Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft graph vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-21632
omniauth-microsoft_graph provides an Omniauth strategy for the Microsoft Graph API. Prior to versions 2.0.0, the implementation did not validate the legitimacy of the `email` attribute of the user nor did it give/document an option to do so, making it susceptible to nOAuth miscon...
Recognizeapp Omniauth\\ \\
5.3
CVSSv3
CVE-2023-49282
msgraph-sdk-php is the Microsoft Graph Library for PHP. The Microsoft Graph PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at vendor/microsoft/microsoft-graph/tests/Ge...
Microsoft Graph
5.3
CVSSv3
CVE-2023-49283
microsoft-graph-core the Microsoft Graph Library for PHP. The Microsoft Graph Beta PHP SDK published packages which contained test code that enabled the use of the phpInfo() function from any application that could access and execute the file at `vendor/microsoft/microsoft-graph-...
Microsoft Graph
8.1
CVSSv3
CVE-2021-42306
<p>An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate <a href="https://docs.microsoft.com/en-us/graph/api/resources/keycredential?view=graph-rest-1.0">...
Microsoft Azure Migrate
Microsoft Azure Active Site Recovery
Microsoft Azure Automation
Microsoft Azure Active Directory
1 Article
8.8
CVSSv3
CVE-2021-40444
<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p> <p&...
Microsoft Windows Server 2008 R2
Microsoft Windows 10 1607
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 2004
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
Microsoft Windows 10 21h1
Microsoft Windows Server 2022 -
Microsoft Windows 7 -
Microsoft Windows 8.1 -
59 Github repositories
8 Articles
7.8
CVSSv3
CVE-2021-31175
Microsoft Office Remote Code Execution Vulnerability
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office 2013
Microsoft Office Web Apps Server 2013
Microsoft Office Online Server -
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office 2016
7.8
CVSSv3
CVE-2021-27057
Microsoft Office Remote Code Execution Vulnerability
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Office Web Apps 2013
Microsoft Office 2013
Microsoft Office 2010
Microsoft Excel 2010
Microsoft Office Online Server -
Microsoft Office 2016
Microsoft Office 2019
Microsoft 365 Apps -
NA
CVE-2007-0215
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote malicious users to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption.
Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Office 2007
Microsoft Office Xp
Microsoft Office 2003
Microsoft Office 2004
Microsoft Excel 2003
Microsoft Excel 2007
Microsoft Excel Viewer 2003
Microsoft Office 2000
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started