Microsoft Schwachstellen

Zeitverlauf

Typ

Produkt

Microsoft Windows4719
Microsoft Internet Explorer1501
Microsoft Edge887
Microsoft Office527
Microsoft Excel208

Massnahmen

Official Fix9351
Temporary Fix0
Workaround27
Unavailable126
Not Defined496

Ausnutzbarkeit

High214
Functional86
Proof-of-Concept2186
Unproven2306
Not Defined5208

Zugriffsart

Not Defined0
Physical52
Local1390
Adjacent211
Network8347

Authentisierung

Not Defined0
High304
Low3660
None6036

Benutzeraktivität

Not Defined0
Required4124
None5876

C3BM Index

CVSSv3 Base

≤10
≤20
≤316
≤4187
≤51143
≤61741
≤72441
≤82702
≤91104
≤10666

CVSSv3 Temp

≤10
≤20
≤351
≤4325
≤51565
≤62401
≤72970
≤81717
≤9598
≤10373

VulDB

≤10
≤22
≤3114
≤4472
≤51287
≤61208
≤73328
≤81772
≤91128
≤10689

NVD

≤10
≤20
≤39
≤448
≤5317
≤6756
≤7449
≤82288
≤9536
≤10106

CNA

≤10
≤20
≤32
≤47
≤557
≤6116
≤7236
≤8508
≤9215
≤1025

Hersteller

≤10
≤20
≤316
≤460
≤5838
≤6610
≤7791
≤82039
≤9461
≤1087

Research

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤81
≤91
≤100

Exploit 0-day

<1k8
<2k11
<5k204
<10k621
<25k2347
<50k2466
<100k3581
≥100k762

Exploit heute

<1k4151
<2k564
<5k1229
<10k1552
<25k2432
<50k52
<100k20
≥100k0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (423): .NET (15), .NET Core (23), .NET Core SDK (1), .NET Education Bundle SDK Install Tool (1), .NET Framework (122), .NET Install Tool for Extension Authors (1), 3D Builder (16), 3D Viewer (7), 4K Wireless Display Adapter (1), 365 Apps for Enterprise (18), @azure-ms-rest-nodeauth (1), ADAL.NET (1), ADAM (1), ASP.NET (12), ASP.NET Core (25), ASP.NET Core MVC (2), ASP.NET MVC (1), ASP .NET SignalR (1), AV1 Video Extension (6), Access (12), Accessibility Insights (1), Accessibility Insights for Web (1), Active Directory Federation Services (1), ActiveSync (3), ActiveX (2), Agent (1), Anti-cross Site Scripting Library (1), App Installer (1), Application Inspector (1), Atlas framework (1), Authentication Library (1), AutoUpdate for Mac (1), Azure (1), Azure AD B2C (1), Azure AD Connect (1), Azure API Management Service (1), Azure ARC (1), Azure Active Directory (1), Azure Active Directory Connect (2), Azure Active Directory Passport (1), Azure App Service (3), Azure App Service on Azure Stack Hub (1), Azure Arc-enabled Kubernetes Cluster (1), Azure Arc Jumpstart (1), Azure Automation (2), Azure Automation State Configuration (1), Azure Automation Update Management (1), Azure Batch (1), Azure CLI (2), Azure Cognitive Search (1), Azure Container Instance (1), Azure CycleCloud (3), Azure Data Box Gateway (1), Azure Data Explorer (1), Azure DevOps Server (29), Azure Diagnostics (1), Azure Digital Twins Explorer (1), Azure EFLOW (1), Azure Function Apps (1), Azure Functions (2), Azure Guest Configuration (1), Azure HDInsights (1), Azure IoT CLI Extension (1), Azure IoT Edge (2), Azure IoT SDK (1), Azure Kubernetes Service (4), Azure Linux Guest Agent (1), Azure Logic Apps (1), Azure Machine Learning (2), Azure Machine Learning Service (1), Azure Migrate (1), Azure Network Watcher VM Extension (1), Azure On-Premises Data Gateway (1), Azure Open Management Infrastructure (5), Azure Pack Rollup (1), Azure RTOS (6), Azure RTOS GUIX (1), Azure RTOS GUIX Studio (1), Azure RTOS USBX (2), Azure Real Time Operating System GUIX Studio (8), Azure SDK for .NET (1), Azure SDK for Java (1), Azure SSH Keypairs (1), Azure Security Center (1), Azure Sentinel (1), Azure Service Connector (1), Azure Service Fabric (4), Azure Service Fabric Explorer (1), Azure Site Recovery (1), Azure Site Recovery VMWare to Azure (80), Azure Sphere (30), Azure Spring Cloud (1), Azure Stack (1), Azure Stack Edge (2), Azure Stack Hub (1), Azure StorSimple 8000 (1), Azure Storage Blobs Client Library (2), Azure setup-kubectl (1), Bing (1), Bing Search (2), BizTalk ESB Toolkit (1), BizTalk Server (1), Bond (1), Bot Framework SDK (2), Business Productivity Servers (1), C SDK for Azure IoT (2), ChakraCore (207), Chakra Core (5), Chess Titan (1), Clarity (1), Class Package Export Tool (1), Commerce Server (1), Common Utilities (1), Compiled HTML Help (1), Container Monitoring Solution (1), Content Management Server (2), Data.OData (1), Data Access Components (4), Debug Diagnostic Tool (1), Defender (1), Defender Antimalware Platform (1), Defender Security Intelligence Updates (1), Defender for Endpoint (4), Defender for IoT (13), Desktop Client for Mac (1), Diagnostics Troubleshooting Wizard (1), Digital Image (1), DirectX (7), DirectX Media (1), Directx (1), Dynamics (1), Dynamics 365 (49), Dynamics 365 BC On Premise (2), Dynamics 365 Business Central (9), Dynamics 365 Commerce (1), Dynamics 365 Customer Engagement (1), Dynamics 365 Field Service (1), Dynamics 365 Unified Service Desk (1), Dynamics 365 for Finance (2), Dynamics 365 for Finance and Operations (3), Dynamics 365 on-premises (1), Dynamics AX (2), Dynamics CRM (4), Dynamics GP (9), Dynamics NAV (8), Edge (887), Endpoint Configuration Manager (1), Endpoint Protection (1), Enhanced Mitigation Experience Toolkit EMET (1), Enterprise Library (1), Excel (208), Excel 2010 SP2 (1), Excel Viewer (2), Exchange (25), Exchange Server (131), Exchange Srv (1), Expression Design (1), Expression Media (1), FAST ESP (1), FSLogix (1), File Checksum Integrity Verifier (1), Forefront Endpoint Protection (6), Forefront Security for Exchange Server (1), Forefront Threat Management Gateway (1), Forefront Unified Access Gateway (12), FrontPage (2), FrontPage Server Extensions (1), GitHub Pull Requests and Issues Extension (1), Groove (1), HEIF Image Extension (2), HEVC Video Extensions (41), HTML Help Workshop (2), Help Workshop (2), HoloLens 1 (1), Host Integration Server (3), Hub Device Client SDK for Azure IoT (1), Hyper-V (13), Hyperlink Object Library (1), IE for Macintosh (1), IIS (31), ISA Server (10), Identity Manager (1), Infopath (2), Interactive Training (1), Internet Authentication Service Helper Com Component (1), Internet Explorer (1501), Internet Information Services (1), Internet Security And Acceleration Server (1), Intune Management Extension (2), Intune Portal (1), JScript (1), Jarvis (1), Java SDK for Azure IoT (2), Jet (1), Jet Database Engine (2), Jupyter Extension for Visual Studio Code (1), Kubernetes Tools (1), Log Analytics Agent (1), Log Sink Class ActiveX control (1), Lync (21), Lync Server (12), Lync for Mac (1), MPEG-2 Video Extension (1), MSN Messenger (5), MSRT (1), Mail Client (1), Malicious Software Removal Tool (2), Malware Protection Engine (14), Maven for Java Extension (1), Media Format Runtime (1), Media Player (5), Media Services (1), Money (1), Mono Framework (1), NET Framework (6), NetMeeting (1), Network Watcher Agent Virtual Machine Extension for Linux (1), Nokia Asha 501 (1), NuGet (2), ODBC Driver (2), OLE DB Driver (2), Office (527), Office 365 (4), Office 365 ProPlus (1), Office App (1), Office Communicator (2), Office Compability Pack (1), Office Compatibility Pack (11), Office Converter Pack (1), Office Excel (4), Office InfoPath (1), Office LTSC (1), Office Online Server (10), Office Picture Manager (1), Office Publisher (1), Office SharePoint Server (2), Office Snapshot Viewer ActiveX (1), Office Web Apps (10), Office Web Apps Server (7), Office Web Components (1), Office Word Viewer (2), Office for Mac 2011 (1), On-Premises Data Gateway (1), OneDrive (13), OneNote (5), Open Enclave SDK (3), Open XML File Format Converter (1), Operations (2), Organization Chart (1), Outlook (56), Outlook.com (1), Outlook Express (9), Outlook Express Book Control (1), Outlook Web Access (2), Outlook Web App (1), Package Manager Configurations (1), Paint 3D (4), Passport-SAML (1), Peachtree Accounting (1), Personal Firewall (2), Photos (1), Power Apps (1), Power Automate (1), Power BI (1), PowerBI-Client JS SDK (1), Power BI Report Server (6), PowerPoint (64), PowerPoint Viewer (5), PowerShell (1), PowerShell Core (1), PowerShell Editor Services (1), PowerShell Extension for Visual Studio Code (1), PowerShellGet (1), Powerpoint (1), Print 3D (1), Project (7), Project Server (4), Publisher (22), Publisher 2003 (9), Quantum Development Kit for Visual Studio Code (1), RMS Sharing for Mac (1), RTOS GUIX (3), Raw Image Extension (13), Register Server (1), Remote Desktop (1), Remote Desktop Connection Client (1), Remote Desktop Connection Manager (1), Remote Desktop For Mac (1), Research JavaScript Cryptography Library (2), Rich Textbox Control (1), Rome SDK (2), SCS Add-on (1), SQL Server (41), SQL Server 2017 Reporting Services (1), SQL Server 2019 Reporting Services (1), SQL Server Management Studio (6), Secure Access (1), Security Essentials (9), Security Essentials Antimalware Engine (2), Send Customer Voice survey from Dynamics 365 (1), Service Fabric (1), SharePoint (63), SharePoint Enterprise Server (131), SharePoint Foundation (62), SharePoint Server (189), SharePoint Services (1), SharePoint Team Services (1), Sharepoint (6), Silverlight (17), Skype (14), Skype Extension (1), Skype for Android (1), Skype for Business (15), Skype for Business Server (9), Snip & Sketch (1), Snipping Tool (1), Sterling Connect Direct (1), Surface Hub (1), Surface Pro (1), SysInternals Sysmon (1), Sysinternals (1), Sysinternals PsExec (1), System Center (1), System Center Endpoint Protection (8), System Center Operations Manager (7), System Center Virtual Machine Manager (1), System Information ActiveX control (1), Systems Management Server (1), Team Foundation Server (23), Teams (6), Teams Admin Center (1), Tech Companion (1), Teredo (4), Terminal Server (2), VBScript (1), VISIO (1), VP9 Video Extensions (6), Vfp Ole Server Activex Control (1), Virtual PC (3), Virtual Server (1), Visio (28), Visio Viewer (6), Visual Basic (10), Visual Basic Enterprise Edition (1), Visual C++ (1), Visual C++ Redistributable (1), Visual Database Tools Database Designer (1), Visual FoxPro (2), Visual InterDev (2), Visual Studio (104), Visual Studio .net (1), Visual Studio Code (40), Visual Studio Code Live Share Extension (1), Visual Studio Code Remote Containers Extension (1), Visual Studio Code WSL Extension (1), Visual Studio Community (1), Visual Studio Team Foundation Server (1), W3Who ISAPI (1), WMI Administrative Tools (1), WebDAV Mini-Redirector (1), Web Media Extensions (1), WebP Image Extension (1), Web Proxy (1), Whale Communication IAG (1), Windows (4719), Windows-nt (1), Windows 10 Update Assistant (2), Windows Admin Center (1), Windows Azure Sdk (1), Windows Defender (8), Windows Digital Rights Management (1), Windows Embedded (1), Windows Essentials (1), Windows Event Viewer (1), Windows Explorer (2), Windows Host Compute (1), Windows Image Acquisition Logger (1), Windows Installer (1), Windows Live Messenger (7), Windows Live Movie Maker (1), Windows Live OneCare (1), Windows Live Onecare (2), Windows Mail (3), Windows Media Center (2), Windows Media Center TV Pack (1), Windows Media Encoder (1), Windows Media Format Runtime (1), Windows Media Player (18), Windows Messenger (1), Windows Mobile (7), Windows Mobile Pocket PC (1), Windows Modern Mail (1), Windows Movie Maker (2), Windows Phone (2), Windows Search (1), Windows Server (1), Windows SharePoint Services (1), Windows Subsystem for Linux (1), Windows Sysmon (1), Windows Upgrade Assistant (1), Wireless Desktop 2000 (1), Wireless Display Adapter V2 (1), Wireless Keyboard (2), Wireless Zero Configuration system (1), Word (121), Word 2003 (1), WordPad (1), Word Viewer (4), Works (9), XML Core Services (12), Xamarin.Forms (1), Xbox 360 (2), Xbox Live (1), Xerte (1), YARP (1), Yammer (1), YourPhone App (1), Zune (1), antispyware (2), iis (2), typed-rest-client (1), winword (1), workspace-tools (1)

Link to Vendor Website: https://www.microsoft.com/

VeröffentlichtBaseTempSchwachstelleProdAusMasCTIEPSSCVE
27.05.20235.35.0Microsoft Jarvis Configuration File Information DisclosureUnbekanntProof-of-ConceptUnavailable0.260.00000
19.05.20233.33.2Microsoft Azure Arc Jumpstart Information DisclosureCloud SoftwareNot DefinedOfficial Fix0.090.00048CVE-2022-35798
17.05.20233.33.2Microsoft SharePoint Server Information DisclosureGroupware SoftwareNot DefinedOfficial Fix0.040.00000CVE-2019-1491
09.05.20237.86.8Microsoft Office Local Privilege EscalationOffice Suite SoftwareUnprovenOfficial Fix0.070.00000CVE-2023-29344
09.05.20237.86.8Microsoft SysInternals Sysmon Local Privilege EscalationUnbekanntUnprovenOfficial Fix0.030.00048CVE-2023-29343
09.05.20237.86.8Microsoft AV1 Video Extension Local Privilege EscalationUnbekanntUnprovenOfficial Fix0.000.00113CVE-2023-29341
09.05.20237.86.8Microsoft AV1 Video Extension Local Privilege EscalationUnbekanntUnprovenOfficial Fix0.040.00113CVE-2023-29340
09.05.20233.93.5Microsoft Visual Studio Code Information DisclosureProgramming Tool SoftwareProof-of-ConceptOfficial Fix0.030.00054CVE-2023-29338
09.05.20237.86.8Microsoft Windows Win32k Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.080.00051CVE-2023-29336
09.05.20236.25.4Microsoft Office Word Remote Code ExecutionOffice Suite SoftwareUnprovenOfficial Fix0.000.00182CVE-2023-29335
09.05.20233.43.0Microsoft Office Access Denial of ServiceOffice Suite SoftwareUnprovenOfficial Fix0.000.00048CVE-2023-29333
09.05.20238.17.3Microsoft Windows OLE Remote Code ExecutionOperating SystemProof-of-ConceptOfficial Fix0.220.00609CVE-2023-29325
09.05.20236.96.1Microsoft Windows MSHTML Platform Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.030.00106CVE-2023-29324
09.05.20234.23.6Microsoft Remote Desktop Information DisclosureUnbekanntUnprovenOfficial Fix0.090.00102CVE-2023-28290
09.05.20238.17.1Microsoft Windows LDAP Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.080.00641CVE-2023-28283
09.05.20234.94.3Microsoft Windows Driver Revocation List unbekannte SchwachstelleOperating SystemUnprovenOfficial Fix0.040.00048CVE-2023-28251
09.05.20237.26.3Microsoft SharePoint Server Privilege EscalationGroupware SoftwareUnprovenOfficial Fix0.030.00189CVE-2023-24955
09.05.20235.44.7Microsoft SharePoint Server Information DisclosureGroupware SoftwareUnprovenOfficial Fix0.040.00068CVE-2023-24954
09.05.20236.55.7Microsoft Excel Local Privilege EscalationSpreadsheet SoftwareUnprovenOfficial Fix0.060.00113CVE-2023-24953
09.05.20235.44.7Microsoft SharePoint Server Information DisclosureGroupware SoftwareUnprovenOfficial Fix0.030.00057CVE-2023-24950
09.05.20237.86.8Microsoft Windows Kernel Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.030.00048CVE-2023-24949
09.05.20237.76.7Microsoft Windows Bluetooth Driver Privilege EscalationOperating SystemUnprovenOfficial Fix0.040.00053CVE-2023-24948
09.05.20238.87.7Microsoft Windows Bluetooth Driver Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.130.00113CVE-2023-24947
09.05.20237.86.8Microsoft Windows Backup Service Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.050.00048CVE-2023-24946
09.05.20234.43.8Microsoft Windows iSCSI Target Service Information DisclosureOperating SystemUnprovenOfficial Fix0.000.00048CVE-2023-24945
09.05.20235.44.7Microsoft Windows Bluetooth Driver Information DisclosureOperating SystemUnprovenOfficial Fix0.030.00052CVE-2023-24944
09.05.20239.88.5Microsoft Windows Pragmatic General Multicast Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.250.01074CVE-2023-24943
09.05.20237.56.5Microsoft Windows Remote Procedure Call Runtime Denial of ServiceOperating SystemUnprovenOfficial Fix0.110.00069CVE-2023-24942
09.05.20239.88.5Microsoft Windows Network File System Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.110.78400CVE-2023-24941
09.05.20237.56.5Microsoft Windows Pragmatic General Multicast Denial of ServiceOperating SystemUnprovenOfficial Fix0.060.00069CVE-2023-24940
09.05.20237.56.5Microsoft Windows Server for NFS Denial of ServiceOperating SystemUnprovenOfficial Fix0.030.00069CVE-2023-24939
09.05.20236.76.2Microsoft Windows Secure Boot Local Privilege EscalationOperating SystemFunctionalOfficial Fix0.030.00052CVE-2023-24932
09.05.20237.56.6Microsoft Windows Remote Desktop Client Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.040.00113CVE-2023-24905
09.05.20237.56.5Microsoft Windows Installer Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.030.00048CVE-2023-24904
09.05.20238.17.1Microsoft Windows Secure Socket Tunneling Protocol Remote Code ExecutionOperating SystemUnprovenOfficial Fix0.030.00411CVE-2023-24903
09.05.20237.86.8Microsoft Windows Win32k Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.030.00048CVE-2023-24902
09.05.20236.45.5Microsoft Windows NFS Portmapper Information DisclosureOperating SystemUnprovenOfficial Fix0.030.00114CVE-2023-24901
09.05.20234.84.2Microsoft Windows NTLM Security Support Provider Information DisclosureOperating SystemUnprovenOfficial Fix0.060.00110CVE-2023-24900
09.05.20237.06.1Microsoft Windows Graphics Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.030.00043CVE-2023-24899
09.05.20237.56.5Microsoft Windows SMB Denial of ServiceOperating SystemUnprovenOfficial Fix0.000.00069CVE-2023-24898
09.05.20235.44.7Microsoft Teams Information DisclosureUnified Communication SoftwareUnprovenOfficial Fix0.200.00000CVE-2023-24881
06.05.20234.54.4Microsoft Edge unbekannte SchwachstelleWeb BrowserNot DefinedOfficial Fix0.040.00070CVE-2023-29354
06.05.20236.26.1Microsoft Edge Remote Code ExecutionWeb BrowserNot DefinedOfficial Fix0.000.00277CVE-2023-29350
28.04.20234.34.2Microsoft Edge unbekannte SchwachstelleWeb BrowserNot DefinedOfficial Fix0.030.00063CVE-2023-29334
27.04.20238.07.9Microsoft typed-rest-client Information DisclosureUnbekanntNot DefinedOfficial Fix0.030.00094CVE-2023-30846
20.04.20236.36.0Microsoft Edge sqlite PufferüberlaufWeb BrowserNot DefinedOfficial Fix0.030.00270CVE-2023-2137
20.04.20236.36.0Microsoft Edge DevTools PufferüberlaufWeb BrowserNot DefinedOfficial Fix0.030.00279CVE-2023-2135
20.04.20236.36.0Microsoft Edge Service Worker API PufferüberlaufWeb BrowserNot DefinedOfficial Fix0.030.00279CVE-2023-2134
20.04.20236.36.0Microsoft Edge Service Worker API PufferüberlaufWeb BrowserNot DefinedOfficial Fix0.030.00279CVE-2023-2133
20.04.20233.73.7Microsoft Azure Active Directory Seamless Single Sign-On Information DisclosureCloud SoftwareNot DefinedNot Defined0.030.00000

9950 weitere Einträge werden nicht mehr angezeigt

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!