Microsoft — Vulnerabilities & Security Advisories 8663

Browse all 8663 CVE security advisories affecting Microsoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Microsoft operates as a global technology corporation primarily providing enterprise software, cloud computing services, and consumer electronics. Its extensive software portfolio, including Windows operating systems and Office suites, has historically been associated with a high volume of Common Vulnerabilities and Exposures (CVEs), currently totaling 8,272. Common vulnerability classes affecting these products include remote code execution, cross-site scripting, and privilege escalation, often stemming from complex legacy codebases and extensive feature sets. Notable security incidents include the 2021 SolarWinds supply chain compromise, which impacted Microsoft’s Orion platform, and various critical zero-day exploits in Internet Explorer and Edge browsers. The company maintains a dedicated security response team and regularly issues patches through Windows Update to mitigate these risks, though the sheer scale of its ecosystem continues to present significant attack surfaces for threat actors seeking unauthorized access or data exfiltration.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-34506	Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability — Microsoft Edge (Chromium-based)	6.1	Medium	2023-06-30
CVE-2022-23264	Microsoft Edge (Chromium-based) Spoofing Vulnerability — Microsoft Edge (Chromium-based)	4.7	Medium	2023-06-29
CVE-2022-26899	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability — Microsoft Edge (Chromium-based)	6.3	Medium	2023-06-29
CVE-2022-29147	Microsoft Edge (Chromium-based) Spoofing Vulnerability — Microsoft Edge (Chromium-based)	3.1	Low	2023-06-29
CVE-2022-29146	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability — Microsoft Edge (Chromium-based)	8.3	High	2023-06-29
CVE-2022-29144	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability — Microsoft Edge (Chromium-based)	7.5	High	2023-06-29
CVE-2021-31937	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability — Microsoft Edge (Chromium-based)	8.2	High	2023-06-28
CVE-2023-33141	Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability — YARP 1.0CWE-400	7.5	High	2023-06-23
CVE-2023-28295	Microsoft Publisher Remote Code Execution Vulnerability — Microsoft Office 2019CWE-190	7.8	High	2023-06-17
CVE-2023-28287	Microsoft Publisher Remote Code Execution Vulnerability — Microsoft Publisher 2016CWE-416	7.8	High	2023-06-17
CVE-2023-29349	Microsoft ODBC and OLE DB Remote Code Execution Vulnerability — Microsoft OLE DB Driver 18 for SQL ServerCWE-191	7.8	High	2023-06-16
CVE-2023-32028	Microsoft SQL OLE DB Remote Code Execution Vulnerability — Microsoft OLE DB Driver 19 for SQL ServerCWE-122	7.8	High	2023-06-16
CVE-2023-32027	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability — Microsoft ODBC Driver 17 for SQL Server on LinuxCWE-122	7.8	High	2023-06-16
CVE-2023-32026	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability — Microsoft ODBC Driver 17 for SQL Server on MacOSCWE-122	7.8	High	2023-06-16
CVE-2023-32025	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability — Microsoft ODBC Driver 17 for SQL Server on LinuxCWE-122	7.8	High	2023-06-16
CVE-2023-29356	Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability — Microsoft ODBC Driver 17 for SQL Server on LinuxCWE-416	7.8	High	2023-06-16
CVE-2023-32030	.NET and Visual Studio Denial of Service Vulnerability — Microsoft .NET Framework 4.8	7.5	High	2023-06-14
CVE-2023-29337	NuGet Client Remote Code Execution Vulnerability — NuGet 6.2.3CWE-367	7.1	High	2023-06-14
CVE-2023-29331	.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability — .NET 6.0CWE-400	7.5	High	2023-06-14
CVE-2023-24936	.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability — Microsoft Visual Studio 2022 version 17.2	7.5	High	2023-06-14
CVE-2023-24895	.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability — .NET 7.0	7.8	High	2023-06-14
CVE-2023-32031	Microsoft Exchange Server Remote Code Execution Vulnerability — Microsoft Exchange Server 2019 Cumulative Update 12CWE-502	8.8	High	2023-06-14
CVE-2023-32024	Microsoft Power Apps Spoofing Vulnerability — Microsoft Power AppsCWE-79	3.0	Low	2023-06-14
CVE-2023-29326	.NET Framework Remote Code Execution Vulnerability — Microsoft .NET Framework 3.5 AND 4.8	7.8	High	2023-06-14
CVE-2023-24897	.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability — Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)CWE-122	7.8	High	2023-06-14
CVE-2023-28310	Microsoft Exchange Server Remote Code Execution Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23CWE-502	8.0	High	2023-06-14
CVE-2023-24937	Windows CryptoAPI Denial of Service Vulnerability — Windows 10 Version 1809CWE-20	6.5	Medium	2023-06-14
CVE-2023-33145	Microsoft Edge (Chromium-based) Information Disclosure Vulnerability — Microsoft Edge (Chromium-based)	6.5	Medium	2023-06-13
CVE-2023-33144	Visual Studio Code Spoofing Vulnerability — Visual Studio CodeCWE-23	6.6	Medium	2023-06-13
CVE-2023-33142	Microsoft SharePoint Server Elevation of Privilege Vulnerability — Microsoft SharePoint Server 2019CWE-285	6.5	Medium	2023-06-13

This page lists every published CVE security advisory associated with Microsoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Microsoft — Vulnerabilities & Security Advisories 8663