CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

CVE•added 2026/06/09 5:5 p.m.•12 views

CVE-2026-45484

This CVE involves deserialization of untrusted data in Microsoft Office SharePoint, enabling an authorized attacker to elevate privileges over a network. Affected component: SharePoint (deserialization vulnerability cited in multiple sources). Root cause: improper handling of deserialized input l...

8.8CVSS5.5AI score0.01489EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/06/09 12:0 a.m.•4 views

Microsoft Windows Universal Disk Format File System Driver 安全漏洞

The Microsoft Windows Universal Disk Format File System Driver is an open-source Windows file system driver developed by Microsoft. There is a security vulnerability in the Microsoft Windows Universal Disk Format File System Driver, which may allow authorized attackers to gain local privileges...

7.8CVSS5.3AI score0.00311EPSS

Exploits0References1

CNNVD•added 2026/06/09 12:0 a.m.•3 views

Microsoft Windows Universal Disk Format File System Driver 安全漏洞

7.8CVSS5.3AI score0.0024EPSS

Exploits0References1

CNNVD•added 2026/05/22 12:0 a.m.•5 views

Microsoft Azure Stack HCI 输入验证错误漏洞

Microsoft Azure Stack HCI is a hybrid product developed by Microsoft Corporation. It can host Windows and Linux VMs or containerized workloads along with their storage. There is an input validation vulnerability in Microsoft Azure Stack HCI, which stems from improper input validation. This...

7.7CVSS5.8AI score0.00772EPSS

Exploits0References1

CNNVD•added 2026/05/20 12:0 a.m.•10 views

Microsoft Defender 后置链接漏洞

Microsoft Defender is a threat protection software developed by the American company Microsoft. Microsoft Defender has a postback link vulnerability, which stems from improper link resolution before file access. This vulnerability could allow authorized attackers to gain local privileges...

7.8CVSS6AI score0.01172EPSS

Exploits2References1

CNNVD•added 2026/05/19 12:0 a.m.•6 views

Microsoft Azure Portal Windows Admin Center 后置链接漏洞

Microsoft Azure Portal Windows Admin Center is a Windows server and hybrid cloud management platform integrated with the Azure Portal by Microsoft Corporation. There is a postback link vulnerability in Microsoft Azure Portal Windows Admin Center, which stems from improper link resolution before...

7.8CVSS5.8AI score0.00395EPSS

Exploits0References2

Positive Technologies•added 2026/05/12 12:0 a.m.•8 views

PT-2026-40147

Name of the Vulnerable Software and Affected Versions Windows Win32K affected versions not specified Description A use after free issue in ICOMP allows an authorized attacker to elevate privileges locally to SYSTEM level. Use after free is a memory corruption flaw that occurs when an application...

7.8CVSS5.8AI score0.02014EPSS

Exploits0References10

EUVD•added 2026/04/14 6:30 p.m.•3 views

EUVD-2026-22597

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS5.6AI score0.0042EPSS

Exploits0References2

EUVD•added 2026/03/10 6:31 p.m.•2 views

EUVD-2026-10619

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00383EPSS

Exploits0References2

EUVD•added 2026/03/10 6:31 p.m.•4 views

EUVD-2025-208487

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigDa...

6CVSS5.9AI score0.00445EPSS

Exploits0References2

Microsoft CVE•added 2026/03/10 2:0 p.m.•2 views

Windows Kernel Elevation of Privilege Vulnerability

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.04491EPSS

Exploits0

CNNVD•added 2026/03/05 12:0 a.m.•7 views

Microsoft Azure Compute Gallery 安全漏洞

Microsoft Azure Compute Gallery is a service provided by Microsoft in the United States that manages virtual machines. There is a security vulnerability in Azure Compute Gallery, which stems from overly lax regular expressions, potentially allowing authorized attackers to gain local privileges...

6.7CVSS5.8AI score0.00593EPSS

Exploits0References1

Positive Technologies•added 2026/01/13 12:0 a.m.•4 views

PT-2026-2688

Name of the Vulnerable Software and Affected Versions Windows Kernel affected versions not specified Description The Windows Kernel has a flaw where the generation of error messages can expose sensitive information to a local attacker. This allows an attacker to potentially disclose information a...

5.5CVSS6AI score0.00633EPSS

Exploits0References5

EUVD•added 2025/11/07 6:30 p.m.•3 views

EUVD-2025-38289

An issue was discovered in rymcu forest thru commit f782e85 2025-09-04 in function doBefore in file src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java, allowing authorized attackers to delete arbitrary users posts...

6.5AI score0.0022EPSS

Exploits1References3

Positive Technologies•added 2025/11/07 12:0 a.m.•2 views

PT-2025-45448

7AI score0.0022EPSS

Exploits1References3

Vulnrichment•added 2025/11/07 12:0 a.m.•2 views

CVE-2025-63687

6.6AI score0.0022EPSS

Exploits1References2

Positive Technologies•added 2025/10/14 12:0 a.m.•3 views

PT-2025-42093

Name of the Vulnerable Software and Affected Versions Network Connection Status Indicator NCSI affected versions not specified Description An issue with access control in Network Connection Status Indicator NCSI could allow a local attacker to gain elevated privileges. Recommendations At the...

7.8CVSS8.5AI score0.00405EPSS

Exploits0References8