| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network. |
| Improper access control in Microsoft Teams allows an unauthorized attacker to disclose information over a network. |
| AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. |
| Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network. |
| Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) |
| A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions. |
| A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions. |
| A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions. |
| Microsoft Teams Information Disclosure Vulnerability |
| Microsoft Teams for iOS Spoofing Vulnerability |
| Microsoft Teams for Android Information Disclosure Vulnerability |
| Microsoft Teams for Android Information Disclosure Vulnerability |
| A potential Buffer Overflow Vulnerability (from a BB Code handling issue) has been identified in TeamSpeak Server version 3.0.13.6 (08/11/2016 09:48:33), it enables the users to Crash any WINDOWS Client that clicked into a Vulnerable Channel of a TeamSpeak Server. |
| Microsoft Teams Remote Code Execution Vulnerability |
| Microsoft Teams Remote Code Execution Vulnerability |
| Microsoft Teams Denial of Service Vulnerability |
| Microsoft Teams iOS Information Disclosure Vulnerability |
| Microsoft Teams Remote Code Execution Vulnerability |
