Microsoft : Security Vulnerabilities, CVEs, CVSS score between 8 and 8.99
Xbox Gaming Services Elevation of Privilege Vulnerability
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-21
Updated
2024-03-21
Microsoft Exchange Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-03-12
Updated
2024-03-12
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Max CVSS
8.2
EPSS Score
0.09%
Published
2024-02-23
Updated
2024-02-26
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-03-12
Updated
2024-03-12
Visual Studio Code Elevation of Privilege Vulnerability
Max CVSS
8.8
EPSS Score
0.05%
Published
2024-03-12
Updated
2024-03-12
Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.05%
Published
2024-03-12
Updated
2024-03-12
Microsoft ODBC Driver Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-03-12
Updated
2024-03-12
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-03-12
Updated
2024-03-12
Microsoft ODBC Driver Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-03-12
Updated
2024-03-12
IdentityModel Extensions for .NET provide assemblies for web developers that wish to use federated identity providers for establishing the caller's identity. Anyone leveraging the `SignedHttpRequest`protocol or the `SignedHttpRequestValidator`is vulnerable. Microsoft.IdentityModel trusts the `jku`claim by default for the `SignedHttpRequest`protocol. This raises the possibility to make any remote or local `HTTP GET` request. The vulnerability has been fixed in Microsoft.IdentityModel.Protocols.SignedHttpRequest. Users should update all their Microsoft.IdentityModel versions to 7.1.2 (for 7x) or higher, 6.34.0 (for 6x) or higher.
Max CVSS
8.8
EPSS Score
0.07%
Published
2024-01-10
Updated
2024-01-19
Microsoft ODBC Driver Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-03-12
Updated
2024-03-12
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-12
Updated
2024-03-12
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-03-12
Updated
2024-03-12
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-03-12
Updated
2024-03-12
Microsoft ODBC Driver Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.04%
Published
2024-03-12
Updated
2024-03-12
Windows OLE Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-03-12
Updated
2024-03-12
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-02-13
Updated
2024-02-13
CVE-2024-21412
Known exploited
Internet Shortcut Files Security Feature Bypass Vulnerability
Max CVSS
8.1
EPSS Score
0.36%
Published
2024-02-13
Updated
2024-03-07
CISA KEV Added
2024-02-13
Skype for Consumer Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.12%
Published
2024-03-12
Updated
2024-03-12
Windows Hyper-V Remote Code Execution Vulnerability
Max CVSS
8.1
EPSS Score
0.09%
Published
2024-03-12
Updated
2024-03-21
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Max CVSS
8.3
EPSS Score
0.33%
Published
2024-02-02
Updated
2024-02-09
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Max CVSS
8.2
EPSS Score
0.11%
Published
2024-02-13
Updated
2024-02-23
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
0.11%
Published
2024-02-13
Updated
2024-03-07
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Max CVSS
8.3
EPSS Score
0.09%
Published
2024-01-26
Updated
2024-01-31
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
Max CVSS
8.0
EPSS Score
0.04%
Published
2024-02-13
Updated
2024-03-01