This page lists publicly disclosed CVE vulnerabilities affecting microsoft dynamics_gp (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-23274 | Microsoft Dynamics GP Remote Code Execution Vulnerability | [email protected] | 8.8 | 2.07% | 2022-02-09 | 2024-11-21 |
| CVE-2022-23273 | Microsoft Dynamics GP Elevation Of Privilege Vulnerability | [email protected] | 7.1 | 2.13% | 2022-02-09 | 2024-11-21 |
| CVE-2022-23272 | Microsoft Dynamics GP Elevation Of Privilege Vulnerability | [email protected] | 8.1 | 2.47% | 2022-02-09 | 2024-11-21 |
| CVE-2022-23271 | Microsoft Dynamics GP Elevation Of Privilege Vulnerability | [email protected] | 6.5 | 3.50% | 2022-02-09 | 2024-11-21 |
| CVE-2022-23269 | Microsoft Dynamics GP Spoofing Vulnerability | [email protected] | 5.4 | 1.12% | 2022-02-09 | 2024-11-21 |
| CVE-2010-2083 | Microsoft Dynamics GP has a default value of ACCESS for the system password, which might make it easier for remote authenticated users to bypass intended access restrictions via unspecified vectors. | [email protected] | 4.0 | 8.49% | 2010-05-26 | 2026-04-29 |
| CVE-2010-2011 | Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents. | [email protected] | 4.0 | 10.74% | 2010-05-21 | 2026-04-29 |
| CVE-2006-5266 | Multiple buffer overflows in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allow remote attackers to execute arbitrary code via (1) a crafted Distributed Process Manager (DPM) message to the (a) DPM component, or a (2) long string or (3) long IP address in a Distributed Process Server (DPS) message to the DPM or (b) DPS component. | [email protected] | 7.5 | 15.70% | 2006-12-31 | 2026-04-23 |
| CVE-2006-5265 | Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows remote attackers to cause a denial of service (crash) via an invalid magic number in a Distributed Process Server (DPS) message. | [email protected] | 5.0 | 10.42% | 2006-12-31 | 2026-04-23 |