Blue Goat Cyber logoBlue Goat CyberSMMedical Device Cybersecurity
    K
    Goat Feed · Topic

    #microsoft

    Items tagged #microsoft

    Back to the daily feed
    criticalKEVBGC-RS 7.3Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2026-21513 - MSHTML Framework Protection Mechanism Failure Vulnerability

    Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

    criticalKEVBGC-RS 7.3Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2026-21510 - Windows Shell Protection Mechanism Failure Vulnerability

    Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

    criticalKEVBGC-RS 4.2Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2023-36424 - Windows Out-of-Bounds Read Vulnerability

    Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation

    criticalKEVBGC-RS 5.6Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2008-0015 - Windows Video ActiveX Control Remote Code Execution Vulnerability

    Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.

    criticalKEVBGC-RS 4.5Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2026-32202 (CVSS 4.3 MEDIUM) - Windows Protection Mechanism Failure Vulnerability

    Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.

    criticalKEVBGC-RS 4.5Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2026-21533 - Windows Improper Privilege Management Vulnerability

    Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

    criticalKEVBGC-RS 4.2Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2026-21519 - Windows Type Confusion Vulnerability

    Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

    criticalKEVBGC-RS 4.2Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2025-60710 - Windows Link Following Vulnerability

    Microsoft Windows contains a link following vulnerability that allows for privilege escalation

    criticalKEVBGC-RS 4.5Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2026-21525 - Windows NULL Pointer Dereference Vulnerability

    Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

    criticalKEVBGC-RS 4.2Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2026-20805 - Windows Information Disclosure Vulnerability

    Microsoft Windows Desktop Windows Manager contains an information disclosure vulnerability that allows an authorized attacker to disclose information locally.

    criticalKEVBGC-RS 4.6Infra · likely in-scope

    CISA KEV: Microsoft Windows CVE-2008-4250 - Windows Buffer Overflow Vulnerability

    Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.