cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-49053,https://securityvulnerability.io/vulnerability/CVE-2024-49053,Spoofing Vulnerability in Microsoft Dynamics 365 Sales,"CVE-2024-49053 is a spoofing vulnerability in Microsoft Dynamics 365 Sales, which could allow an attacker to impersonate other users and manipulate communications within the application. This exploitation may lead to unauthorized access and manipulation of sensitive data. Organizations using this platform should apply necessary security patches and monitor their systems for any unusual activity to mitigate potential risks.",Microsoft,"Dynamics 365 Sales For Android,Dynamics 365 Sales For iOS",7.6,HIGH,0.0004900000058114529,false,true,false,true,,false,false,2024-11-26T20:15:00.000Z,0
CVE-2024-43482,https://securityvulnerability.io/vulnerability/CVE-2024-43482,Microsoft Outlook for iOS Information Disclosure Vulnerability,Microsoft Outlook for iOS Information Disclosure Vulnerability,Microsoft,Outlook For iOS,6.5,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2024-09-10T16:53:51.882Z,0
CVE-2024-38197,https://securityvulnerability.io/vulnerability/CVE-2024-38197,Microsoft Teams for iOS Spoofing Vulnerability,"A spoofing vulnerability has been identified in Microsoft Teams for iOS, posing a significant risk to user identity and information security. This vulnerability allows an attacker to impersonate legitimate users within the application, potentially leading to unauthorized access to sensitive data and user trust issues. Users of Microsoft Teams for iOS should be aware of the implications of this vulnerability and take necessary precautions to safeguard their accounts and data, as the impact of successful exploitation can lead to serious security breaches.",Microsoft,Microsoft Teams For iOS,6.5,MEDIUM,0.0006600000197067857,false,false,false,false,,false,false,2024-08-13T17:29:53.942Z,0
CVE-2024-38083,https://securityvulnerability.io/vulnerability/CVE-2024-38083,Spoofing Vulnerability Affects Microsoft Edge (Chromium-based),Microsoft Edge (Chromium-based) Spoofing Vulnerability,Microsoft,"Microsoft Edge For iOS,Microsoft Edge For Android",4.3,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2024-06-13T19:24:39.838Z,0
CVE-2024-30057,https://securityvulnerability.io/vulnerability/CVE-2024-30057,Microsoft Edge for iOS Spoofing Vulnerability,Microsoft Edge for iOS Spoofing Vulnerability,Microsoft,Microsoft Edge For iOS,5.4,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2024-06-13T19:24:38.694Z,0
CVE-2024-30041,https://securityvulnerability.io/vulnerability/CVE-2024-30041,Bing Search Spoofing Vulnerability Allows Attackers to Manipulate Search Results,Microsoft Bing Search Spoofing Vulnerability,Microsoft,Microsoft Bing Search For iOS,5.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T16:57:28.105Z,0
CVE-2023-29330,https://securityvulnerability.io/vulnerability/CVE-2023-29330,Microsoft Teams Remote Code Execution Vulnerability,"A remote code execution vulnerability has been identified in Microsoft Teams, which could allow an attacker to run arbitrary code on the affected system. This vulnerability poses significant security risks as it may enable unauthorized control over user systems. It is critical for organizations using Microsoft Teams to review their security protocols and apply available patches to mitigate potential exploitation.",Microsoft,"Microsoft Teams For Desktop,Microsoft Teams For Android,Microsoft Teams For Mac,Microsoft Teams For iOS",8.8,HIGH,0.0015999999595806003,false,false,false,false,,false,false,2023-08-08T18:15:00.000Z,0
CVE-2023-29328,https://securityvulnerability.io/vulnerability/CVE-2023-29328,Microsoft Teams Remote Code Execution Vulnerability,"A vulnerability in Microsoft Teams allows attackers to execute arbitrary code remotely, potentially compromising user systems. This flaw could be exploited via malicious content or communications within the Teams platform, leading to unauthorized actions and data breaches. Users are strongly advised to apply security updates to safeguard their installations.",Microsoft,"Microsoft Teams For Desktop,Microsoft Teams For iOS,Microsoft Teams For Android,Microsoft Teams For Mac",8.8,HIGH,0.0015999999595806003,false,false,false,false,,false,false,2023-08-08T18:15:00.000Z,0
CVE-2023-36883,https://securityvulnerability.io/vulnerability/CVE-2023-36883,Microsoft Edge for iOS Spoofing Vulnerability,Microsoft Edge for iOS Spoofing Vulnerability,Microsoft,Microsoft Edge For iOS,4.3,MEDIUM,0.07408999651670456,false,false,false,false,,false,false,2023-07-14T18:15:00.000Z,0
CVE-2023-24890,https://securityvulnerability.io/vulnerability/CVE-2023-24890,Microsoft OneDrive for iOS Security Feature Bypass Vulnerability,Microsoft OneDrive for iOS Security Feature Bypass Vulnerability,Microsoft,Onedrive For iOS,6.5,MEDIUM,0.0006699999794363976,false,false,false,false,,false,false,2023-03-14T17:15:00.000Z,0
CVE-2023-21823,https://securityvulnerability.io/vulnerability/CVE-2023-21823,Windows Graphics Component Remote Code Execution Vulnerability,"A vulnerability within the Windows Graphics Component allows remote code execution, potentially enabling an attacker to execute arbitrary code on a victim’s system. This could occur through specially crafted files or applications, thus leading users to unwittingly give malicious actors access to sensitive information or system capabilities. It is essential for users and administrators to apply security updates promptly to mitigate risks associated with this vulnerability.",Microsoft,"Microsoft Office For Android,Microsoft Office For Universal,Microsoft Office For iOS,Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 20h2,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",7.8,HIGH,0.5501499772071838,true,false,false,true,true,false,false,2023-02-14T21:15:00.000Z,0
CVE-2022-44708,https://securityvulnerability.io/vulnerability/CVE-2022-44708,Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability,Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability,Microsoft,"Microsoft Edge For iOS,Microsoft Edge (chromium-based)",8.3,HIGH,0.0027799999807029963,false,false,false,false,,false,false,2022-12-13T00:00:00.000Z,0
CVE-2022-24465,https://securityvulnerability.io/vulnerability/CVE-2022-24465,Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability,Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability,Microsoft,Intune Company Portal For iOS,3.3,LOW,0.0006900000153109431,false,false,false,false,,false,false,2022-03-09T17:07:48.000Z,0
CVE-2022-23278,https://securityvulnerability.io/vulnerability/CVE-2022-23278,Microsoft Defender for Endpoint Spoofing Vulnerability,Microsoft Defender for Endpoint Spoofing Vulnerability,Microsoft,"Microsoft Defender For Endpoint For Linux,Microsoft Defender For Endpoint For Mac,Microsoft Defender For Endpoint For Android,Microsoft Defender For Endpoint For iOS,Microsoft Defender For Endpoint For Windows,Microsoft Defender For Endpoint Edr Sensor",5.9,MEDIUM,0.05527999997138977,false,false,false,false,,false,false,2022-03-09T17:06:57.000Z,0
CVE-2022-21965,https://securityvulnerability.io/vulnerability/CVE-2022-21965,Microsoft Teams Denial of Service Vulnerability,Microsoft Teams Denial of Service Vulnerability,Microsoft,"Microsoft Teams For iOS,Microsoft Teams For Android,Microsoft Teams Admin Center",7.5,HIGH,0.0006699999794363976,false,false,false,false,,false,false,2022-02-09T16:36:22.000Z,0
CVE-2021-43220,https://securityvulnerability.io/vulnerability/CVE-2021-43220,Microsoft Edge for iOS Spoofing Vulnerability,Microsoft Edge for iOS Spoofing Vulnerability,Microsoft,Microsoft Edge For iOS,3.1,LOW,0.00215999991632998,false,false,false,false,,false,false,2021-11-24T01:05:15.000Z,0
CVE-2021-24114,https://securityvulnerability.io/vulnerability/CVE-2021-24114,Microsoft Teams iOS Information Disclosure Vulnerability,Microsoft Teams iOS Information Disclosure Vulnerability,Microsoft,Microsoft Teams For iOS,5.7,MEDIUM,0.013389999978244305,false,false,false,false,,false,false,2021-02-25T23:01:58.000Z,0
CVE-2021-1669,https://securityvulnerability.io/vulnerability/CVE-2021-1669,Windows Remote Desktop Security Feature Bypass Vulnerability,Windows Remote Desktop Security Feature Bypass Vulnerability,Microsoft,"Windows 10 Version 20h2,Windows Server Version 20h2,Windows 10 Version 1803,Windows 10 Version 1809,Windows Server 2019,Windows 10 Version 1909,Windows Server, Version 1909 (server Core Installation),Windows 10 Version 2004,Windows Server Version 2004,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Microsoft Remote Desktop For Mac,Microsoft Remote Desktop For iOS,Remote Desktop Client For Windows Desktop",8.8,HIGH,0.001230000052601099,false,false,false,false,,false,false,2021-01-12T19:42:15.000Z,0
CVE-2019-1218,https://securityvulnerability.io/vulnerability/CVE-2019-1218,Outlook iOS Spoofing Vulnerability,"A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim.
The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user.
The security update addresses the vulnerability by correcting how Outlook iOS parses specially crafted email messages.
",Microsoft,Outlook For iOS,5.4,MEDIUM,0.0005300000193528831,false,false,false,true,true,false,false,2019-08-14T20:55:05.000Z,0
CVE-2019-1182,https://securityvulnerability.io/vulnerability/CVE-2019-1182,Remote Desktop Services Remote Code Execution Vulnerability,"A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.
The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
",Microsoft,"Windows 10 Version 1703,Windows 10 Version 1803,Windows Server, Version 1803  (server Core Installation),Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows 10 Version 1709 For 32-bit Systems,Windows 10 Version 1709,Windows 10 Version 1903 For 32-bit Systems,Windows 10 Version 1903 For X64-based Systems,Windows 10 Version 1903 For Arm64-based Systems,Windows Server, Version 1903 (server Core Installation),Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows 8.1,Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation),Microsoft Remote Desktop For Android,Microsoft Remote Desktop For iOS,Microsoft Remote Desktop For Mac",9.8,CRITICAL,0.12138000130653381,false,false,false,false,,false,false,2019-08-14T20:55:04.000Z,0
CVE-2019-1181,https://securityvulnerability.io/vulnerability/CVE-2019-1181,Remote Desktop Services Remote Code Execution Vulnerability,"A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.
The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
",Microsoft,"Windows 10 Version 1703,Windows 10 Version 1803,Windows Server, Version 1803  (server Core Installation),Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows 10 Version 1709 For 32-bit Systems,Windows 10 Version 1709,Windows 10 Version 1903 For 32-bit Systems,Windows 10 Version 1903 For X64-based Systems,Windows 10 Version 1903 For Arm64-based Systems,Windows Server, Version 1903 (server Core Installation),Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows 8.1,Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation),Microsoft Remote Desktop For Android,Microsoft Remote Desktop For iOS,Microsoft Remote Desktop For Mac",9.8,CRITICAL,0.12138000130653381,false,false,false,true,true,false,false,2019-08-14T20:55:04.000Z,0
CVE-2019-1084,https://securityvulnerability.io/vulnerability/CVE-2019-1084,,"An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'.",Microsoft,"Microsoft Exchange Server,Microsoft Outlook,Microsoft Office,Microsoft Lync,Microsoft Lync Basic,Microsoft Outlook For Android,Skype For Business,Skype For Business Basic,Office 365 Proplus,Microsoft Exchange Server 2016,Microsoft Exchange Server 2019,Microsoft Exchange Server 2013,Mail And Calendar,Outlook For iOS",6.5,MEDIUM,0.0025100000202655792,false,false,false,false,,false,false,2019-07-15T18:56:21.000Z,0
CVE-1999-0524,https://securityvulnerability.io/vulnerability/CVE-1999-0524,,ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.,Microsoft,"Windows,Ios,Mac Os X,Linux Kernel,HP-ux,Aix,Mac OS,Solaris,Netware,Sco Unix,Bsdos,Os2,Tru64,Irix",,,0.8939099907875061,false,false,false,false,,false,false,1997-08-01T04:00:00.000Z,0