Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-36028
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
Microsoft Windows Server 2016 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 1507
Microsoft Windows 10 1607
Microsoft Windows 10 1809
Microsoft Windows 10 21h2
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
1 Article
9.8
CVSSv3
CVE-2023-47800
Natus NeuroWorks and SleepWorks prior to 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying...
Natus Neuroworks Eeg
Natus Neuroworks Eeg 8.4
Natus Sleepworks
Natus Sleepworks 8.4
9.8
CVSSv3
CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 byte...
Haxx Libcurl
Fedoraproject Fedora 37
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows 10 21h2
9 Github repositories
2 Articles
9.8
CVSSv3
CVE-2023-36419
Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability
Microsoft Azure Hdinsights -
9.8
CVSSv3
CVE-2023-36434
Windows IIS Server Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 21h2
Microsoft Windows 10 1809
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 1507
Microsoft Windows 10 22h2
Microsoft Windows 10 1607
1 Github repository
1 Article
9.8
CVSSv3
CVE-2023-35349
Microsoft Message Queuing Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 22h2
Microsoft Windows 10 1607
Microsoft Windows 10 1809
Microsoft Windows 10 21h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 1507
1 Article
9.8
CVSSv3
CVE-2023-29332
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
Microsoft Azure Kubernetes Service -
1 Github repository
1 Article
9.8
CVSSv3
CVE-2023-36758
Visual Studio Elevation of Privilege Vulnerability
Microsoft Visual Studio 2022
9.8
CVSSv3
CVE-2023-36765
Microsoft Office Elevation of Privilege Vulnerability
Microsoft Office 2019
9.8
CVSSv3
CVE-2023-35082
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier.
Ivanti Endpoint Manager Mobile
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »