Vulnerabilities > Microsoft > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-12-05 CVE-2022-43516 A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)
network
low complexity
zabbix microsoft
critical
9.8
2022-11-25 CVE-2022-4135 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google microsoft CWE-787
critical
9.6
2022-11-09 CVE-2022-41080 Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019
Microsoft Exchange Server Elevation of Privilege Vulnerability.
network
low complexity
microsoft
critical
9.8
2022-11-04 CVE-2022-39344 Classic Buffer Overflow vulnerability in Microsoft Azure Rtos Usbx
Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX.
network
low complexity
microsoft CWE-120
critical
9.8
2022-10-25 CVE-2022-39327 Code Injection vulnerability in Microsoft Azure Command-Line Interface
Azure CLI is the command-line interface for Microsoft Azure.
network
low complexity
microsoft CWE-94
critical
9.8
2022-10-13 CVE-2022-39293 Integer Underflow (Wrap or Wraparound) vulnerability in Microsoft Azure Rtos Usbx
Azure RTOS USBX is a high-performance USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX.
network
low complexity
microsoft CWE-191
critical
9.8
2022-10-11 CVE-2022-37968 Improper Privilege Management vulnerability in Microsoft Azure Arc-Enabled Kubernetes and Azure Stack Edge
Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability.
network
low complexity
microsoft CWE-269
critical
10.0
2022-10-10 CVE-2022-36063 Stack-based Buffer Overflow vulnerability in Microsoft Azure Rtos Usbx
Azure RTOS USBx is a USB host, device, and on-the-go (OTG) embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors.
network
low complexity
microsoft CWE-121
critical
9.8
2022-09-20 CVE-2022-37972 Unspecified vulnerability in Microsoft Endpoint Configuration Manager 2103/2207
Microsoft Endpoint Configuration Manager Spoofing Vulnerability.
network
low complexity
microsoft
critical
9.8
2022-06-15 CVE-2022-30141 Code Injection vulnerability in Microsoft products
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability.
network
microsoft CWE-94
critical
9.3