2024
Microsoft Defender for IoT Remote Code Execution Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-20693
7.8 - High
- April 09, 2024
Windows Kernel Elevation of Privilege Vulnerability
BitLocker Security Feature Bypass Vulnerability
CVE-2024-20665
6.1 - Medium
- April 09, 2024
BitLocker Security Feature Bypass Vulnerability
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2024-20678
8.8 - High
- April 09, 2024
Remote Procedure Call Runtime Remote Code Execution Vulnerability
Azure Private 5G Core Denial of Service Vulnerability
CVE-2024-20685
- April 09, 2024
Azure Private 5G Core Denial of Service Vulnerability
Windows Cryptographic Services Remote Code Execution Vulnerability
CVE-2024-29050
8.4 - High
- April 09, 2024
Windows Cryptographic Services Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29047
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29045
7.5 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29043
- April 09, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28945
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28942
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28898
6.3 - Medium
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-26250
6.7 - Medium
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Windows rndismp6.sys Remote Code Execution Vulnerability
CVE-2024-26252
- April 09, 2024
Windows rndismp6.sys Remote Code Execution Vulnerability
Windows rndismp6.sys Remote Code Execution Vulnerability
CVE-2024-26253
6.8 - Medium
- April 09, 2024
Windows rndismp6.sys Remote Code Execution Vulnerability
Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability
CVE-2024-26254
7.5 - High
- April 09, 2024
Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability
Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-26255
5.5 - Medium
- April 09, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability
libarchive Remote Code Execution Vulnerability
CVE-2024-26256
7.8 - High
- April 09, 2024
libarchive Remote Code Execution Vulnerability
Windows DWM Core Library Information Disclosure Vulnerability
CVE-2024-26172
5.5 - Medium
- April 09, 2024
Windows DWM Core Library Information Disclosure Vulnerability
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-26179
8.8 - High
- April 09, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-26200
8.8 - High
- April 09, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-26205
8.8 - High
- April 09, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Microsoft Install Service Elevation of Privilege Vulnerability
CVE-2024-26158
- April 09, 2024
Microsoft Install Service Elevation of Privilege Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-26232
7.3 - High
- April 09, 2024
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28920
7.8 - High
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28922
4.1 - Medium
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28921
6.7 - Medium
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28919
6.7 - Medium
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28923
6.4 - Medium
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28896
7.5 - High
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28911
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28936
8.8 - High
- April 09, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28932
- April 09, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28931
8.8 - High
- April 09, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28929
8.8 - High
- April 09, 2024
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28915
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28914
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28913
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28912
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28906
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-28901
5.5 - Medium
- April 09, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability
Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2024-28902
5.5 - Medium
- April 09, 2024
Windows Remote Access Connection Manager Information Disclosure Vulnerability
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28903
6.7 - Medium
- April 09, 2024
Secure Boot Security Feature Bypass Vulnerability
Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-26242
7 - High
- April 09, 2024
Windows Telephony Server Elevation of Privilege Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28909
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28910
8.8 - High
- April 09, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability