Vulnerabilities > Microsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-14 | CVE-2025-21311 | Unspecified vulnerability in Microsoft products Windows NTLM V1 Elevation of Privilege Vulnerability | 9.8 |
| 2024-12-12 | CVE-2024-49147 | Deserialization of Untrusted Data vulnerability in Microsoft Update Catalog Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver. | 9.8 |
| 2024-11-26 | CVE-2024-49035 | Unspecified vulnerability in Microsoft Partner Center An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network. | 9.8 |
| 2024-11-26 | CVE-2024-49038 | Unspecified vulnerability in Microsoft Copilot Studio Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network. | 9.6 |
| 2024-11-26 | CVE-2024-49052 | Unspecified vulnerability in Microsoft Azure Functions Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network. | 9.8 |
| 2024-11-12 | CVE-2024-43498 | Unspecified vulnerability in Microsoft .Net and Visual Studio 2022 .NET and Visual Studio Remote Code Execution Vulnerability | 9.8 |
| 2024-11-12 | CVE-2024-43602 | Unspecified vulnerability in Microsoft Azure Cyclecloud Azure CycleCloud Remote Code Execution Vulnerability | 9.9 |
| 2024-11-12 | CVE-2024-43639 | Unspecified vulnerability in Microsoft products Windows KDC Proxy Remote Code Execution Vulnerability | 9.8 |
| 2024-10-17 | CVE-2024-43566 | Unspecified vulnerability in Microsoft Edge Chromium Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 9.8 |
| 2024-10-08 | CVE-2024-38124 | Unspecified vulnerability in Microsoft products Windows Netlogon Elevation of Privilege Vulnerability | 9.0 |