This page lists publicly disclosed CVE vulnerabilities affecting microsoft dynamics_nav (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-41127 | Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability | [email protected] | 8.5 | 2.13% | 2022-12-13 | 2024-11-21 |
| CVE-2022-41066 | Microsoft Business Central Information Disclosure Vulnerability | [email protected] | 4.4 | 4.47% | 2022-11-09 | 2025-08-25 |
| CVE-2021-36946 | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | [email protected] | 5.4 | 2.62% | 2021-08-12 | 2024-11-21 |
| CVE-2021-1724 | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | [email protected] | 6.1 | 0.93% | 2021-02-25 | 2024-11-21 |
| CVE-2020-17133 | Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability | [email protected] | 6.5 | 12.08% | 2020-12-10 | 2025-08-28 |
| CVE-2020-1022 | A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. | [email protected] | 8.0 | 39.21% | 2020-04-15 | 2024-11-21 |
| CVE-2020-1018 | An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information that are in a masked field.The security update addresses the vulnerability by updating the rendering engine the Windows client to properly detect masked fields and render the content as masked., aka 'Microsoft Dynamics Bu | [email protected] | 7.5 | 3.92% | 2020-04-15 | 2024-11-21 |
| CVE-2020-0905 | An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. | [email protected] | 8.0 | 32.92% | 2020-03-12 | 2024-11-21 |
| CVE-2018-8651 | A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV. | [email protected] | 5.4 | 1.35% | 2018-12-12 | 2024-11-21 |