Vulnerabilities > Microsoft > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-12 CVE-2023-36765 Unspecified vulnerability in Microsoft Office 2019
Microsoft Office Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2023-08-08 CVE-2023-36903 Unspecified vulnerability in Microsoft products
Windows System Assessment Tool Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2023-08-08 CVE-2023-38186 Unspecified vulnerability in Microsoft products
Windows Mobile Device Management Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2023-07-11 CVE-2023-32056 Unspecified vulnerability in Microsoft products
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2023-07-11 CVE-2023-33154 Unspecified vulnerability in Microsoft products
Windows Partition Management Driver Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2023-06-14 CVE-2023-29357 Unspecified vulnerability in Microsoft Sharepoint Server 2019
Microsoft SharePoint Server Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2023-03-14 CVE-2023-23397 Authentication Bypass by Capture-replay vulnerability in Microsoft products
Microsoft Outlook Elevation of Privilege Vulnerability
network
low complexity
microsoft CWE-294
critical
 9.8
9.8
2023-02-14 CVE-2023-21716 Unspecified vulnerability in Microsoft products
Microsoft Word Remote Code Execution Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2022-12-05 CVE-2022-43516 A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)
network
low complexity
zabbix microsoft
critical
 9.8
9.8
2022-11-25 CVE-2022-4135 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google microsoft CWE-787
critical
 9.6
9.6