cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21415,https://securityvulnerability.io/vulnerability/CVE-2025-21415,Authentication Bypass in Azure AI Face Service by Microsoft,"The Azure AI Face Service is vulnerable to an authentication bypass which can be exploited through spoofing techniques. When successfully executed, this vulnerability allows an authorized attacker to elevate their privileges over a network, potentially leading to unauthorized access to sensitive resources and data. Organizations utilizing Azure AI Face Service should review their security measures and apply any available updates or patches to mitigate risks associated with this vulnerability.",Microsoft,Azure Ai Face Service,9.9,CRITICAL,0.0006900000153109431,false,,true,false,true,2025-02-04T08:17:36.000Z,false,false,false,,2025-01-29T22:42:01.411Z,1162
CVE-2025-21293,https://securityvulnerability.io/vulnerability/CVE-2025-21293,Active Directory Elevation of Privilege Vulnerability in Microsoft Products,"This vulnerability in Active Directory Domain Services allows attackers to gain elevated privileges within the system, potentially leading to unauthorized access and control over sensitive resources. By exploiting this flaw, an attacker could perform actions that exceed their intended access rights, resulting in significant security risks for affected environments. It is essential for administrators to implement appropriate security measures and updates to protect their systems against this vulnerability.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",8.8,HIGH,0.0005300000193528831,false,,true,false,true,2025-02-04T03:26:26.000Z,false,true,false,,2025-01-14T18:03:48.110Z,4470
CVE-2025-21210,https://securityvulnerability.io/vulnerability/CVE-2025-21210,Information Disclosure Vulnerability in Windows BitLocker by Microsoft,"The vulnerability in Windows BitLocker pertains to information disclosure, where sensitive data could potentially be exposed to unauthorized users. This flaw could allow attackers to gain access to restricted information, highlighting the importance of timely updates and awareness of security practices. For detailed information and mitigation strategies, users are recommended to refer to the official advisory.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",4.2,MEDIUM,0.0005300000193528831,false,,true,false,true,2025-01-21T11:13:42.000Z,false,false,false,,2025-01-14T18:03:23.882Z,1730
CVE-2025-21298,https://securityvulnerability.io/vulnerability/CVE-2025-21298,Windows OLE Remote Code Execution Vulnerability in Microsoft Products,"The Windows OLE Remote Code Execution Vulnerability allows an attacker to execute arbitrary code on an affected system via maliciously crafted OLE objects. Successful exploitation could enable attackers to install programs; view, change, or delete data; or create new accounts with full user rights. It's imperative for users to apply the necessary patches and updates provided by Microsoft to mitigate risks associated with this vulnerability.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",9.8,CRITICAL,0.0005300000193528831,false,,true,false,true,2025-01-16T12:50:00.000Z,true,true,true,2025-01-23T21:52:02.479Z,2025-01-14T18:03:51.083Z,14934
CVE-2025-21385,https://securityvulnerability.io/vulnerability/CVE-2025-21385,Server-Side Request Forgery Vulnerability in Microsoft Purview,"A Server-Side Request Forgery (SSRF) vulnerability exists in Microsoft Purview, enabling an authorized attacker to exploit the application to disclose sensitive information over a network. This flaw can allow unauthorized access to internal resources, leading to potential data leakage and compromising the integrity of the system. It is crucial for organizations using Microsoft Purview to implement appropriate security measures and apply updates as they become available to mitigate the risks associated with this vulnerability.",Microsoft,Microsoft Purview,8.8,HIGH,0.0005000000237487257,false,,false,false,true,2025-01-16T09:14:12.000Z,true,false,false,,2025-01-09T22:15:00.000Z,0
CVE-2025-21224,https://securityvulnerability.io/vulnerability/CVE-2025-21224,Remote Code Execution Vulnerability in Windows Line Printer Daemon Service,"The Windows Line Printer Daemon (LPD) Service is susceptible to a Remote Code Execution vulnerability, which allows attackers to execute arbitrary code on affected systems. This could potentially lead to unauthorized access, data manipulation, or a complete system compromise. It is vital for users and administrators to apply the necessary patches and updates to mitigate this security risk.",Microsoft,"Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025",8.1,HIGH,0.0005300000193528831,false,,true,false,true,2025-01-15T06:21:39.000Z,false,false,false,,2025-01-14T18:04:22.623Z,0
CVE-2025-21354,https://securityvulnerability.io/vulnerability/CVE-2025-21354,Remote Code Execution Vulnerability in Microsoft Excel,"A remote code execution vulnerability exists in Microsoft Excel that could allow an attacker to execute arbitrary code on the affected system if a user opens a specially crafted Office file. This vulnerability can pose significant risks, allowing unauthorized access to sensitive data and control over the user's machine.",Microsoft,"Office Online Server,Microsoft Office 2019,Microsoft 365 Apps For Enterprise,Microsoft Office Ltsc For Mac 2021,Microsoft Office Ltsc 2021,Microsoft Office Ltsc 2024,Microsoft Office Ltsc For Mac 2024",8.4,HIGH,0.0005000000237487257,false,,true,false,true,2025-01-14T21:55:39.000Z,false,false,false,,2025-01-14T18:04:05.861Z,0
CVE-2025-21335,https://securityvulnerability.io/vulnerability/CVE-2025-21335,Elevation of Privilege Vulnerability in Windows Hyper-V by Microsoft,"The vulnerability in Windows Hyper-V's NT Kernel Integration affects the Virtual Service Provider (VSP), potentially allowing attackers to elevate privileges within the affected system. Successful exploitation could lead to unauthorized access to system resources and sensitive data. The flaw highlights the importance of promptly securing the Hyper-V environment and monitoring for unusual activities that may indicate exploitation attempts.",Microsoft,"Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025",7.8,HIGH,0.0009800000116229057,true,2025-01-14T00:00:00.000Z,false,false,true,2025-01-14T00:00:00.000Z,false,false,false,,2025-01-14T18:04:17.808Z,0
CVE-2025-21334,https://securityvulnerability.io/vulnerability/CVE-2025-21334,Elevated Privilege Vulnerability in Windows Hyper-V by Microsoft,"A vulnerability exists in the Windows Hyper-V integration components that allows an attacker to elevate their privileges. By exploiting this issue, a malicious user could gain increased access to the system, potentially leading to unauthorized tasks or executing harmful applications. Microsoft has released a detailed advisory on this vulnerability, encouraging users to apply patches and updates to mitigate the risks associated with it.",Microsoft,"Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025",7.8,HIGH,0.0009800000116229057,true,2025-01-14T00:00:00.000Z,false,false,true,2025-01-14T00:00:00.000Z,false,false,false,,2025-01-14T18:04:51.608Z,0
CVE-2025-21333,https://securityvulnerability.io/vulnerability/CVE-2025-21333,Elevated Privilege Exposure in Windows Hyper-V by Microsoft,"A vulnerability has been identified in Windows Hyper-V, specifically related to the NT Kernel Integration Virtual Service Provider (VSP). This flaw allows an attacker to gain elevated privileges through carefully crafted input, potentially leading to unauthorized access and control over the host system. Users of Windows Hyper-V on various Windows platforms should prioritize applying security updates to mitigate risks associated with this vulnerability. For more details, visit the Microsoft Security Response Center.",Microsoft,"Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025",7.8,HIGH,0.0005099999834783375,true,2025-01-14T00:00:00.000Z,false,false,true,2025-01-14T00:00:00.000Z,false,true,false,,2025-01-14T18:04:50.962Z,5087
CVE-2024-49113,https://securityvulnerability.io/vulnerability/CVE-2024-49113,Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability,"The Windows Lightweight Directory Access Protocol (LDAP) Denial of Service vulnerability can cause significant disruptions in the availability of directory services. This issue arises from insufficient handling of certain types of LDAP requests, leading to scenarios where a targeted denial of service attack may disrupt normal operations. Organizations utilizing affected versions of Windows Server and Windows operating systems should be aware of the potential impact on their directory services operations and consider implementing recommended security updates to mitigate risks.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",7.5,HIGH,0.0005200000014156103,false,,true,false,true,2025-01-09T13:16:06.000Z,,true,false,,2024-12-12T02:04:00.000Z,5680
CVE-2024-30085,https://securityvulnerability.io/vulnerability/CVE-2024-30085,Elevation of Privilege Vulnerability in Microsoft Windows Cloud Files Mini Filter Driver,"The Windows Cloud Files Mini Filter Driver contains a vulnerability that could allow an attacker to execute arbitrary code with elevated privileges on affected systems. By manipulating the Mini Filter Driver, an attacker can bypass security measures that protect user data and system integrity. This vulnerability poses significant risks, especially in environments that rely heavily on cloud file services. It is crucial for organizations to apply security patches and implement best practices to mitigate potential exploitation risks.",Microsoft,"Windows 11 Version 21h2,Windows Server 2022,Windows 10 Version 1809,Windows Server 2019 (server Core Installation),Windows Server 2019,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 11 Version 22h3,Windows 10 Version 22h2,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation)",7.8,HIGH,0.0005499999970197678,false,,true,false,true,2024-12-20T08:29:09.000Z,true,true,false,,2024-06-11T16:59:54.339Z,2985
CVE-2024-49117,https://securityvulnerability.io/vulnerability/CVE-2024-49117,Remote Code Execution Vulnerability in Windows Hyper-V,"CVE-2024-49117 is a critical remote code execution vulnerability found in Microsoft Windows Hyper-V, which could allow an attacker to execute arbitrary code on the host system. This vulnerability arises from improper validation of input data in the Hyper-V product, potentially enabling unauthorized access and control over virtual machines. Successful exploitation may lead to the attacker gaining elevated privileges, impacting the security and stability of affected systems. Microsoft has provided guidance and updates to address this vulnerability and protect users from potential exploits.",Microsoft,"Windows Server 2022,Windows 11 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025",8.8,HIGH,0.0005200000014156103,false,,false,false,true,2024-12-18T06:03:12.000Z,true,false,false,,2024-12-12T02:04:00.000Z,0
CVE-2024-49112,https://securityvulnerability.io/vulnerability/CVE-2024-49112,Remote Code Execution Vulnerability in Windows Lightweight Directory Access Protocol,"A vulnerability exists within the Windows Lightweight Directory Access Protocol (LDAP), which allows for the execution of remote code. This flaw could enable an attacker to send specially crafted requests to the LDAP server, leading to potential unauthorized access and manipulation of system resources. Organizations utilizing affected versions of Windows should prioritize patching to mitigate the risk associated with this vulnerability.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",9.8,CRITICAL,0.0005200000014156103,false,,false,false,true,2024-12-16T22:41:40.000Z,true,true,true,2024-12-16T23:52:02.237Z,2024-12-12T02:04:00.000Z,22917
CVE-2024-49138,https://securityvulnerability.io/vulnerability/CVE-2024-49138,Windows Common Log File System Driver Elevation of Privilege Vulnerability,"The vulnerability in the Windows Common Log File System Driver allows attackers to gain elevated privileges on affected Windows systems. This can lead to unauthorized actions being performed, potentially compromising system integrity. Proper security measures and timely updates are essential to protect against exploitation. Users are urged to apply the necessary patches to mitigate risks associated with this vulnerability, ensuring their systems remain secure against potential threats. For further details on remediation, please refer to the official vendor advisory.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows Server 2025 (server Core Installation),Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",7.8,HIGH,0.000539999979082495,true,2024-12-10T00:00:00.000Z,true,false,true,2024-12-10T00:00:00.000Z,true,true,false,,2024-12-12T02:04:00.000Z,5242
CVE-2024-49053,https://securityvulnerability.io/vulnerability/CVE-2024-49053,Spoofing Vulnerability in Microsoft Dynamics 365 Sales,"CVE-2024-49053 is a spoofing vulnerability in Microsoft Dynamics 365 Sales, which could allow an attacker to impersonate other users and manipulate communications within the application. This exploitation may lead to unauthorized access and manipulation of sensitive data. Organizations using this platform should apply necessary security patches and monitor their systems for any unusual activity to mitigate potential risks.",Microsoft,"Dynamics 365 Sales For Android,Dynamics 365 Sales For iOS",7.6,HIGH,0.00046999999904073775,false,,true,false,true,2024-11-29T09:34:46.000Z,,false,false,,2024-11-26T20:15:00.000Z,0
CVE-2024-49035,https://securityvulnerability.io/vulnerability/CVE-2024-49035,Elevation of Privilege Vulnerability in Partner.Microsoft.com,"The articles discuss several significant security vulnerabilities affecting Microsoft's artificial intelligence, cloud infrastructure, and enterprise platforms. One flaw, identified as CVE-2024-49035, is currently being exploited in the wild and allows unauthorized attackers to elevate their privileges through Partner.Microsoft.com. Other vulnerabilities affect Copilot Studio, Azure PolicyWatch, and Microsoft Dynamics 365 Sales, with potential impacts on data security and business operations. Security updates have been implemented, but organizations are urged to apply patches promptly to protect against potential attacks.",Microsoft,Microsoft Partner Center,8.7,HIGH,0.0019000000320374966,false,,true,false,true,2024-11-29T00:00:00.000Z,,false,false,,2024-11-26T20:15:00.000Z,0
CVE-2024-43625,https://securityvulnerability.io/vulnerability/CVE-2024-43625,Microsoft Windows VMSwitch Elevation of Privilege Vulnerability,"The Microsoft Windows VMSwitch Elevation of Privilege Vulnerability allows potential attackers to gain elevated access to system resources due to flawed access controls. When exploited, this vulnerability could enable an attacker to execute unauthorized commands or access sensitive information by leveraging the weaknesses in the VMSwitch component. Prompt action to address this vulnerability is recommended to maintain system security and prevent possible exploitation.",Microsoft,"Windows Server 2022,Windows 11 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows Server 2025,Windows Server 2025 (server Core Installation)",8.1,HIGH,0.0006300000241026282,false,,true,false,true,2024-11-13T00:54:46.000Z,,false,false,,2024-11-12T18:15:00.000Z,0
CVE-2024-49040,https://securityvulnerability.io/vulnerability/CVE-2024-49040,Microsoft Exchange Server Spoofing Vulnerability,"This vulnerability in Microsoft Exchange Server allows attackers to exploit the email system through spoofing techniques. By manipulating the perception of sender authenticity, unauthorized users can send malicious email communications that appear trustworthy. This compromises the integrity of email transactions and poses a threat to organizational security. Companies utilizing affected versions of Microsoft Exchange are urged to implement necessary patches and updates to safeguard against potential attacks.",Microsoft,"Microsoft Exchange Server 2019 Cumulative Update 13,Microsoft Exchange Server 2019 Cumulative Update 14,Microsoft Exchange Server 2016 Cumulative Update 23",7.5,HIGH,0.0007300000288523734,false,,true,false,true,2024-11-12T21:45:53.000Z,,false,false,,2024-11-12T18:15:00.000Z,0
CVE-2024-49039,https://securityvulnerability.io/vulnerability/CVE-2024-49039,Elevation of Privilege Vulnerability Affects Windows Task Scheduler,"The vulnerability in the Windows Task Scheduler allows attackers to gain elevated privileges on affected systems. Exploitation of this flaw could enable unauthorized access to sensitive data and system controls, posing significant risks to organizational security. This vulnerability underscores the importance of timely patch management and security updates to protect against potential threats.",Microsoft,"Windows Server 2025,Windows Server 2025 (server Core Installation),Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation)",8.8,HIGH,0.006769999861717224,true,2024-11-12T00:00:00.000Z,true,true,true,2024-11-12T00:00:00.000Z,true,true,false,,2024-11-12T18:15:00.000Z,2026
CVE-2024-43451,https://securityvulnerability.io/vulnerability/CVE-2024-43451,Windows Under Attack: NTLM Hash Disclosure Spoofing Vulnerability Threatens User Credentials,"The NTLM hash disclosure spoofing vulnerability allows an attacker to exploit the NTLM authentication protocol, potentially leading to unauthorized access to sensitive information. This vulnerability can facilitate attacks by disclosing hashed credentials, which may be leveraged for further exploitation within the affected systems. Organizations utilizing affected Microsoft products should apply security recommendations promptly to mitigate any risks associated with this vulnerability.",Microsoft,"Windows Server 2025,Windows Server 2025 (server Core Installation),Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",6.5,MEDIUM,0.013269999995827675,true,2024-11-12T00:00:00.000Z,true,true,true,2024-11-12T00:00:00.000Z,true,true,false,,2024-11-12T18:15:00.000Z,9235
CVE-2024-38030,https://securityvulnerability.io/vulnerability/CVE-2024-38030,Windows Themes Spoofing Vulnerability: A Growing Concern,Windows Themes Spoofing Vulnerability,Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",6.5,MEDIUM,0.0035099999513477087,false,,true,false,true,2024-10-29T16:21:44.000Z,,false,false,,2024-07-09T17:15:00.000Z,0
CVE-2024-43532,https://securityvulnerability.io/vulnerability/CVE-2024-43532,Windows Registry Service Elevation of Privilege Vulnerability,"The vulnerability identified as CVE-2024-43532 affects the Windows Registry service, allowing for an elevation of privilege. Exploit code for this vulnerability has been made public, and it enables attackers to take control of a Windows domain by downgrading the security of the authentication process. This flaw affects multiple versions of Windows server software, as well as Windows 10 and 11. Exploiting CVE-2024-43532 could lead to the creation of new domain administrator accounts, and it has been used in a NTLM relay attack by threat actors, including the LockFile ransomware gang. The vulnerability was initially reported to Microsoft in February, with a fix released three months later. The release of a working proof-of-concept and exploitation process demonstrates the potential severity of this vulnerability, highlighting the need for vigilance and mitigation efforts.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 11 Version 24h2,Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",8.8,HIGH,0.00046999999904073775,false,,true,false,true,2024-10-22T04:52:25.000Z,,false,false,,2024-10-08T17:35:25.035Z,0
CVE-2024-38094,https://securityvulnerability.io/vulnerability/CVE-2024-38094,Microsoft SharePoint Remote Code Execution Vulnerability,"A vulnerability in Microsoft SharePoint allows remote attackers to execute arbitrary code on affected installations. This flaw could enable malicious actors to manipulate SharePoint environments, leading to unauthorized access and potential exposure of sensitive information. Organizations using SharePoint should apply necessary patches and updates to mitigate risks associated with this vulnerability, ensuring the security of their data and services.",Microsoft,"Microsoft Sharepoint Enterprise Server 2016,Microsoft Sharepoint Server 2019,Microsoft Sharepoint Server Subscription Edition",7.2,HIGH,0.004980000201612711,true,2024-10-22T00:00:00.000Z,true,false,true,2024-10-22T00:00:00.000Z,,false,false,,2024-07-09T17:15:00.000Z,0
CVE-2024-30090,https://securityvulnerability.io/vulnerability/CVE-2024-30090,Elevation of Privilege Vulnerability Affects Microsoft Streaming Service,"The vulnerability related to the Microsoft Streaming Service presents an elevation of privilege risk, which allows an attacker to execute code at a higher privilege level than intended. This flaw could potentially enable unauthorized actions within the affected product's environment, compromising the integrity of systems utilizing the service. To mitigate this risk, users are encouraged to apply security patches provided by Microsoft as detailed in their official advisory.",Microsoft,"Windows 10 Version 1809,Windows Server 2019,Windows Server 2019 (server Core Installation),Windows Server 2022,Windows 11 Version 21h2,Windows 10 Version 21h2,Windows 11 Version 22h2,Windows 10 Version 22h2,Windows 11 Version 22h3,Windows 11 Version 23h2,Windows Server 2022, 23h2 Edition (server Core Installation),Windows 10 Version 1507,Windows 10 Version 1607,Windows Server 2016,Windows Server 2016 (server Core Installation),Windows Server 2008 Service Pack 2,Windows Server 2008 Service Pack 2 (server Core Installation),Windows Server 2008  Service Pack 2,Windows Server 2008 R2 Service Pack 1,Windows Server 2008 R2 Service Pack 1 (server Core Installation),Windows Server 2012,Windows Server 2012 (server Core Installation),Windows Server 2012 R2,Windows Server 2012 R2 (server Core Installation)",7,HIGH,0.0004799999878741801,false,,false,false,true,2024-10-17T17:38:47.000Z,true,false,false,,2024-06-11T16:59:57.115Z,0