Microsoft Vulnerabilities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product

Microsoft Windows4904
Microsoft Internet Explorer1275
Microsoft Edge937
Microsoft Office510
Microsoft ChakraCore207

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix9475
Temporary Fix1
Workaround24
Unavailable82
Not Defined418

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High180
Functional85
Proof-of-Concept1778
Unproven2886
Not Defined5071

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical57
Local1584
Adjacent200
Network8159

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High336
Low3979
None5685

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required4138
None5862

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

C3BM Index

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base

≤10
≤20
≤317
≤4187
≤51139
≤61669
≤72439
≤82763
≤91194
≤10592

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤351
≤4310
≤51509
≤62300
≤72950
≤81937
≤9607
≤10336

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤22
≤3127
≤4506
≤51327
≤61094
≤73320
≤81800
≤91208
≤10616

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤310
≤449
≤5320
≤6777
≤7464
≤82328
≤9553
≤10118

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤11
≤20
≤34
≤415
≤582
≤6171
≤7373
≤8818
≤9297
≤1048

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤317
≤462
≤5856
≤6666
≤7920
≤82356
≤9559
≤10110

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤81
≤91
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

Exploit 0-day

<1k8
<2k11
<5k198
<10k685
<25k2342
<50k2780
<100k3320
≥100k656

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k3941
<2k669
<5k1378
<10k1671
<25k2285
<50k40
<100k16
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Exploit Market Volume

Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

🔴 CTI Activities

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Affected Products (426): .NET (37), .NET Core (23), .NET Core SDK (1), .NET Education Bundle SDK Install Tool (1), .NET Framework (137), .NET Install Tool for Extension Authors (1), 3D Builder (20), 3D Viewer (10), 4K Wireless Display Adapter (1), 365 Apps for Enterprise (22), @azure-ms-rest-nodeauth (1), ADAL.NET (1), ADAM (1), ASP.NET (10), ASP.NET Core (27), ASP.NET Core MVC (2), ASP.NET MVC (1), ASP .NET SignalR (1), AV1 Video Extension (6), Access (11), Accessibility Insights (1), Accessibility Insights for Web (1), Active Directory Federation Services (1), ActiveX (2), Anti-cross Site Scripting Library (1), App Installer (1), Application Inspector (1), Authentication Library (1), AutoUpdate for Mac (1), Azure (3), Azure AD (1), Azure AD B2C (1), Azure AD Connect (1), Azure API Management Service (1), Azure ARC (1), Azure Active Directory (1), Azure Active Directory B2C (1), Azure Active Directory Connect (2), Azure Active Directory Passport (1), Azure App Service (3), Azure App Service on Azure Stack Hub (1), Azure Arc-Enabled Servers (1), Azure Arc-enabled Kubernetes Cluster (1), Azure Arc Jumpstart (1), Azure Automation (2), Azure Automation State Configuration (1), Azure Automation Update Management (1), Azure Bastion (1), Azure Batch (1), Azure CLI (2), Azure Cognitive Search (1), Azure Command-Line Interface (1), Azure Connected Machine Agent (2), Azure Container Instance (1), Azure Container Registry (1), Azure CycleCloud (3), Azure Data Box Gateway (1), Azure Data Explorer (1), Azure DevOps Server (37), Azure Diagnostics (1), Azure Digital Twins Explorer (1), Azure EFLOW (1), Azure File Sync (1), Azure Front Door (1), Azure Function Apps (1), Azure Functions (2), Azure Guest Configuration (1), Azure HDInsights (8), Azure Identity SDK (1), Azure Identity SDK for .NET (1), Azure IoT CLI Extension (1), Azure IoT Edge (2), Azure IoT SDK (1), Azure Kubernetes Service (5), Azure Kubernetes Service Confidential Containers (2), Azure Linux Guest Agent (1), Azure Logic Apps (2), Azure Machine Learning (2), Azure Machine Learning SDK (1), Azure Machine Learning Service (1), Azure Migrate (1), Azure Network Watcher VM Extension (2), Azure On-Premises Data Gateway (1), Azure Open Management Infrastructure (5), Azure Pack Rollup (1), Azure Pipelines Agent (1), Azure RTOS (6), Azure RTOS GUIX (1), Azure RTOS GUIX Studio (2), Azure RTOS USBX (2), Azure Real Time Operating System GUIX Studio (8), Azure Resource Manager (1), Azure SDK for .NET (1), Azure SDK for Java (1), Azure SSH Keypairs (1), Azure Security Center (1), Azure Sentinel (1), Azure Service Connector (1), Azure Service Fabric (5), Azure Service Fabric Explorer (1), Azure Site Recovery (2), Azure Site Recovery VMWare to Azure (80), Azure Sphere (30), Azure Spring Cloud (1), Azure Stack (1), Azure Stack Edge (2), Azure Stack Hub (2), Azure StorSimple 8000 (1), Azure Storage Blobs Client Library (2), Azure Storage Mover Agent (1), Azure setup-kubectl (1), Bing (1), Bing Search (2), BizTalk ESB Toolkit (1), Bond (1), Bot Framework SDK (2), Business Productivity Servers (1), C SDK for Azure IoT (2), ChakraCore (207), Chakra Core (5), Chess Titan (1), Clarity (1), Clarity Plugin (1), Common Data Model SDK (1), Common Utilities (1), Compiled HTML Help (1), Container Monitoring Solution (1), Data.OData (1), Data Access Components (2), Debug Diagnostic Tool (1), Defender (1), Defender Antimalware Platform (1), Defender Security Intelligence Updates (2), Defender for Endpoint (4), Defender for Endpoint for Windows (1), Defender for IoT (13), Desktop Client for Mac (1), Diagnostics Troubleshooting Wizard (1), Digital Image (1), DirectX (5), Directx (1), Dynamics (1), Dynamics 365 (68), Dynamics 365 BC On Premise (2), Dynamics 365 Business Central (11), Dynamics 365 Commerce (1), Dynamics 365 Customer Engagement (2), Dynamics 365 Field Service (1), Dynamics 365 Unified Service Desk (1), Dynamics 365 for Finance (2), Dynamics 365 for Finance and Operations (6), Dynamics 365 on-premises (1), Dynamics AX (2), Dynamics CRM (4), Dynamics GP (7), Dynamics NAV (8), Edge (937), Endpoint Configuration Manager (1), Endpoint Protection (1), Enhanced Mitigation Experience Toolkit EMET (1), Enterprise Library (1), Entra Jira Single-Sign-On Plugin (1), Excel (193), Excel 2010 SP2 (1), Exchange (15), Exchange Server (150), Exchange Srv (1), Expression Design (1), FAST ESP (1), FSLogix (1), File Checksum Integrity Verifier (1), Forefront Endpoint Protection (6), Forefront Security for Exchange Server (1), Forefront Threat Management Gateway (1), Forefront Unified Access Gateway (12), FrontPage (1), GitHub Pull Requests and Issues Extension (1), Groove (1), HEIF Image Extension (2), HEVC Video Extensions (42), HTML Help Workshop (1), HoloLens 1 (1), Host Integration Server (3), Host Integration Server 2020 (1), Hub Device Client SDK for Azure IoT (1), Hyper-V (13), IIS (24), ISA Server (3), Identity Linux Broker (1), Identity Manager (1), Identity Model (1), Infopath (2), Internet Authentication Service Helper Com Component (1), Internet Explorer (1275), Internet Security And Acceleration Server (1), Intune Management Extension (2), Intune Portal (1), JScript (1), Jarvis (1), Java SDK for Azure IoT (2), Jet (1), Jet Database Engine (1), Jupyter Extension for Visual Studio Code (2), Kubernetes Tools (1), Log Analytics Agent (1), Lync (21), Lync Server (12), Lync for Mac (1), MPEG-2 Video Extension (1), MSRT (1), Mail Client (1), Malicious Software Removal Tool (2), Malware Protection Engine (15), Maven for Java Extension (1), Media Format Runtime (1), Media Player (3), Media Services (1), Microsoft Dynamics 365 (1), Microsoft Malware Protection Platform (1), Microsoft OLE DB Provider for DB2 V7 (1), Money (1), Mono (1), Mono Framework (1), NET Framework (1), Network Watcher Agent Virtual Machine Extension for Linux (1), Nokia Asha 501 (1), NuGet (3), ODBC Driver (7), ODBC Driver for SQL Server (5), OLE DB (1), OLE DB Driver (5), OLE DB Driver for SQL Server (1), Office (510), Office 365 (4), Office 365 ProPlus (1), Office App (1), Office Communicator (2), Office Compability Pack (1), Office Compatibility Pack (11), Office Converter Pack (1), Office Excel (4), Office LTSC (3), Office Online Server (11), Office Picture Manager (1), Office SharePoint Server (1), Office Snapshot Viewer ActiveX (1), Office Web Apps (10), Office Web Apps Server (8), Office Word Viewer (2), Office for Mac 2011 (1), On-Prem Data Gateway (1), On-Premises Data Gateway (1), OneDrive (13), OneNote (7), Open Enclave SDK (3), Open XML File Format Converter (1), Operations (2), Organization Chart (1), Outlook (57), Outlook.com (1), Outlook Express (1), Outlook Web Access (2), Outlook Web App (1), Package Manager Configurations (1), Paint 3D (6), PandocUpload (1), Passport-SAML (1), Peachtree Accounting (1), Photos (1), Power Apps (2), Power Automate (1), Power BI (1), PowerBI-Client JS SDK (1), Power BI Report Server (6), Power Platform (2), PowerPoint (52), PowerPoint Viewer (4), PowerShell (2), PowerShell Core (1), PowerShell Editor Services (1), PowerShell Extension for Visual Studio Code (1), PowerShellGet (1), Powerpoint (1), Print 3D (1), Printer Metadata Troubleshooter Tool (1), Project (6), Project Server (3), Publisher (21), Publisher 2003 (9), Python Extension for Visual Studio Code (1), Quantum Development Kit for Visual Studio Code (1), RMS Sharing for Mac (1), RTOS GUIX (3), Raw Image Extension (14), Remote Desktop (1), Remote Desktop Connection Client (1), Remote Desktop Connection Manager (1), Remote Desktop For Mac (1), Research JavaScript Cryptography Library (2), Rich Textbox Control (1), Rome SDK (2), SCS Add-on (1), SQL Server (46), SQL Server 2017 Reporting Services (1), SQL Server 2019 Reporting Services (1), SQL Server Management Studio (6), Security Essentials (9), Security Essentials Antimalware Engine (2), Send Customer Voice survey from Dynamics 365 (1), Send Customer Voice survey from Dynamics 365 App (1), Service Fabric (1), SharePoint (64), SharePoint Enterprise Server (132), SharePoint Foundation (62), SharePoint Server (206), SharePoint Services (1), Sharepoint (6), Silverlight (17), Skype (15), Skype Extension (1), Skype for Android (1), Skype for Business (15), Skype for Business Server (14), Snip & Sketch (1), Snipping Tool (1), Sterling Connect Direct (1), Surface Hub (1), Surface Pro (1), SysInternals Sysmon (1), Sysinternals Process Monitor (1), Sysinternals PsExec (1), System Center (1), System Center Endpoint Protection (8), System Center Operations Manager (8), System Center Virtual Machine Manager (1), Systems Management Server (1), Team Foundation Server (23), Teams (9), Teams Admin Center (1), Tech Companion (1), VBScript (1), VISIO (1), VP9 Video Extensions (7), Vfp Ole Server Activex Control (1), Virtual PC (2), Virtual Server (1), Visio (25), Visio Viewer (6), Visual Basic (6), Visual Basic Enterprise Edition (1), Visual C++ (1), Visual C++ Redistributable (1), Visual FoxPro (1), Visual InterDev (2), Visual Studio (132), Visual Studio Code (44), Visual Studio Code Live Share Extension (1), Visual Studio Code Remote Containers Extension (1), Visual Studio Code WSL Extension (1), Visual Studio Community (1), Visual Studio Team Foundation Server (1), WMI Administrative Tools (1), WebDAV Mini-Redirector (1), Web Media Extensions (1), WebP Image Extension (1), Whale Communication IAG (1), Windows (4904), Windows-nt (1), Windows 10 Update Assistant (2), Windows Admin Center (2), Windows Azure Sdk (1), Windows Defender (9), Windows Defender Antimalware Platform (1), Windows Embedded (1), Windows Essentials (1), Windows Host Compute (1), Windows Image Acquisition Logger (1), Windows Installer (1), Windows Live Messenger (4), Windows Live Movie Maker (1), Windows Live OneCare (1), Windows Live Onecare (2), Windows Media Center (2), Windows Media Center TV Pack (1), Windows Media Encoder (1), Windows Media Format Runtime (1), Windows Media Player (12), Windows Messenger (1), Windows Mobile (3), Windows Modern Mail (1), Windows Movie Maker (2), Windows Phone (2), Windows Search (1), Windows Server (1), Windows Subsystem for Linux (1), Windows Sysmon (1), Windows Upgrade Assistant (1), Wireless Desktop 2000 (1), Wireless Display Adapter V2 (1), Wireless Keyboard (2), Word (107), Word 2003 (1), WordPad (1), Word Viewer (3), Works (6), XML Core Services (9), Xamarin.Forms (1), Xbox Live (1), Xerte (1), YARP (2), Yammer (1), YourPhone App (1), Zune (1), az functionapp config appsettings delete (1), az functionapp config appsettings set (1), az logicapp config appsettings delete (1), az logicapp config appsettings set (1), az staticwebapp appsettings delete (1), az staticwebapp appsettings set (1), az webapp config appsettings delete (1), az webapp config appsettings set (1), iis (2), msgraph-sdk-php (1), msgraph-sdk-php-core (1), typed-rest-client (1), workspace-tools (1)

Link to Vendor Website: https://www.microsoft.com/

PublishedBaseTempVulnerabilityProdExpRemCTIEPSSCVE
02/16/20244.34.1Microsoft Clarity Plugin cross-site request forgeryWordPress PluginNot DefinedOfficial Fix0.020.00043CVE-2024-0590
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.110.00091CVE-2024-21420
02/13/20248.57.5Microsoft Office Outlook Remote Code ExecutionOffice Suite SoftwareProof-of-ConceptOfficial Fix0.450.00091CVE-2024-21413
02/13/20247.26.3Microsoft Windows Internet Shortcut File Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.340.00875CVE-2024-21412
02/13/20249.89.1Microsoft Exchange Server Remote Code ExecutionGroupware SoftwareFunctionalOfficial Fix0.650.00712CVE-2024-21410
02/13/20246.45.5Microsoft Windows Printing Service unknown vulnerabilityOperating SystemUnprovenOfficial Fix0.140.00048CVE-2024-21406
02/13/20247.36.3Microsoft Windows Message Queuing Privilege EscalationOperating SystemUnprovenOfficial Fix0.020.00043CVE-2024-21405
02/13/20247.56.7Microsoft Visual Studio/.NET denial of serviceProgramming Tool SoftwareProof-of-ConceptOfficial Fix0.020.00046CVE-2024-21404
02/13/20249.08.1Microsoft Azure Kubernetes Service Confidential Containers Remote Code ExecutionCloud SoftwareProof-of-ConceptOfficial Fix0.040.00091CVE-2024-21403
02/13/20246.25.4Microsoft Outlook Local Privilege EscalationGroupware SoftwareUnprovenOfficial Fix0.020.00043CVE-2024-21402
02/13/20249.88.8Microsoft Entra Jira Single-Sign-On Plugin Remote Code ExecutionUnknownProof-of-ConceptOfficial Fix0.080.00091CVE-2024-21401
02/13/20244.94.4Microsoft Azure File Sync Local Privilege EscalationCloud SoftwareProof-of-ConceptOfficial Fix0.170.00043CVE-2024-21397
02/13/20247.56.5Microsoft Dynamics 365 Sales Privilege EscalationUnknownUnprovenOfficial Fix0.020.00049CVE-2024-21396
02/13/20246.25.4Microsoft Dynamics 365 cross site scriptingUnknownUnprovenOfficial Fix0.020.00087CVE-2024-21395
02/13/20247.06.1Microsoft Dynamics 365 Field Service Privilege EscalationUnknownUnprovenOfficial Fix0.020.00049CVE-2024-21394
02/13/20245.54.8Microsoft Dynamics 365 cross site scriptingUnknownUnprovenOfficial Fix0.020.00049CVE-2024-21393
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.000.00091CVE-2024-21391
02/13/20245.54.8Microsoft Dynamics 365 cross site scriptingUnknownUnprovenOfficial Fix0.000.00049CVE-2024-21389
02/13/20247.56.7Microsoft Visual Studio/ASP.NET Core denial of serviceProgramming Tool SoftwareProof-of-ConceptOfficial Fix0.020.00046CVE-2024-21386
02/13/20247.06.1Microsoft Office OneNote Remote Code ExecutionOffice Suite SoftwareUnprovenOfficial Fix0.040.00053CVE-2024-21384
02/13/20245.95.3Microsoft Azure Active Directory B2C Privilege EscalationCloud SoftwareProof-of-ConceptOfficial Fix0.020.00050CVE-2024-21381
02/13/20245.75.0Microsoft Dynamics 365 Business Central information disclosureUnknownUnprovenOfficial Fix0.020.00050CVE-2024-21380
02/13/20247.06.1Microsoft Office/Word Remote Code ExecutionOffice Suite SoftwareUnprovenOfficial Fix0.030.00057CVE-2024-21379
02/13/20247.16.2Microsoft Outlook Remote Code ExecutionGroupware SoftwareUnprovenOfficial Fix0.030.00050CVE-2024-21378
02/13/20245.24.5Microsoft Windows DNS information disclosureOperating SystemUnprovenOfficial Fix0.200.00043CVE-2024-21377
02/13/20249.08.1Microsoft Azure Kubernetes Service Confidential Containers Remote Code ExecutionCloud SoftwareProof-of-ConceptOfficial Fix0.020.00091CVE-2024-21376
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.020.00091CVE-2024-21375
02/13/20243.93.4Microsoft Teams information disclosureUnified Communication SoftwareUnprovenOfficial Fix0.020.00043CVE-2024-21374
02/13/20248.87.7Microsoft Windows OLE Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.250.00091CVE-2024-21372
02/13/20247.06.1Microsoft Windows Kernel Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.090.00043CVE-2024-21371
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.030.00091CVE-2024-21370
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.000.00091CVE-2024-21369
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.000.00091CVE-2024-21368
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.000.00091CVE-2024-21367
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.000.00091CVE-2024-21366
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.000.00091CVE-2024-21365
02/13/20249.08.1Microsoft Azure Site Recovery Local Privilege EscalationCloud SoftwareProof-of-ConceptOfficial Fix0.040.00053CVE-2024-21364
02/13/20247.86.8Microsoft Windows Message Queuing Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.000.00043CVE-2024-21363
02/13/20245.54.8Microsoft Windows Kernel unknown vulnerabilityOperating SystemUnprovenOfficial Fix0.020.00043CVE-2024-21362
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.000.00091CVE-2024-21361
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.000.00091CVE-2024-21360
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.000.00091CVE-2024-21359
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.020.00091CVE-2024-21358
02/13/20247.56.5Microsoft Windows Pragmatic General Multicast Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.060.00091CVE-2024-21357
02/13/20246.55.7Microsoft Windows LDAP denial of serviceOperating SystemUnprovenOfficial Fix0.090.00044CVE-2024-21356
02/13/20247.06.1Microsoft Windows Message Queuing Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.000.00043CVE-2024-21355
02/13/20247.86.8Microsoft Windows Message Queuing Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.030.00043CVE-2024-21354
02/13/20248.87.7Microsoft Windows WDAC ODBC Driver Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.030.00091CVE-2024-21353
02/13/20248.87.7Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.000.00091CVE-2024-21352
02/13/20246.96.0Microsoft Windows SmartScreen Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.070.00566CVE-2024-21351

9950 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!