Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-08 | CVE-2024-21302 | Unspecified vulnerability in Microsoft products Summary: Microsoft was notified that an elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security (VBS), including a subset of Azure Virtual Machine SKUS. | 6.7 |
| 2024-08-06 | CVE-2024-38166 | Cross-site Scripting vulnerability in Microsoft Dynamics CRM Service Portal web Resource An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link. | 6.1 |
| 2024-08-06 | CVE-2024-38206 | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Copilot Studio An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. | 6.5 |
| 2024-07-31 | CVE-2024-38182 | Unspecified vulnerability in Microsoft Dynamics 365 7.0 Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network. | 9.8 |
| 2024-07-25 | CVE-2024-38103 | Unspecified vulnerability in Microsoft Edge Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | 5.9 |
| 2024-07-23 | CVE-2024-38164 | Unspecified vulnerability in Microsoft Groupme An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link. | 8.8 |
| 2024-07-23 | CVE-2024-38176 | Unspecified vulnerability in Microsoft Groupme An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network. | 8.1 |
| 2024-07-09 | CVE-2024-21303 | Unspecified vulnerability in Microsoft products SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | 8.8 |
| 2024-07-09 | CVE-2024-38049 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Microsoft products Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability | 8.1 |
| 2024-07-09 | CVE-2024-38078 | Unspecified vulnerability in Microsoft Windows 11 21H2 and Windows 11 23H2 Xbox Wireless Adapter Remote Code Execution Vulnerability high complexity microsoft | 7.5 |