Microsoft — Vulnerabilities & Security Advisories 8663

Browse all 8663 CVE security advisories affecting Microsoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Microsoft operates as a global technology corporation primarily providing enterprise software, cloud computing services, and consumer electronics. Its extensive software portfolio, including Windows operating systems and Office suites, has historically been associated with a high volume of Common Vulnerabilities and Exposures (CVEs), currently totaling 8,272. Common vulnerability classes affecting these products include remote code execution, cross-site scripting, and privilege escalation, often stemming from complex legacy codebases and extensive feature sets. Notable security incidents include the 2021 SolarWinds supply chain compromise, which impacted Microsoft’s Orion platform, and various critical zero-day exploits in Internet Explorer and Edge browsers. The company maintains a dedicated security response team and regularly issues patches through Windows Update to mitigate these risks, though the sheer scale of its ecosystem continues to present significant attack surfaces for threat actors seeking unauthorized access or data exfiltration.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-36876	Reliability Analysis Metrics Calculation (RacTask) Elevation of Privilege Vulnerability — Windows Server 2008 R2 Service Pack 1CWE-59	7.1	High	2023-08-08
CVE-2023-36869	Azure DevOps Server Spoofing Vulnerability — Azure DevOps ServerCWE-79	6.3	Medium	2023-08-08
CVE-2023-36866	Microsoft Office Visio Remote Code Execution Vulnerability — Microsoft Office LTSC 2021CWE-190	7.8	High	2023-08-08
CVE-2023-36865	Microsoft Office Visio Remote Code Execution Vulnerability — Microsoft Office 2019CWE-122	7.8	High	2023-08-08
CVE-2023-35368	Microsoft Exchange Remote Code Execution Vulnerability — Microsoft Exchange Server 2019 Cumulative Update 13CWE-20	8.8	High	2023-08-08
CVE-2023-35359	Windows Kernel Elevation of Privilege Vulnerability — Windows 10 Version 1809CWE-23	7.8	High	2023-08-08
CVE-2023-29330	Microsoft Teams Remote Code Execution Vulnerability — Microsoft Teams for DesktopCWE-416	8.8	High	2023-08-08
CVE-2023-29328	Microsoft Teams Remote Code Execution Vulnerability — Microsoft Teams for DesktopCWE-416	8.8	High	2023-08-08
CVE-2023-38157	Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability — Microsoft Edge (Chromium-based)	6.5	Medium	2023-08-07
CVE-2023-38187	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability — Microsoft Edge (Chromium-based)	6.5	Medium	2023-07-21
CVE-2023-35392	Microsoft Edge (Chromium-based) Spoofing Vulnerability — Microsoft Edge (Chromium-based)	4.7	Medium	2023-07-21
CVE-2023-38173	Microsoft Edge for Android Spoofing Vulnerability — Microsoft Edge for Android	4.3	Medium	2023-07-21
CVE-2023-36888	Microsoft Edge for Android (Chromium-based) Tampering Vulnerability — Microsoft Edge for Android	6.3	Medium	2023-07-14
CVE-2023-36887	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability — Microsoft Edge (Chromium-based)	7.8	High	2023-07-14
CVE-2023-36883	Microsoft Edge for iOS Spoofing Vulnerability — Microsoft Edge for iOS	4.3	Medium	2023-07-14
CVE-2023-24896	Dynamics 365 Finance Spoofing Vulnerability — Dynamics 365 for Finance and OperationsCWE-79	5.4	Medium	2023-07-14
CVE-2023-36884	Windows Search Remote Code Execution Vulnerability — Windows 10 Version 1809CWE-362	7.5	High	2023-07-11
CVE-2023-35333	MediaWiki PandocUpload Extension Remote Code Execution Vulnerability — PandocUploadCWE-94	8.8	High	2023-07-11
CVE-2023-36871	Azure Active Directory Security Feature Bypass Vulnerability — Windows 10 Version 1809	6.5	Medium	2023-07-11
CVE-2023-36868	Azure Service Fabric on Windows Information Disclosure Vulnerability — Azure Service Fabric 9.0 for Windows	6.5	Medium	2023-07-11
CVE-2023-36867	Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability — Visual Studio Code - GitHub Pull Requests and Issues Extension	7.8	High	2023-07-11
CVE-2023-35374	Paint 3D Remote Code Execution Vulnerability — Paint 3DCWE-122	7.8	High	2023-07-11
CVE-2023-35373	Mono Authenticode Validation Spoofing Vulnerability — Mono 6.12.0CWE-347	5.3	Medium	2023-07-11
CVE-2023-35335	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability — Microsoft Dynamics 365 (on-premises) version 9.0CWE-79	8.2	High	2023-07-11
CVE-2023-35312	Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability — Windows 10 Version 1809CWE-190	7.8	High	2023-07-11
CVE-2023-35311	Microsoft Outlook Security Feature Bypass Vulnerability — Microsoft 365 Apps for EnterpriseCWE-367	8.8	High	2023-07-11
CVE-2023-35310	Windows DNS Server Remote Code Execution Vulnerability — Windows Server 2019CWE-591	6.6	Medium	2023-07-11
CVE-2023-35309	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability — Windows 10 Version 1809CWE-591	7.5	High	2023-07-11
CVE-2023-35308	Windows MSHTML Platform Security Feature Bypass Vulnerability — Windows 10 Version 1809CWE-73	6.5	Medium	2023-07-11
CVE-2023-35306	Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability — Windows 10 Version 1809CWE-20	5.5	Medium	2023-07-11

This page lists every published CVE security advisory associated with Microsoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Microsoft — Vulnerabilities & Security Advisories 8663