microsoft 厂商相关 8415 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。
Microsoft 主要提供操作系统、办公软件及云计算服务。其软件历史上常出现远程代码执行、权限提升及跨站脚本等漏洞,多源于内存处理缺陷或配置错误。值得关注的是,微软推行“安全开发生命周期”并实施零信任架构,近期因 Exchange Server 漏洞引发的全球性供应链攻击事件,凸显了企业级应用的安全风险,促使业界加强补丁管理与纵深防御体系建设。
| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2024-49059 | Microsoft Office 后置链接漏洞 — Microsoft Office 2019CWE-59 | 7.0 | High | 2024-12-10 |
| CVE-2024-49057 | Microsoft Defender 输入验证错误漏洞 — Microsoft Defender for Endpoint for AndroidCWE-20 | 8.1 | High | 2024-12-10 |
| CVE-2024-43594 | Microsoft System Center Operations Manager 访问控制错误漏洞 — Microsoft System Center 2022CWE-284 | 7.3 | High | 2024-12-10 |
| CVE-2024-49041 | Microsoft Edge 安全漏洞 — Microsoft Edge (Chromium-based)CWE-449 | 4.3 | Medium | 2024-12-06 |
| CVE-2024-49053 | Microsoft Dynamics 365 跨站脚本漏洞 — Dynamics 365 Sales for AndroidCWE-79 | 7.6 | High | 2024-11-26 |
| CVE-2024-49052 | Microsoft Azure PolicyWatch 访问控制错误漏洞 — Microsoft Azure FunctionsCWE-306 | 8.2 | High | 2024-11-26 |
| CVE-2024-49038 | Microsoft Copilot Studio 跨站脚本漏洞 — Microsoft Copilot StudioCWE-79 | 9.3 | Critical | 2024-11-26 |
| CVE-2024-49035 | Microsoft Partner Center 安全漏洞 — Microsoft Partner CenterCWE-269 | 8.7 | High | 2024-11-26 |
| CVE-2024-49054 | Microsoft Edge 安全漏洞 — Microsoft Edge (Chromium-based)CWE-357 | 4.3 | Medium | 2024-11-22 |
| CVE-2024-49060 | Microsoft Azure Stack HCI 信任管理问题漏洞 — Azure Stack HCI OSCWE-798 | 8.8 | High | 2024-11-15 |
| CVE-2024-49025 | Microsoft Edge 安全漏洞 — Microsoft Edge (Chromium-based)CWE-359 | 5.4 | Medium | 2024-11-14 |
| CVE-2024-43613 | Microsoft Azure Database for PostgreSQL 命令注入漏洞 — Azure Database for PostgreSQL Flexible ServerCWE-77 | 7.2 | High | 2024-11-12 |
| CVE-2024-49042 | Microsoft Azure Database for PostgreSQL 命令注入漏洞 — Azure Database for PostgreSQL Flexible ServerCWE-77 | 7.2 | High | 2024-11-12 |
| CVE-2024-49051 | Microsoft PC Manager 后置链接漏洞 — Microsoft PC ManagerCWE-59 | 7.8 | High | 2024-11-12 |
| CVE-2024-49050 | Microsoft Visual Studio Code 安全漏洞 — Python extension for Visual Studio CodeCWE-501 | 8.8 | High | 2024-11-12 |
| CVE-2024-49048 | Microsoft TorchGeo 代码注入漏洞 — Microsoft TorchGeoCWE-94 | 8.1 | High | 2024-11-12 |
| CVE-2024-49039 | Microsoft Windows Task Scheduler 授权问题漏洞 — Windows Server 2025CWE-287 | 8.8 | High | 2024-11-12 |
| CVE-2024-49033 | Microsoft Word 输入验证错误漏洞 — Microsoft Office LTSC for Mac 2024CWE-20 | 7.5 | High | 2024-11-12 |
| CVE-2024-49032 | Microsoft Graphics Component 资源管理错误漏洞 — Microsoft Office LTSC for Mac 2024CWE-416 | 7.8 | High | 2024-11-12 |
| CVE-2024-49030 | Microsoft Excel 安全漏洞 — Microsoft Office LTSC for Mac 2024CWE-122 | 7.8 | High | 2024-11-12 |
| CVE-2024-49031 | Microsoft Graphics Component 安全漏洞 — Microsoft Office LTSC for Mac 2024CWE-126 | 7.8 | High | 2024-11-12 |
| CVE-2024-49028 | Microsoft Excel 缓冲区错误漏洞 — Microsoft Office LTSC for Mac 2024CWE-125 | 7.8 | High | 2024-11-12 |
| CVE-2024-49029 | Microsoft Excel 安全漏洞 — Microsoft Office LTSC for Mac 2024CWE-908 | 7.8 | High | 2024-11-12 |
| CVE-2024-49026 | Microsoft Excel 命令注入漏洞 — Microsoft Office 2019CWE-77 | 7.8 | High | 2024-11-12 |
| CVE-2024-49027 | Microsoft Excel 安全漏洞 — Microsoft Office 2019CWE-416 | 7.8 | High | 2024-11-12 |
| CVE-2024-49019 | Microsoft Active Directory Certificate Services 安全漏洞 — Windows Server 2019CWE-1390 | 7.8 | High | 2024-11-12 |
| CVE-2024-49021 | Microsoft SQL Server 资源管理错误漏洞 — Microsoft SQL Server 2017 (GDR)CWE-416 | 7.8 | High | 2024-11-12 |
| CVE-2024-49018 | Microsoft SQL Server 安全漏洞 — Microsoft SQL Server 2017 (GDR)CWE-197 | 8.8 | High | 2024-11-12 |
| CVE-2024-49017 | Microsoft SQL Server 安全漏洞 — Microsoft SQL Server 2017 (GDR)CWE-122 | 8.8 | High | 2024-11-12 |
| CVE-2024-49016 | Microsoft SQL Server 资源管理错误漏洞 — Microsoft SQL Server 2017 (GDR)CWE-416 | 8.8 | High | 2024-11-12 |
本页汇总了 microsoft 厂商截至目前公开的全部 8415 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。