Skip to main content

197 docs tagged with "Microsoft"

View all tags

CVE-2000-0053

Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of

CVE-2000-1081

The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does n

CVE-2000-1082

The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not

CVE-2000-1083

The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not prope

CVE-2000-1084

The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not p

CVE-2000-1085

The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not

CVE-2000-1086

The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) do

CVE-2000-1087

The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) do

CVE-2000-1088

The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) doe

CVE-2000-1089

Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, ak

CVE-2000-1112

Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow rem

CVE-2000-1113

Buffer overflow in Microsoft Windows Media Player allows remote attackers to execute arbitrary comma

CVE-2000-1139

The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known passwo

CVE-2003-0995

Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a den

CVE-2004-0571

Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allo

CVE-2004-0897

The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length

CVE-2004-0899

The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP l

CVE-2004-0900

The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not pro

CVE-2004-0901

Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly valid

CVE-2004-1080

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Ser

CVE-2004-1133

Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) allow remot

CVE-2004-1134

Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial o

CVE-2004-1312

A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party product

CVE-2006-0002

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP

CVE-2006-0010

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server

CVE-2006-0020

An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2

CVE-2006-0143

Microsoft Windows Graphics Rendering Engine (GRE) allows remote attackers to corrupt memory and caus

CVE-2006-0187

By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defi

CVE-2007-0024

Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet

CVE-2007-0027

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers

CVE-2007-0028

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not

CVE-2007-0029

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted rem

CVE-2007-0030

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted rem

CVE-2007-0031

Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X fo

CVE-2007-0033

Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via

CVE-2007-0034

Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 200

CVE-2007-0045

Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and

CVE-2007-0066

The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protoc

CVE-2007-0069

Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows r

CVE-2007-0084

Buffer overflow in the Windows NT Message Compiler (MC) 1.00.5239 on Microsoft Windows XP allows loc

CVE-2007-0087

Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large w

CVE-2007-0099

Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer

CVE-2007-5352

Unspecified vulnerability in Local Security Authority Subsystem Service (LSASS) in Microsoft Windows

CVE-2008-0235

The Microsoft VFP_OLE_Server ActiveX control allows remote attackers to execute arbitrary code by in

CVE-2008-0236

An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0) allows remote attackers to exe

CVE-2008-0237

The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 allows remote attackers to execu

CVE-2008-0250

Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arb

CVE-2008-5823

An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used with WScript in Windows Script

CVE-2008-5828

Microsoft Windows Live Messenger Client 8.5.1 and earlier, when MSN Protocol Version 15 (MSNP15) is

CVE-2009-0072

Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote attackers to cause a denial of servi

CVE-2010-0278

A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build

CVE-2010-4669

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windo

CVE-2011-0026

Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data A

CVE-2011-0027

Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6

CVE-2011-0346

Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Ex

CVE-2011-0347

Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI displa

CVE-2012-0001

The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2

CVE-2012-0003

Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) i

CVE-2012-0004

Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Serv

CVE-2012-0005

The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2

CVE-2012-0007

The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate cha

CVE-2012-0009

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Window

CVE-2012-0013

Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2

CVE-2013-0001

The Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.

CVE-2013-0002

Buffer overflow in the Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1

CVE-2013-0003

Buffer overflow in a System.DirectoryServices.Protocols (S.DS.P) namespace method in Microsoft .NET

CVE-2013-0004

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properl

CVE-2013-0005

The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Fram

CVE-2013-0006

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which

CVE-2013-0007

Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which

CVE-2013-0008

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, a

CVE-2013-0009

Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and

CVE-2013-0010

Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and

CVE-2013-0011

The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows r

CVE-2013-0013

The SSL provider component in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1,

CVE-2018-0741

The Color Management Module (Icm32.dll) in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allo

CVE-2018-0749

The Microsoft Server Message Block (SMB) Server in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Se

CVE-2018-0758

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke

CVE-2018-0762

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Window

CVE-2018-0764

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7

CVE-2018-0766

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows

CVE-2018-0767

Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an att

CVE-2018-0768

Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the

CVE-2018-0769

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke

CVE-2018-0770

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke

CVE-2018-0772

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Window

CVE-2018-0773

Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the

CVE-2018-0774

Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the

CVE-2018-0775

Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the

CVE-2018-0776

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke

CVE-2018-0777

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke

CVE-2018-0778

Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the

CVE-2018-0780

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows

CVE-2018-0781

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacke

CVE-2018-0786

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Co

CVE-2018-0789

Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Serv

CVE-2018-0790

Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Serv

CVE-2018-0791

Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 a

CVE-2018-0792

Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the

CVE-2018-0793

Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execut

CVE-2018-0794

Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft

CVE-2018-0795

Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code executio

CVE-2018-0796

Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsof

CVE-2018-0797

Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code executio

CVE-2018-0798

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsof

CVE-2018-0799

Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and Microsoft SharePoint Enterprise

CVE-2018-0800

Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further comp

CVE-2018-0801

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsof

CVE-2018-0802

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsof

CVE-2018-0803

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows

CVE-2018-0804

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of

CVE-2018-0805

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of

CVE-2018-0806

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of

CVE-2018-0807

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of

CVE-2018-0812

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Of

CVE-2018-0818

Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with anoth

CVE-2018-0819

Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a u

CVE-2018-5282

Kentico 9.0 through 11.0 has a stack-based buffer overflow via the SqlName, SqlPswd, Database, UserN

CVE-2019-18652

A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 through 12.1.3, allowing

CVE-2020-24003

Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which all

CVE-2021-1638

Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For

CVE-2021-1647

Microsoft Defender Remote Code Execution Vulnerability

CVE-2021-1648

Microsoft splwow64 Elevation of Privilege Vulnerability

CVE-2021-1668

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability

CVE-2021-1683

Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For

CVE-2021-1684

Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For

CVE-2021-1705

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

CVE-2021-1707

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2021-1710

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-1711

Microsoft Office Remote Code Execution Vulnerability

CVE-2021-1712

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2021-1719

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2021-21470

SAP EPM Add-in for Microsoft Office, version - 1010 and SAP EPM Add-in for SAP Analysis Office, vers

CVE-2022-21835

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

CVE-2022-21837

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-21846

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21855

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21871

Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability

CVE-2022-21891

Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability

CVE-2022-21910

Microsoft Cluster Port Driver Elevation of Privilege Vulnerability

CVE-2022-21929

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2022-21930

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2022-21931

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2022-21932

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

CVE-2022-21954

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2022-21969

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21970

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2023-21537

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

CVE-2023-21551

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

CVE-2023-21561

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

CVE-2023-21681

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2023-21724

Microsoft DWM Core Library Elevation of Privilege Vulnerability

CVE-2023-21730

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

CVE-2023-21732

Microsoft ODBC Driver Remote Code Execution Vulnerability

CVE-2023-21736

Microsoft Office Visio Remote Code Execution Vulnerability

CVE-2023-21737

Microsoft Office Visio Remote Code Execution Vulnerability

CVE-2023-21738

Microsoft Office Visio Remote Code Execution Vulnerability

CVE-2023-21741

Microsoft Office Visio Information Disclosure Vulnerability

CVE-2023-21742

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2023-21743

Microsoft SharePoint Server Security Feature Bypass Vulnerability

CVE-2023-21744

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2023-21761

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2023-21763

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21764

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2024-20653

Microsoft Common Log File System Elevation of Privilege Vulnerability

CVE-2024-20654

Microsoft ODBC Driver Remote Code Execution Vulnerability

CVE-2024-20655

Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability

CVE-2024-20658

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

CVE-2024-20660

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2024-20661

Microsoft Message Queuing Denial of Service Vulnerability

CVE-2024-20664

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2024-20675

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

CVE-2024-20677

A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vu

CVE-2024-20692

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

CVE-2024-21314

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2024-21318

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2024-21325

Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability

CVE-2024-21337

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2024-21632

omniauth-microsoft_graph provides an Omniauth strategy for the Microsoft Graph API. Prior to version

CVE-2024-22125

Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge)