Microsoft Vulnerabilidad

Cronología

Escribe

Operating System	4792
Web Browser	2406
Office Suite Software	551
Groupware Software	543
Not Defined	490

Producto

Microsoft Windows	4715
Microsoft Internet Explorer	1524
Microsoft Edge	881
Microsoft Office	524
Microsoft Excel	207

Contramedidas

Official Fix	9350
Temporary Fix	0
Workaround	27
Unavailable	125
Not Defined	498

Explotabilidad

High	215
Functional	85
Proof-of-Concept	2201
Unproven	2271
Not Defined	5228

Vector de acceso

Not Defined	0
Physical	52
Local	1377
Adjacent	211
Network	8360

Autenticación

Not Defined	0
High	302
Low	3648
None	6050

La interacción del usuario

Not Defined	0
Required	4128
None	5872

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	16
≤4	184
≤5	1146
≤6	1754
≤7	2435
≤8	2696
≤9	1103
≤10	666

CVSSv3 Temp

≤1	0
≤2	0
≤3	50
≤4	322
≤5	1572
≤6	2409
≤7	2959
≤8	1717
≤9	596
≤10	375

VulDB

≤1	0
≤2	2
≤3	113
≤4	467
≤5	1288
≤6	1222
≤7	3327
≤8	1766
≤9	1126
≤10	689

NVD

≤1	0
≤2	0
≤3	9
≤4	48
≤5	317
≤6	756
≤7	449
≤8	2286
≤9	536
≤10	106

CNA

≤1	0
≤2	0
≤3	2
≤4	6
≤5	57
≤6	116
≤7	236
≤8	508
≤9	214
≤10	25

Proveedor

≤1	0
≤2	0
≤3	16
≤4	59
≤5	837
≤6	606
≤7	784
≤8	2020
≤9	457
≤10	85

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	1
≤7	0
≤8	1
≤9	1
≤10	0

Explotar día 0

<1k	8
<2k	11
<5k	205
<10k	611
<25k	2343
<50k	2433
<100k	3621
≥100k	768

Explotar hoy

<1k	4149
<2k	573
<5k	1223
<10k	1509
<25k	2473
<50k	54
<100k	19
≥100k	0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (419): .NET (15), .NET Core (23), .NET Core SDK (1), .NET Education Bundle SDK Install Tool (1), .NET Framework (122), .NET Install Tool for Extension Authors (1), 3D Builder (16), 3D Viewer (7), 4K Wireless Display Adapter (1), 365 Apps for Enterprise (18), @azure-ms-rest-nodeauth (1), ADAL.NET (1), ADAM (1), ASP.NET (12), ASP.NET Core (25), ASP.NET Core MVC (2), ASP.NET MVC (1), ASP .NET SignalR (1), AV1 Video Extension (4), Access (12), Accessibility Insights (1), Accessibility Insights for Web (1), Active Directory Federation Services (1), ActiveSync (3), ActiveX (2), Agent (1), Anti-cross Site Scripting Library (1), App Installer (1), Application Inspector (1), Atlas framework (1), Authentication Library (1), AutoUpdate for Mac (1), Azure (1), Azure AD B2C (1), Azure AD Connect (1), Azure API Management Service (1), Azure ARC (1), Azure Active Directory (1), Azure Active Directory Connect (2), Azure Active Directory Passport (1), Azure App Service (3), Azure App Service on Azure Stack Hub (1), Azure Arc-enabled Kubernetes Cluster (1), Azure Automation (2), Azure Automation State Configuration (1), Azure Automation Update Management (1), Azure Batch (1), Azure CLI (2), Azure Cognitive Search (1), Azure Container Instance (1), Azure CycleCloud (3), Azure Data Box Gateway (1), Azure Data Explorer (1), Azure DevOps Server (29), Azure Diagnostics (1), Azure Digital Twins Explorer (1), Azure EFLOW (1), Azure Function Apps (1), Azure Functions (2), Azure Guest Configuration (1), Azure HDInsights (1), Azure IoT CLI Extension (1), Azure IoT Edge (2), Azure IoT SDK (1), Azure Kubernetes Service (4), Azure Linux Guest Agent (1), Azure Logic Apps (1), Azure Machine Learning (2), Azure Machine Learning Service (1), Azure Migrate (1), Azure Network Watcher VM Extension (1), Azure On-Premises Data Gateway (1), Azure Open Management Infrastructure (5), Azure Pack Rollup (1), Azure RTOS (6), Azure RTOS GUIX (1), Azure RTOS GUIX Studio (1), Azure RTOS USBX (2), Azure Real Time Operating System GUIX Studio (8), Azure SDK for .NET (1), Azure SDK for Java (1), Azure SSH Keypairs (1), Azure Security Center (1), Azure Sentinel (1), Azure Service Connector (1), Azure Service Fabric (4), Azure Service Fabric Explorer (1), Azure Site Recovery (1), Azure Site Recovery VMWare to Azure (80), Azure Sphere (30), Azure Spring Cloud (1), Azure Stack (1), Azure Stack Edge (2), Azure Stack Hub (1), Azure StorSimple 8000 (1), Azure Storage Blobs Client Library (2), Azure setup-kubectl (1), Bing (1), Bing Search (2), BizTalk ESB Toolkit (1), BizTalk Server (1), Bond (1), Bot Framework SDK (2), Business Productivity Servers (1), C SDK for Azure IoT (2), ChakraCore (207), Chakra Core (5), Chess Titan (1), Clarity (1), Class Package Export Tool (1), Commerce Server (1), Common Utilities (1), Compiled HTML Help (1), Container Monitoring Solution (1), Content Management Server (2), Data.OData (1), Data Access Components (4), Debug Diagnostic Tool (1), Defender (1), Defender Antimalware Platform (1), Defender Security Intelligence Updates (1), Defender for Endpoint (4), Defender for IoT (13), Desktop Client for Mac (1), Diagnostics Troubleshooting Wizard (1), Digital Image (1), DirectX (7), DirectX Media (1), Directx (1), Dynamics (1), Dynamics 365 (49), Dynamics 365 BC On Premise (2), Dynamics 365 Business Central (9), Dynamics 365 Commerce (1), Dynamics 365 Customer Engagement (1), Dynamics 365 Field Service (1), Dynamics 365 Unified Service Desk (1), Dynamics 365 for Finance (2), Dynamics 365 for Finance and Operations (3), Dynamics 365 on-premises (1), Dynamics AX (2), Dynamics CRM (4), Dynamics GP (9), Dynamics NAV (8), Edge (881), Endpoint Configuration Manager (1), Endpoint Protection (1), Enhanced Mitigation Experience Toolkit EMET (1), Enterprise Library (1), Excel (207), Excel 2010 SP2 (1), Excel Viewer (2), Exchange (25), Exchange Server (131), Exchange Srv (1), Expression Design (1), Expression Media (1), FAST ESP (1), FSLogix (1), File Checksum Integrity Verifier (1), Forefront Endpoint Protection (6), Forefront Security for Exchange Server (1), Forefront Threat Management Gateway (1), Forefront Unified Access Gateway (12), FrontPage (2), FrontPage Server Extensions (1), GitHub Pull Requests and Issues Extension (1), Groove (1), HEIF Image Extension (2), HEVC Video Extensions (41), HTML Help Workshop (2), Help Workshop (2), HoloLens 1 (1), Host Integration Server (3), Hub Device Client SDK for Azure IoT (1), Hyper-V (13), Hyperlink Object Library (1), IE for Macintosh (1), IIS (31), ISA Server (10), Identity Manager (1), Infopath (2), Interactive Training (1), Internet Authentication Service Helper Com Component (1), Internet Explorer (1524), Internet Information Services (1), Internet Security And Acceleration Server (1), Intune Management Extension (2), Intune Portal (1), JScript (1), Java SDK for Azure IoT (2), Jet (1), Jet Database Engine (2), Jupyter Extension for Visual Studio Code (1), Kubernetes Tools (1), Log Analytics Agent (1), Log Sink Class ActiveX control (1), Lync (21), Lync Server (12), Lync for Mac (1), MPEG-2 Video Extension (1), MSN Messenger (5), MSRT (1), Mail Client (1), Malicious Software Removal Tool (2), Malware Protection Engine (14), Maven for Java Extension (1), Media Format Runtime (1), Media Player (5), Media Services (1), Money (1), Mono Framework (1), NET Framework (6), NetMeeting (1), Network Watcher Agent Virtual Machine Extension for Linux (1), Nokia Asha 501 (1), NuGet (2), ODBC Driver (2), OLE DB Driver (2), Office (524), Office 365 (4), Office 365 ProPlus (1), Office App (1), Office Communicator (2), Office Compability Pack (1), Office Compatibility Pack (11), Office Converter Pack (1), Office Excel (4), Office InfoPath (1), Office LTSC (1), Office Online Server (10), Office Picture Manager (1), Office Publisher (1), Office SharePoint Server (2), Office Snapshot Viewer ActiveX (1), Office Web Apps (10), Office Web Apps Server (7), Office Web Components (1), Office Word Viewer (2), Office for Mac 2011 (1), On-Premises Data Gateway (1), OneDrive (13), OneNote (5), Open Enclave SDK (3), Open XML File Format Converter (1), Operations (2), Organization Chart (1), Outlook (56), Outlook.com (1), Outlook Express (9), Outlook Express Book Control (1), Outlook Web Access (2), Outlook Web App (1), Package Manager Configurations (1), Paint 3D (4), Passport-SAML (1), Peachtree Accounting (1), Personal Firewall (2), Photos (1), Power Apps (1), Power Automate (1), Power BI (1), PowerBI-Client JS SDK (1), Power BI Report Server (6), PowerPoint (64), PowerPoint Viewer (5), PowerShell (1), PowerShell Core (1), PowerShell Editor Services (1), PowerShell Extension for Visual Studio Code (1), PowerShellGet (1), Powerpoint (1), Print 3D (1), Project (7), Project Server (4), Publisher (22), Publisher 2003 (9), Quantum Development Kit for Visual Studio Code (1), RMS Sharing for Mac (1), RTOS GUIX (3), Raw Image Extension (13), Register Server (1), Remote Desktop Connection Client (1), Remote Desktop Connection Manager (1), Remote Desktop For Mac (1), Research JavaScript Cryptography Library (2), Rich Textbox Control (1), Rome SDK (2), SCS Add-on (1), SQL Server (41), SQL Server 2017 Reporting Services (1), SQL Server 2019 Reporting Services (1), SQL Server Management Studio (6), Secure Access (1), Security Essentials (9), Security Essentials Antimalware Engine (2), Send Customer Voice survey from Dynamics 365 (1), Service Fabric (1), SharePoint (63), SharePoint Enterprise Server (131), SharePoint Foundation (62), SharePoint Server (185), SharePoint Services (1), SharePoint Team Services (1), Sharepoint (6), Silverlight (17), Skype (14), Skype Extension (1), Skype for Android (1), Skype for Business (15), Skype for Business Server (9), Snip & Sketch (1), Snipping Tool (1), Sterling Connect Direct (1), Surface Hub (1), Surface Pro (1), Sysinternals (1), Sysinternals PsExec (1), System Center (1), System Center Endpoint Protection (8), System Center Operations Manager (7), System Center Virtual Machine Manager (1), System Information ActiveX control (1), Systems Management Server (1), Team Foundation Server (23), Teams (5), Teams Admin Center (1), Tech Companion (1), Teredo (4), Terminal Server (2), VBScript (1), VISIO (1), VP9 Video Extensions (6), Vfp Ole Server Activex Control (1), Virtual PC (3), Virtual Server (1), Visio (28), Visio Viewer (6), Visual Basic (10), Visual Basic Enterprise Edition (1), Visual C++ (1), Visual C++ Redistributable (1), Visual Database Tools Database Designer (1), Visual FoxPro (2), Visual InterDev (2), Visual Studio (104), Visual Studio .net (1), Visual Studio Code (39), Visual Studio Code Live Share Extension (1), Visual Studio Code Remote Containers Extension (1), Visual Studio Code WSL Extension (1), Visual Studio Community (1), Visual Studio Team Foundation Server (1), W3Who ISAPI (2), WMI Administrative Tools (1), WebDAV Mini-Redirector (1), Web Media Extensions (1), WebP Image Extension (1), Web Proxy (1), Whale Communication IAG (1), Windows (4715), Windows-nt (1), Windows 10 Update Assistant (2), Windows Admin Center (1), Windows Azure Sdk (1), Windows Defender (8), Windows Digital Rights Management (1), Windows Embedded (1), Windows Essentials (1), Windows Event Viewer (1), Windows Explorer (2), Windows Host Compute (1), Windows Image Acquisition Logger (1), Windows Installer (1), Windows Live Messenger (7), Windows Live Movie Maker (1), Windows Live OneCare (1), Windows Live Onecare (2), Windows Mail (3), Windows Media Center (2), Windows Media Center TV Pack (1), Windows Media Encoder (1), Windows Media Format Runtime (1), Windows Media Player (19), Windows Messenger (1), Windows Mobile (7), Windows Mobile Pocket PC (1), Windows Modern Mail (1), Windows Movie Maker (2), Windows Phone (2), Windows Search (1), Windows Server (1), Windows SharePoint Services (1), Windows Subsystem for Linux (1), Windows Sysmon (1), Windows Upgrade Assistant (1), Wireless Desktop 2000 (1), Wireless Display Adapter V2 (1), Wireless Keyboard (2), Wireless Zero Configuration system (1), Word (122), Word 2003 (1), WordPad (1), Word Viewer (4), Works (9), XML Core Services (12), Xamarin.Forms (1), Xbox 360 (2), Xbox Live (1), Xerte (1), YARP (1), Yammer (1), YourPhone App (1), Zune (1), antispyware (2), iis (2), typed-rest-client (1), winword (1), workspace-tools (1)

Link to Vendor Website: https://www.microsoft.com/

Fecha de publicación	Base	Temp	Vulnerabilidad	Prod	Exp	Con	CTI	EPSS	CVE
2023-05-06	4.5	4.4	Microsoft Edge vulnerabilidad desconocida	Web Browser	Not Defined	Official Fix	1.09	0.00046	CVE-2023-29354
2023-05-06	6.2	6.1	Microsoft Edge Remote Code Execution	Web Browser	Not Defined	Official Fix	1.33	0.00091	CVE-2023-29350
2023-04-28	4.3	4.2	Microsoft Edge vulnerabilidad desconocida	Web Browser	Not Defined	Official Fix	0.00	0.00046	CVE-2023-29334
2023-04-27	8.2	8.0	Microsoft typed-rest-client divulgación de información	Desconocido	Not Defined	Official Fix	0.08	0.00122	CVE-2023-30846
2023-04-20	3.7	3.7	Microsoft Azure Active Directory Seamless Single Sign-On divulgación de información	Cloud Software	Not Defined	Not Defined	0.00	0.00000
2023-04-15	5.7	5.6	Microsoft Malware Protection Engine Defender divulgación de información	Anti-Malware Software	Proof-of-Concept	Official Fix	0.39	0.00059	CVE-2023-24934
2023-04-14	6.3	6.3	Microsoft Azure On-Premises Data Gateway Power Platform Connector escalada de privilegios	Cloud Software	Not Defined	Not Defined	0.03	0.00000
2023-04-12	7.3	7.1	Microsoft SQL Server Remote Code Execution	Database Software	Not Defined	Official Fix	0.46	0.01074	CVE-2023-23384
2023-04-11	5.2	4.5	Microsoft Dynamics 365 cross site scripting	Desconocido	Unproven	Official Fix	0.05	0.00063	CVE-2023-28314
2023-04-11	5.2	4.5	Microsoft Send Customer Voice survey from Dynamics 365 cross site scripting	Survey Software	Unproven	Official Fix	0.05	0.00063	CVE-2023-28313
2023-04-11	5.4	4.7	Microsoft Azure Machine Learning divulgación de información	Cloud Software	Unproven	Official Fix	0.05	0.00052	CVE-2023-28312
2023-04-11	7.0	6.2	Microsoft Office Word Remote Code Execution	Office Suite Software	Proof-of-Concept	Official Fix	0.21	0.00217	CVE-2023-28311
2023-04-11	5.8	5.1	Microsoft Dynamics 365 cross site scripting	Desconocido	Unproven	Official Fix	0.05	0.00049	CVE-2023-28309
2023-04-11	6.6	5.8	Microsoft Windows DNS Server condición de carrera	Operating System	Unproven	Official Fix	0.05	0.00135	CVE-2023-28308
2023-04-11	6.6	6.1	Microsoft Windows DNS Server condición de carrera	Operating System	Unproven	Official Fix	0.17	0.00135	CVE-2023-28307
2023-04-11	6.6	6.1	Microsoft Windows DNS Server condición de carrera	Operating System	Unproven	Official Fix	0.03	0.00135	CVE-2023-28306
2023-04-11	6.6	6.1	Microsoft Windows DNS Server condición de carrera	Operating System	Unproven	Official Fix	0.05	0.00135	CVE-2023-28305
2023-04-11	7.6	7.1	Microsoft ODBC Driver/OLE DB Driver Local Privilege Escalation	Hardware Driver Software	Proof-of-Concept	Official Fix	0.05	0.00113	CVE-2023-28304
2023-04-11	7.5	6.8	Microsoft Windows Message Queuing denegación de servicio	Operating System	Unproven	Official Fix	0.00	0.00069	CVE-2023-28302
2023-04-11	7.5	6.5	Microsoft Azure Service Connector Privilege Escalation	Cloud Software	Unproven	Official Fix	0.18	0.00065	CVE-2023-28300
2023-04-11	5.1	4.8	Microsoft Visual Studio vulnerabilidad desconocida	Programming Tool Software	Proof-of-Concept	Official Fix	0.03	0.00093	CVE-2023-28299
2023-04-11	5.5	5.0	Microsoft Windows Kernel denegación de servicio	Operating System	Unproven	Official Fix	0.06	0.00048	CVE-2023-28298
2023-04-11	8.8	8.1	Microsoft Windows Remote Procedure Call Service Privilege Escalation	Operating System	Unproven	Official Fix	0.04	0.00046	CVE-2023-28297
2023-04-11	7.2	6.7	Microsoft Visual Studio Local Privilege Escalation	Programming Tool Software	Proof-of-Concept	Official Fix	0.05	0.00113	CVE-2023-28296
2023-04-11	7.0	6.1	Microsoft Publisher Remote Code Execution	Image Processing Software	Unproven	Official Fix	0.08	0.00000	CVE-2023-28295
2023-04-11	7.8	7.1	Microsoft Windows Kernel Local Privilege Escalation	Operating System	Unproven	Official Fix	0.00	0.00048	CVE-2023-28293
2023-04-11	7.3	6.7	Microsoft Raw Image Extension Remote Code Execution	Desconocido	Unproven	Official Fix	0.04	0.00113	CVE-2023-28292
2023-04-11	7.7	7.2	Microsoft Raw Image Extension Remote Code Execution	Desconocido	Unproven	Official Fix	0.05	0.00113	CVE-2023-28291
2023-04-11	5.9	5.6	Microsoft SharePoint Server divulgación de información	Groupware Software	Unproven	Official Fix	0.04	0.00054	CVE-2023-28288
2023-04-11	7.0	6.1	Microsoft Office/Publisher Remote Code Execution	Office Suite Software	Unproven	Official Fix	0.07	0.00000	CVE-2023-28287
2023-04-11	7.3	6.7	Microsoft Office Graphics Remote Code Execution	Office Suite Software	Unproven	Official Fix	0.09	0.00114	CVE-2023-28285
2023-04-11	6.6	6.1	Microsoft Windows DNS Server condición de carrera	Operating System	Unproven	Official Fix	0.47	0.00135	CVE-2023-28278
2023-04-11	4.2	3.9	Microsoft Windows DNS Server divulgación de información	Operating System	Unproven	Official Fix	0.05	0.00068	CVE-2023-28277
2023-04-11	4.7	4.3	Microsoft Windows Group Policy Local Privilege Escalation	Operating System	Unproven	Official Fix	0.00	0.00048	CVE-2023-28276
2023-04-11	8.8	8.1	Microsoft Windows WDAC OLE DB Provider for SQL Server Remote Code Execution	Operating System	Unproven	Official Fix	0.03	0.02137	CVE-2023-28275
2023-04-11	7.8	7.3	Microsoft Windows Win32k Local Privilege Escalation	Operating System	Proof-of-Concept	Official Fix	0.05	0.00048	CVE-2023-28274
2023-04-11	7.0	6.4	Microsoft Windows Clip Service condición de carrera	Operating System	Unproven	Official Fix	0.03	0.00043	CVE-2023-28273
2023-04-11	7.8	7.1	Microsoft Windows Kernel Local Privilege Escalation	Operating System	Unproven	Official Fix	0.04	0.00048	CVE-2023-28272
2023-04-11	4.8	4.4	Microsoft Windows Kernel divulgación de información	Operating System	Unproven	Official Fix	0.04	0.00048	CVE-2023-28271
2023-04-11	6.8	6.2	Microsoft Windows Lock Screen Local Privilege Escalation	Operating System	Unproven	Official Fix	0.04	0.00051	CVE-2023-28270
2023-04-11	6.3	5.9	Microsoft Windows Boot Manager Local Privilege Escalation	Operating System	Unproven	Official Fix	0.03	0.00051	CVE-2023-28269
2023-04-11	8.1	7.1	Microsoft Windows Netlogon Remote Code Execution	Operating System	Unproven	Official Fix	0.07	0.00138	CVE-2023-28268
2023-04-11	5.8	5.3	Microsoft Windows Remote Desktop Protocol Client divulgación de información	Operating System	Unproven	Official Fix	0.09	0.00145	CVE-2023-28267
2023-04-11	4.8	4.4	Microsoft Windows Common Log File System Driver divulgación de información	Operating System	Unproven	Official Fix	0.31	0.00048	CVE-2023-28266
2023-04-11	4.9	4.7	Microsoft Visual Studio divulgación de información	Programming Tool Software	Proof-of-Concept	Official Fix	0.03	0.00048	CVE-2023-28263
2023-04-11	7.8	7.3	Microsoft Visual Studio Local Privilege Escalation	Programming Tool Software	Proof-of-Concept	Official Fix	0.05	0.00048	CVE-2023-28262
2023-04-11	7.8	7.3	Microsoft Visual Studio/.NET Local Privilege Escalation	Programming Tool Software	Proof-of-Concept	Official Fix	0.05	0.00061	CVE-2023-28260
2023-04-11	6.6	6.1	Microsoft Windows DNS Server Privilege Escalation	Operating System	Unproven	Official Fix	0.31	0.00146	CVE-2023-28256
2023-04-11	6.6	6.1	Microsoft Windows DNS Server Privilege Escalation	Operating System	Unproven	Official Fix	0.23	0.00146	CVE-2023-28255
2023-04-11	7.2	6.6	Microsoft Windows DNS Server Privilege Escalation	Operating System	Unproven	Official Fix	0.00	0.00189	CVE-2023-28254

9950 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 9,950 results.

◂ AnteriorVisión de conjuntoPróximo ▸

Interested in the pricing of exploits?

See the underground prices here!