Vulnerabilities > Microsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-05 | CVE-2022-43516 | A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI) | 9.8 |
| 2022-11-25 | CVE-2022-4135 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2022-11-09 | CVE-2022-41080 | Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019 Microsoft Exchange Server Elevation of Privilege Vulnerability. | 9.8 |
| 2022-11-04 | CVE-2022-39344 | Classic Buffer Overflow vulnerability in Microsoft Azure Rtos Usbx Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. | 9.8 |
| 2022-10-25 | CVE-2022-39327 | Code Injection vulnerability in Microsoft Azure Command-Line Interface Azure CLI is the command-line interface for Microsoft Azure. | 9.8 |
| 2022-10-13 | CVE-2022-39293 | Integer Underflow (Wrap or Wraparound) vulnerability in Microsoft Azure Rtos Usbx Azure RTOS USBX is a high-performance USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. | 9.8 |
| 2022-10-11 | CVE-2022-37968 | Improper Privilege Management vulnerability in Microsoft Azure Arc-Enabled Kubernetes and Azure Stack Edge Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability. | 10.0 |
| 2022-10-10 | CVE-2022-36063 | Stack-based Buffer Overflow vulnerability in Microsoft Azure Rtos Usbx Azure RTOS USBx is a USB host, device, and on-the-go (OTG) embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. | 9.8 |
| 2022-09-20 | CVE-2022-37972 | Unspecified vulnerability in Microsoft Endpoint Configuration Manager 2103/2207 Microsoft Endpoint Configuration Manager Spoofing Vulnerability. | 9.8 |
| 2022-06-15 | CVE-2022-30141 | Code Injection vulnerability in Microsoft products Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. | 9.3 |