Vulnerabilities > Microsoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-05 CVE-2023-49283 Unspecified vulnerability in Microsoft Graph
microsoft-graph-core the Microsoft Graph Library for PHP.
network
low complexity
microsoft
5.3
5.3
2023-11-28 CVE-2023-24023 Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.
high complexity
bluetooth microsoft
6.8
6.8
2023-11-20 CVE-2023-36013 Exposure of Resource to Wrong Sphere vulnerability in Microsoft Powershell
PowerShell Information Disclosure Vulnerability
network
low complexity
microsoft CWE-668
6.5
6.5
2023-11-16 CVE-2023-36008 Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
local
low complexity
microsoft
6.6
6.6
2023-11-16 CVE-2023-36026 Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
network
low complexity
microsoft
4.3
4.3
2023-11-14 CVE-2023-36558 Unspecified vulnerability in Microsoft .Net and Visual Studio 2022
ASP.NET Core - Security Feature Bypass Vulnerability
local
low complexity
microsoft
5.5
5.5
2023-11-14 CVE-2023-36007 Unspecified vulnerability in Microsoft Send Customer Voice Survey From Dynamics 365 9.0.0.0/9.0.0.7
Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability
network
low complexity
microsoft
4.1
4.1
2023-11-14 CVE-2023-36030 Unspecified vulnerability in Microsoft Dynamics 365
Microsoft Dynamics 365 Sales Spoofing Vulnerability
network
low complexity
microsoft
6.1
6.1
2023-11-14 CVE-2023-36031 Cross-site Scripting vulnerability in Microsoft Dynamics 365
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
network
low complexity
microsoft CWE-79
5.4
5.4
2023-11-14 CVE-2023-36042 Resource Exhaustion vulnerability in Microsoft Visual Studio 2019 and Visual Studio 2022
Visual Studio Denial of Service Vulnerability
local
low complexity
microsoft CWE-400
5.5
5.5