2211 matches found
EUVD-2026-29690
External control of file name or path in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...
EUVD-2026-29678
External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network...
EUVD-2026-29652
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network...
EUVD-2026-29574
External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally...
CVE-2026-41107
External control of file name or path in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...
CVE-2026-40421
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally...
CVE-2026-41088
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-32204
External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally...
CVE-2026-40370
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network...
CVE-2026-41107
External control of file name or path in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...
CVE-2026-41088
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
EUVD-2026-29487
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks...
CVE-2026-8043
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks...
CVE-2026-8043
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks...
CVE-2026-8043
Ivanti Xtraction is affected prior to version 2026.2 by CVE-2026-8043 due to external control of a file name. An authenticated remote attacker can read sensitive files and write arbitrary HTML files to a web directory, enabling information disclosure and potential client-side attacks. The vulnera...
CVE-2026-8043
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks...
CVE-2026-8043
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks...
SQL Server Remote Code Execution Vulnerability
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network...
Microsoft Word Information Disclosure Vulnerability
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally...
Azure Monitor Agent Elevation of Privilege Vulnerability
External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally...