Vulnerabilities > Microsoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-10-11 CVE-2022-35829 Unspecified vulnerability in Microsoft Azure Service Fabric
Service Fabric Explorer Spoofing Vulnerability
network
low complexity
microsoft
4.8
2022-10-11 CVE-2022-38043 Unspecified vulnerability in Microsoft products
Windows Security Support Provider Interface Information Disclosure Vulnerability
local
low complexity
microsoft
5.5
2022-09-21 CVE-2022-29799 Path Traversal vulnerability in Microsoft Windows Defender for Endpoint
A vulnerability was found in networkd-dispatcher.
local
low complexity
microsoft CWE-22
5.5
2022-09-21 CVE-2022-29800 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows Defender for Endpoint
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher.
local
high complexity
microsoft CWE-367
4.7
2022-08-26 CVE-2022-34301 A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01.
local
low complexity
kidan redhat microsoft
6.7
2022-08-26 CVE-2022-34302 A flaw was found in New Horizon Datasys bootloaders before 2022-06-01.
local
low complexity
horizondatasys redhat microsoft
6.7
2022-08-26 CVE-2022-34303 A flaw was found in Eurosoft bootloaders before 2022-06-01.
local
low complexity
eurosoft-uk redhat microsoft
6.7
2022-08-01 CVE-2022-2170 Unspecified vulnerability in Microsoft Advertising Universal Event Tracking 1.0.0
The Microsoft Advertising Universal Event Tracking (UET) WordPress plugin before 1.0.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
network
low complexity
microsoft
4.8
2022-05-10 CVE-2022-24466 Unspecified vulnerability in Microsoft products
Windows Hyper-V Security Feature Bypass Vulnerability
low complexity
microsoft
4.1
2022-05-10 CVE-2022-26925 Missing Authentication for Critical Function vulnerability in Microsoft products
Windows LSA Spoofing Vulnerability
network
high complexity
microsoft CWE-306
5.9