Filtered by vendor Microsoft Subscriptions
Total 24964 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-34340 1 Microsoft 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more 2026-05-20 7 High
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2026-34337 1 Microsoft 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more 2026-05-20 7.8 High
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-40407 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-05-20 7.8 High
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-41091 1 Microsoft 1 Malware Protection Engine 2026-05-20 7.8 High
Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.
CVE-2010-0249 1 Microsoft 7 Internet Explorer, Windows 2000, Windows 7 and 4 more 2026-05-20 8.8 High
Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper handling of objects in memory, as exploited in the wild in December 2009 and January 2010 during Operation Aurora, aka "HTML Object Memory Corruption Vulnerability."
CVE-2008-4250 1 Microsoft 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more 2026-05-20 9.8 Critical
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."
CVE-2026-45584 1 Microsoft 1 Malware Protection Engine 2026-05-20 8.1 High
Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network.
CVE-2026-8567 2 Google, Microsoft 2 Chrome, Windows 2026-05-19 4.3 Medium
Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-8573 2 Google, Microsoft 2 Chrome, Windows 2026-05-19 8.3 High
Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
CVE-2026-8574 2 Google, Microsoft 2 Chrome, Windows 2026-05-19 8.3 High
Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-21402 1 Microsoft 6 Office, Office Long Term Servicing Channel, Office Macos 2021 and 3 more 2026-05-19 7.8 High
Microsoft Office OneNote Remote Code Execution Vulnerability
CVE-2025-21361 1 Microsoft 5 Office, Office Long Term Servicing Channel, Office Macos 2021 and 2 more 2026-05-19 7.8 High
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2025-21338 1 Microsoft 29 Office, Office Long Term Servicing Channel, Office Macos and 26 more 2026-05-19 7.8 High
GDI+ Remote Code Execution Vulnerability
CVE-2023-33158 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2026-05-19 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-29333 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2026-05-19 3.3 Low
Microsoft Access Denial of Service Vulnerability
CVE-2024-20673 1 Microsoft 8 Excel, Office, Office Long Term Servicing Channel and 5 more 2026-05-19 7.8 High
Microsoft Office Remote Code Execution Vulnerability
CVE-2021-42295 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2026-05-19 5.5 Medium
Visual Basic for Applications Information Disclosure Vulnerability
CVE-2021-42293 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2026-05-19 6.5 Medium
Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability
CVE-2022-24461 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2026-05-19 7.8 High
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-30101 1 Microsoft 6 365 Apps, Office, Office 2016 and 3 more 2026-05-19 7.5 High
Microsoft Office Remote Code Execution Vulnerability