Microsoft Vulnerabilità

Sequenza temporale

Genere

Prodotto

Microsoft Windows5292
Microsoft Edge1006
Microsoft Internet Explorer903
Microsoft Office465
Microsoft SharePoint Server215

Contromisure

Fix ufficiale9836
Temporary fix1
Soluzione26
Non disponibile50
Non definito87

Sfruttabilità

Attaccato348
Altamente funzionale34
Funzionale44
Prova di concetto1172
Non dimostrata4043
Non definito4359

Accesso al vettore

Not Defined0
Physical136
Local1822
Adjacent235
Network7807

Autenticazione

Not Defined0
High411
Low4301
None5288

Interazione dell'utente

Not Defined0
Required4297
None5703

C3BM Index

CVSSv3 base

≤10
≤20
≤316
≤4190
≤51077
≤61611
≤72485
≤82987
≤91466
≤10168

CVSSv3 temporaneo

≤10
≤20
≤358
≤4294
≤51411
≤62122
≤73097
≤82290
≤9683
≤1045

VulDB

≤10
≤24
≤3141
≤4578
≤51311
≤61004
≤73381
≤81930
≤91461
≤10190

NVD

≤10
≤20
≤310
≤449
≤5327
≤6795
≤7499
≤82439
≤9621
≤10144

CNA

≤10
≤20
≤35
≤417
≤5165
≤6286
≤7578
≤81404
≤9672
≤1099

Fornitore

≤10
≤20
≤318
≤464
≤5889
≤6775
≤71180
≤82982
≤9920
≤10133

Research

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤81
≤91
≤100

Sfruttamento 0 giorno

<1k14
<2k12
<5k200
<10k707
<25k2547
<50k2687
<100k3285
≥100k548

Sfruttamento Oggi

<1k3727
<2k380
<5k1350
<10k1470
<25k2884
<50k183
<100k6
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (440): .NET (58), .NET Core (23), .NET Core SDK (1), .NET Education Bundle SDK Install Tool (1), .NET Framework (100), .NET Install Tool for Extension Authors (1), 3D Builder (20), 3D Viewer (10), 4K Wireless Display Adapter (1), 365 Apps for Enterprise (39), 365 Copilot (1), @azure-ms-rest-nodeauth (1), ADAL.NET (1), ASP.NET (7), ASP.NET Core (29), ASP.NET Core MVC (2), ASP.NET MVC (1), ASP .NET SignalR (1), AV1 Video Extension (6), Access (10), Accessibility Insights (1), Accessibility Insights for Web (1), Account (1), Active Directory Federation Services (1), Admin Center in Azure Portal (1), App Installer (1), Application Inspector (1), Arc Cluster Extension (1), Authentication Library (1), Authenticator (1), AutoUpdate (5), AutoUpdate for Mac (1), Azure (6), Azure AD (1), Azure AD B2C (1), Azure AD Connect (1), Azure AI Bot Service (2), Azure AI Document Intelligence Studio (1), Azure AI Face Service (1), Azure AI Playground (1), Azure AI Search (1), Azure API Management Service (2), Azure ARC (1), Azure Active Directory (1), Azure Active Directory B2C (1), Azure Active Directory Connect (2), Azure Active Directory Passport (1), Azure Agent for Backup (1), Azure Agent for Site Recovery (1), Azure App Service (3), Azure App Service on Azure Stack Hub (1), Azure Arc (1), Azure Arc-Enabled Servers (1), Azure Arc-enabled Kubernetes Cluster (1), Azure Arc Jumpstart (1), Azure Automation (4), Azure Automation State Configuration (1), Azure Automation Update Management (2), Azure Bastion (1), Azure Batch (1), Azure CLI (4), Azure Cognitive Search (1), Azure Command-Line Interface (1), Azure Compute Gallery (1), Azure Connected Machine Agent (4), Azure Container Instance (1), Azure Container Registry (1), Azure CycleCloud (7), Azure Data Box Gateway (1), Azure Data Explorer (1), Azure Data Factory (1), Azure Data Studio (1), Azure Database for PostgreSQL Flexible Server (2), Azure DevOps (1), Azure DevOps Server (39), Azure Diagnostics (1), Azure Digital Twins Explorer (2), Azure EFLOW (1), Azure File Sync (2), Azure Front Door (1), Azure Function Apps (1), Azure Functions (6), Azure Guest Configuration (1), Azure HDInsights (8), Azure Health Bot (2), Azure Health Bot Service (4), Azure Identity Library (1), Azure Identity Library for .NET (1), Azure Identity SDK (1), Azure Identity SDK for .NET (1), Azure IoT CLI Extension (1), Azure IoT Edge (2), Azure IoT SDK (3), Azure Key Vault (1), Azure Kinect SDK (1), Azure Kubernetes Service (5), Azure Kubernetes Service Confidential Container (1), Azure Kubernetes Service Confidential Containers (3), Azure Linux Guest Agent (1), Azure Local Cluster (2), Azure Logic Apps (2), Azure Machine Learning (4), Azure Machine Learning SDK (1), Azure Machine Learning Service (2), Azure Managed Instance for Apache Cassandra (1), Azure Migrate (3), Azure Monitor Agent (4), Azure Network Watcher VM Agent (2), Azure Network Watcher VM Extension (4), Azure On-Premises Data Gateway (1), Azure Open Management Infrastructure (5), Azure Pack Rollup (1), Azure Pipelines Agent (1), Azure Playwright (1), Azure Private 5G Core (1), Azure Promptflow (1), Azure RTOS (6), Azure RTOS GUIX (1), Azure RTOS GUIX Studio (2), Azure RTOS USBX (2), Azure Real Time Operating System GUIX Studio (8), Azure Resource Manager (1), Azure SDK (1), Azure SDK for .NET (1), Azure SDK for Java (1), Azure SSH Keypairs (1), Azure Science Virtual Machine (1), Azure Security Center (2), Azure Sentinel (2), Azure Service Connector (2), Azure Service Fabric (5), Azure Service Fabric Explorer (1), Azure Service Fabric for Linux (1), Azure Site Recovery (3), Azure Site Recovery VMWare to Azure (80), Azure Sphere (30), Azure Spring Cloud (1), Azure Stack (1), Azure Stack Edge (2), Azure Stack HCI (2), Azure Stack HCI OS (1), Azure Stack Hub (6), Azure StorSimple 8000 (1), Azure Storage Blobs Client Library (2), Azure Storage Movement Client Library (1), Azure Storage Mover Agent (1), Azure Storage Resource Provider (1), Azure Virtual Desktop (1), Azure Web Apps (1), Azure setup-kubectl (1), Bing (2), Bing Search (3), BizTalk ESB Toolkit (1), Bond (1), Bot Framework SDK (2), Build Tools for Visual Studio (1), Business Productivity Servers (1), C SDK for Azure IoT (2), ChakraCore (207), Chakra Core (5), Clarity (1), Clarity Plugin (1), Common Data Model SDK (1), Common Utilities (1), Compiled HTML Help (1), Configuration Manager (1), Container Monitoring Solution (2), Copilot Studio (4), CycleCloud (1), Data.OData (1), Dataverse (5), DeepSpeed (1), Defender (2), Defender Antimalware Platform (1), Defender Security Intelligence Updates (2), Defender for Cloud (1), Defender for Endpoint (8), Defender for Endpoint for Windows (1), Defender for Identity (1), Defender for IoT (20), Desktop Client for Mac (1), Diagnostics Troubleshooting Wizard (1), Dynamics (1), Dynamics 365 (74), Dynamics 365 BC On Premise (2), Dynamics 365 Business Central (15), Dynamics 365 Business Central Online (1), Dynamics 365 Commerce (1), Dynamics 365 Customer Engagement (2), Dynamics 365 Customer Insights (2), Dynamics 365 Customer Service (1), Dynamics 365 FastTrack Implementation (1), Dynamics 365 Field Service (1), Dynamics 365 Sales (2), Dynamics 365 Unified Service Desk (1), Dynamics 365 for Finance (2), Dynamics 365 for Finance and Operations (6), Dynamics 365 on-premises (1), Dynamics AX (1), Dynamics CRM (4), Dynamics CRM Service Portal Web Resource (1), Dynamics GP (5), Dynamics NAV (8), Edge (1006), Endpoint Configuration Manager (1), Endpoint Protection (1), Entra ID (1), Entra Jira Single-Sign-On Plugin (1), Excel (159), Excel 2010 SP2 (1), Exchange (11), Exchange Server (148), FSLogix (1), File Checksum Integrity Verifier (1), File Sync (1), Forefront Endpoint Protection (6), Forefront Security for Exchange Server (1), Forefront Unified Access Gateway (1), GitHub Pull Requests and Issues Extension (1), Graph (1), GroupMe (3), HEIF Image Extension (2), HEVC Video Extensions (42), HPC Pack (1), High Definition Audio Bus Driver (1), HoloLens (1), HoloLens 1 (1), Host Integration Server 2020 (1), Hub Device Client SDK for Azure IoT (1), Hyper-V (13), IIS (8), Identity Linux Broker (1), Identity Manager (1), Identity Model (1), Infopath (1), Internet Explorer (903), Intune Company Portal (1), Intune Management Extension (2), Intune Portal (1), Intune for Android Mobile Application Management (1), Jarvis (1), Java SDK for Azure IoT (2), Jupyter Extension for Visual Studio Code (2), Kubernetes Tools (1), LightGBM (1), Log Analytics Agent (2), Lync (17), Lync Server (12), Lync for Mac (1), MPEG-2 Video Extension (1), MSRT (1), Mail Client (1), Malicious Software Removal Tool (2), Malware Protection Engine (14), Marketplace SaaS (1), Maven for Java Extension (1), Microsoft Authentication Library (1), Microsoft AutoUpdate (1), Microsoft Dynamics 365 (1), Microsoft Malware Protection Platform (1), Microsoft OLE DB Provider for DB2 V7 (1), Microsoft PC Manager (1), Mono (1), Mono Framework (1), Muzic (1), Network Watcher Agent Virtual Machine Extension for Linux (1), Nokia Asha 501 (1), NuGet (3), Nuance Digital Engagement Platform (1), ODBC Driver (20), ODBC Driver for SQL Server (5), OLE DB (1), OLE DB Driver (29), OLE DB Driver for SQL Server (1), Office (465), Office 365 (4), Office 365 ProPlus (1), Office App (1), Office Compability Pack (1), Office Compatibility Pack (3), Office Excel (1), Office LTSC (4), Office Online Server (11), OfficePLUS (1), Office Web Apps (10), Office Web Apps Server (8), On-Prem Data Gateway (1), On-Premises Data Gateway (2), OneDrive (13), OneNote (9), Open Enclave SDK (3), Open Management Infrastructure (2), Operations (2), Operations Management Suite Agent (1), Outlook (65), Outlook.com (1), PC Manager (2), Package Manager Configurations (1), Paint 3D (6), PandocUpload (1), Partner Center (2), Passport-SAML (1), Photos (1), Power Apps (3), Power Automate (1), Power Automate for Desktop (4), Power BI (1), PowerBI-Client JS SDK (1), PowerBI-client JS SDK (1), Power BI Report Server (8), Power Pages (1), Power Platform (4), Power Platform Terraform Provider (1), PowerPoint (18), PowerShell (2), PowerShell Core (1), PowerShell Editor Services (1), PowerShell Extension for Visual Studio Code (1), PowerShellGet (1), Powerpoint (1), Print 3D (1), Printer Metadata Troubleshooter Tool (1), Process Explorer (1), Project (4), Project Server (3), Publisher (8), Purview (1), Python Extension for Visual Studio Code (1), Quantum Development Kit for Visual Studio Code (1), RMS Sharing for Mac (1), RTOS GUIX (3), Raw Image Extension (14), Remote Desktop (1), Remote Desktop Connection Manager (1), Remote Desktop For Mac (1), Research JavaScript Cryptography Library (2), Rome SDK (2), SCS Add-on (1), SQL Server (155), SQL Server 2017 Reporting Services (1), SQL Server 2019 Reporting Services (1), SQL Server Backend for Django (1), SQL Server Management Studio (7), Security Essentials (8), Send Customer Voice survey from Dynamics 365 (1), Send Customer Voice survey from Dynamics 365 App (1), Service Fabric (1), SharePoint (55), SharePoint Enterprise Server (132), SharePoint Foundation (59), SharePoint Server (215), Sharepoint (1), Silverlight (11), Skype (11), Skype Extension (1), Skype for Android (1), Skype for Business (15), Skype for Business Server (14), Skype for Consumer (1), Snip & Sketch (1), Snipping Tool (1), Software for Open Networking in the Cloud (1), Sterling Connect Direct (1), Surface (1), Surface Hub (2), Surface Pro (1), SysInternals Sysmon (1), Sysinternals Process Monitor (1), Sysinternals PsExec (1), System Center (1), System Center Endpoint Protection (8), System Center Operations Manager (9), System Center Virtual Machine Manager (1), Team Foundation Server (23), Teams (14), Teams Admin Center (1), Tech Companion (1), TorchGeo (1), Update Catalog (1), VP9 Video Extensions (7), VSTA (1), Visio (11), Visual C++ Redistributable (1), Visual C++ Redistributable Installer (1), Visual Studio (174), Visual Studio Code (51), Visual Studio Code Extension (1), Visual Studio Code JS Debug Extension (1), Visual Studio Code Live Share Extension (1), Visual Studio Code Python Extension (1), Visual Studio Code Remote (1), Visual Studio Code Remote Containers Extension (1), Visual Studio Code WSL Extension (1), Visual Studio Community (1), Web Media Extensions (1), WebP Image Extension (1), Windows (5292), Windows 10 Update Assistant (2), Windows Admin Center (4), Windows App Installer (1), Windows Defender (8), Windows Defender Antimalware Platform (2), Windows Host Compute (1), Windows Live Movie Maker (1), Windows Media Center (2), Windows Media Player (3), Windows SDK (1), Windows Security App (1), Windows Server (1), Windows Subsystem for Linux (1), Windows Sysmon (1), Windows Upgrade Assistant (1), Wireless Desktop 2000 (1), Wireless Display Adapter V2 (1), Wireless Keyboard (1), Word (80), Word Viewer (3), XML Core Services (2), Xamarin.Forms (1), Xbox Gaming Services (1), Xbox Live (1), Xerte (1), YARP (2), Yammer (1), YourPhone App (1), airlift.microsoft.com (1), az functionapp config appsettings delete (1), az functionapp config appsettings set (1), az logicapp config appsettings delete (1), az logicapp config appsettings set (1), az staticwebapp appsettings delete (1), az staticwebapp appsettings set (1), az webapp config appsettings delete (1), az webapp config appsettings set (1), go-crypto-winnative (1), msagsfeedback.azurewebsites.net (1), msgraph-sdk-php (1), msgraph-sdk-php-core (1), typed-rest-client (1), workspace-tools (1)

Link to Vendor Website: https://www.microsoft.com/

Data di pubblicazioneBaseTempVulnerabilitàProdSfrConEPSSCTICVE
20/06/20256.46.0Microsoft Dynamics 365 FastTrack Implementation rivelazione di un 'informazioneEnterprise Resource Planning SoftwareNon dimostrataFix ufficiale0.000660.09CVE-2025-49715
11/06/20258.37.8Microsoft 365 Copilot AI escalazione di privilegiSconosciutoNon dimostrataFix ufficiale0.001370.04CVE-2025-32711
11/06/20257.37.2Microsoft 365 Apps for Enterprise Word buffer overflowSconosciutoNon definitoFix ufficiale0.000570.10CVE-2025-32717
10/06/20253.32.9Microsoft Windows Virtualization-Based Security rivelazione di un 'informazioneOperating SystemNon dimostrataFix ufficiale0.000580.03CVE-2025-47969
10/06/20257.86.8Microsoft AutoUpdate escalazione di privilegiSconosciutoNon dimostrataFix ufficiale0.000730.04CVE-2025-47968
10/06/20257.86.8Microsoft Windows SDK escalazione di privilegiOperating SystemNon dimostrataFix ufficiale0.000450.00CVE-2025-47962
10/06/20256.45.9Microsoft Visual Studio escalazione di privilegiProgramming Tool SoftwareNon dimostrataFix ufficiale0.000570.08CVE-2025-47959
10/06/20257.36.4Microsoft Word buffer overflowWord Processing SoftwareNon dimostrataFix ufficiale0.000570.00CVE-2025-47957
10/06/20254.43.8Microsoft Windows Security App escalazione di privilegiOperating SystemNon dimostrataFix ufficiale0.000840.00CVE-2025-47956
10/06/20257.86.8Microsoft Windows Remote Access Connection Manager escalazione di privilegiOperating SystemNon dimostrataFix ufficiale0.000450.03CVE-2025-47955
10/06/20257.36.4Microsoft Office Remote Code ExecutionOffice Suite SoftwareNon dimostrataFix ufficiale0.000610.05CVE-2025-47953
10/06/20257.36.7Microsoft Outlook directory traversalGroupware SoftwareNon dimostrataFix ufficiale0.000550.00CVE-2025-47176
10/06/20257.06.1Microsoft PowerPoint buffer overflowPresentation SoftwareNon dimostrataFix ufficiale0.000620.00CVE-2025-47175
10/06/20257.06.1Microsoft Excel buffer overflowSpreadsheet SoftwareNon dimostrataFix ufficiale0.000620.04CVE-2025-47174
10/06/20257.06.1Microsoft Office Remote Code ExecutionOffice Suite SoftwareNon dimostrataFix ufficiale0.000530.00CVE-2025-47173
10/06/20257.56.6Microsoft SharePoint Server sql injectionGroupware SoftwareNon dimostrataFix ufficiale0.001510.08CVE-2025-47172
10/06/20255.85.1Microsoft Outlook escalazione di privilegiGroupware SoftwareNon dimostrataFix ufficiale0.000650.04CVE-2025-47171
10/06/20257.06.1Microsoft Word buffer overflowWord Processing SoftwareNon dimostrataFix ufficiale0.000620.08CVE-2025-47170
10/06/20257.06.1Microsoft Word buffer overflowWord Processing SoftwareNon dimostrataFix ufficiale0.000620.00CVE-2025-47169
10/06/20257.06.1Microsoft Word buffer overflowWord Processing SoftwareNon dimostrataFix ufficiale0.000620.00CVE-2025-47168
10/06/20257.36.4Microsoft Office escalazione di privilegiOffice Suite SoftwareNon dimostrataFix ufficiale0.001470.04CVE-2025-47167
10/06/20258.87.7Microsoft SharePoint Server escalazione di privilegiGroupware SoftwareNon dimostrataFix ufficiale0.005620.00CVE-2025-47166
10/06/20257.06.1Microsoft Excel buffer overflowSpreadsheet SoftwareNon dimostrataFix ufficiale0.000620.08CVE-2025-47165
10/06/20257.36.4Microsoft Office buffer overflowOffice Suite SoftwareNon dimostrataFix ufficiale0.000570.05CVE-2025-47164
10/06/20258.87.7Microsoft SharePoint Server escalazione di privilegiGroupware SoftwareNon dimostrataFix ufficiale0.005620.04CVE-2025-47163
10/06/20257.36.4Microsoft Office buffer overflowOffice Suite SoftwareNon dimostrataFix ufficiale0.000570.03CVE-2025-47162
10/06/20255.44.7Microsoft Windows Shortcut Files escalazione di privilegiOperating SystemNon dimostrataFix ufficiale0.000640.00CVE-2025-47160
10/06/20257.86.8Microsoft Windows Installer escalazione di privilegiOperating SystemNon dimostrataFix ufficiale0.000550.04CVE-2025-33075
10/06/20258.87.9Microsoft Windows SMB Client escalazione di privilegiOperating SystemProva di concettoFix ufficiale0.003230.02CVE-2025-33073
10/06/20258.17.1Microsoft Windows KDC Proxy Service buffer overflowOperating SystemNon dimostrataFix ufficiale0.001160.05CVE-2025-33071
10/06/20258.17.1Microsoft Windows Netlogon Remote Code ExecutionOperating SystemNon dimostrataFix ufficiale0.003500.03CVE-2025-33070
10/06/20255.24.6Microsoft Windows App Control for Business autenticazione deboleOperating SystemNon dimostrataFix ufficiale0.000210.04CVE-2025-33069
10/06/20257.56.5Microsoft Windows Standards-Based Storage Management Service denial of serviceOperating SystemNon dimostrataFix ufficiale0.021400.00CVE-2025-33068
10/06/20258.47.3Microsoft Windows Task Scheduler escalazione di privilegiOperating SystemNon dimostrataFix ufficiale0.000560.03CVE-2025-33067
10/06/20258.87.7Microsoft Windows Routing/Remote Access Service buffer overflowOperating SystemNon dimostrataFix ufficiale0.000620.03CVE-2025-33066
10/06/20255.54.8Microsoft Windows Storage Management Provider rivelazione di un 'informazioneOperating SystemNon dimostrataFix ufficiale0.000420.05CVE-2025-33065
10/06/20258.87.7Microsoft Windows Routing/Remote Access Service buffer overflowOperating SystemNon dimostrataFix ufficiale0.000700.00CVE-2025-33064
10/06/20254.43.8Microsoft Windows Storage Management Provider rivelazione di un 'informazioneOperating SystemNon dimostrataFix ufficiale0.000420.07CVE-2025-33063
10/06/20254.43.8Microsoft Windows Storage Management Provider rivelazione di un 'informazioneOperating SystemNon dimostrataFix ufficiale0.000420.04CVE-2025-33062
10/06/20254.43.8Microsoft Windows Storage Management Provider rivelazione di un 'informazioneOperating SystemNon dimostrataFix ufficiale0.000420.08CVE-2025-33061
10/06/20254.43.8Microsoft Windows Storage Management Provider rivelazione di un 'informazioneOperating SystemNon dimostrataFix ufficiale0.000420.04CVE-2025-33060
10/06/20254.43.8Microsoft Windows Storage Management Provider rivelazione di un 'informazioneOperating SystemNon dimostrataFix ufficiale0.000420.03CVE-2025-33059
10/06/20254.43.8Microsoft Windows Storage Management Provider rivelazione di un 'informazioneOperating SystemNon dimostrataFix ufficiale0.000420.04CVE-2025-33058
10/06/20256.55.7Microsoft Windows Local Security Authority denial of serviceOperating SystemNon dimostrataFix ufficiale0.001460.04CVE-2025-33057
10/06/20257.56.5Microsoft Windows Local Security Authority denial of serviceOperating SystemNon dimostrataFix ufficiale0.001080.00CVE-2025-33056
10/06/20254.43.8Microsoft Windows Storage Management Provider rivelazione di un 'informazioneOperating SystemNon dimostrataFix ufficiale0.000420.09CVE-2025-33055
10/06/20258.88.5Microsoft Windows Web Distributed Authoring/Versioning escalazione di privilegiOperating SystemAttaccatoFix ufficiale0.164970.02CVE-2025-33053
10/06/20254.43.8Microsoft Windows DWM Core Library rivelazione di un 'informazioneOperating SystemNon dimostrataFix ufficiale0.001080.00CVE-2025-33052
10/06/20257.56.5Microsoft Windows DHCP Server Service escalazione di privilegiOperating SystemNon dimostrataFix ufficiale0.001380.04CVE-2025-33050
10/06/20257.56.5Microsoft Windows DHCP Server Service escalazione di privilegiOperating SystemNon dimostrataFix ufficiale0.001380.03CVE-2025-32725

9950 non vengono visualizzate più voci

Interested in the pricing of exploits?

See the underground prices here!