Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

microsoft graph vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2024-21632
omniauth-microsoft_graph provides an Omniauth strategy for the Microsoft Graph API. Prior to versions 2.0.0, the implementation did not validate the legitimacy of the `email` attribute of the user nor did it give/document an option to do so, making it susceptible to nOAuth miscon...
Recognizeapp Omniauth\\ \\
NA
CVE-2023-49282
msgraph-sdk-php is the Microsoft Graph Library for PHP. The Microsoft Graph PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at vendor/microsoft/microsoft-graph/tests/Ge...
Microsoft Graph
NA
CVE-2023-49283
microsoft-graph-core the Microsoft Graph Library for PHP. The Microsoft Graph Beta PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at `vendor/microsoft/microsoft-graph-...
Microsoft Graph
4
CVSSv2
CVE-2021-42306
<p>An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate <a href="https://docs.microsoft.com/en-us/graph/api/resources/keycredential?view=graph-rest-1.0">...
Microsoft Azure MigrateMicrosoft Azure Active Site RecoveryMicrosoft Azure AutomationMicrosoft Azure Active Directory
6.8
CVSSv2
CVE-2021-40444
<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p> <p&...
Microsoft Windows Server 2008 R2Microsoft Windows 10 1607Microsoft Windows Server 2016 -Microsoft Windows Server 2008 -Microsoft Windows Rt 8.1 -Microsoft Windows Server 2012 -Microsoft Windows 10 -Microsoft Windows Server 2019 -Microsoft Windows 10 1809Microsoft Windows 10 1909Microsoft Windows 10 2004Microsoft Windows Server 2016 2004Microsoft Windows 10 20h2Microsoft Windows Server 2016 20h2Microsoft Windows 10 21h1Microsoft Windows Server 2022 -Microsoft Windows 7 -Microsoft Windows 8.1 -
6.8
CVSSv2
CVE-2021-31175
Microsoft Office Remote Code Execution Vulnerability
Microsoft Excel 2013Microsoft Excel 2016Microsoft Office 2013Microsoft Office Web Apps Server 2013Microsoft Office Online Server -Microsoft Office 2019Microsoft 365 Apps -Microsoft Office 2016
6.8
CVSSv2
CVE-2021-27057
Microsoft Office Remote Code Execution Vulnerability
Microsoft Excel 2013Microsoft Excel 2016Microsoft Office Web Apps 2013Microsoft Office 2013Microsoft Office 2010Microsoft Excel 2010Microsoft Office Online Server -Microsoft Office 2016Microsoft Office 2019Microsoft 365 Apps -
7.6
CVSSv2
CVE-2007-0215
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote malicious users to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption.
Microsoft Excel 2000Microsoft Excel 2002Microsoft Office 2007Microsoft Office XpMicrosoft Office 2003Microsoft Office 2004Microsoft Excel 2003Microsoft Excel 2007Microsoft Excel Viewer 2003Microsoft Office 2000
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTICVE-2024-35863CVE-2024-35910man-in-the-middleCVE-2024-35912CVE-2024-25742LFICVE-2024-32002CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook