Vulnerabilities > Microsoft > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-36049 Unspecified vulnerability in Microsoft .Net and .Net Framework
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
9.8
2023-11-14 CVE-2023-36018 Unspecified vulnerability in Microsoft Jupyter 2022.9.110
Visual Studio Code Jupyter Extension Spoofing Vulnerability
network
low complexity
microsoft
critical
9.8
2023-11-14 CVE-2023-36028 Unspecified vulnerability in Microsoft products
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
network
low complexity
microsoft
critical
9.8
2023-11-14 CVE-2023-36397 Unspecified vulnerability in Microsoft products
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
network
low complexity
microsoft
critical
9.8
2023-10-18 CVE-2023-38545 Out-of-bounds Write vulnerability in multiple products
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only.
network
low complexity
haxx fedoraproject netapp microsoft CWE-787
critical
9.8
2023-10-10 CVE-2023-35349 Unspecified vulnerability in Microsoft products
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
network
low complexity
microsoft
critical
9.8
2023-10-10 CVE-2023-36419 Unspecified vulnerability in Microsoft Azure Hdinsights
Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
9.8
2023-10-10 CVE-2023-36434 Unspecified vulnerability in Microsoft products
Windows IIS Server Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
9.8
2023-09-15 CVE-2023-36735 Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
9.6
2023-09-12 CVE-2023-29332 Improper Input Validation vulnerability in Microsoft Azure Kubernetes Service
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
network
low complexity
microsoft CWE-20
critical
9.8