Vulnerabilities > Microsoft > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-12-15 CVE-2021-43217 Unspecified vulnerability in Microsoft products
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2021-12-15 CVE-2021-43225 Unspecified vulnerability in Microsoft BOT Framework Software Development KIT
Bot Framework SDK Remote Code Execution Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2021-12-15 CVE-2021-43882 Improper Certificate Validation vulnerability in Microsoft Defender for IOT
Microsoft Defender for IoT Remote Code Execution Vulnerability
network
low complexity
microsoft CWE-295
critical
 9.8
9.8
2021-12-15 CVE-2021-43899 Unspecified vulnerability in Microsoft Wireless Display Adapter Firmware 2.0.8350/2.0.8365/2.0.8372
Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2021-12-15 CVE-2021-43905 Unspecified vulnerability in Microsoft Office
Microsoft Office app Remote Code Execution Vulnerability
network
low complexity
microsoft
critical
 9.6
9.6
2021-12-15 CVE-2021-43907 Unspecified vulnerability in Microsoft Windows Subsystem for Linux 0.63.4/0.63.5
Visual Studio Code WSL Extension Remote Code Execution Vulnerability
network
low complexity
microsoft
critical
 9.8
9.8
2021-08-13 CVE-2021-37705 Incorrect Authorization vulnerability in Microsoft Onefuzz
OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform.
network
low complexity
microsoft CWE-863
critical
 10.0
10
2021-03-24 CVE-2021-28967 Unspecified vulnerability in Microsoft Visual Studio Code
The unofficial MATLAB extension before 2.0.1 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace because of lint configuration settings.
network
low complexity
microsoft
critical
 9.8
9.8
2021-02-09 CVE-2021-21132 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
network
low complexity
google microsoft CWE-1021
critical
 9.6
9.6
2021-02-09 CVE-2021-21124 Use After Free vulnerability in multiple products
Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google microsoft CWE-416
critical
 9.6
9.6