CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1353 matches found

MPDV Mikrolab GmbH HYDRA X, MIP 2 & FEDRA 2 - Path Traversal

MPDV Mikrolab GmbH HYDRA X, MIP 2, and FEDRA 2 = Maintenance Pack 36 with Servicepack 8 week 36/2025 contain an unauthenticated local file disclosure vulnerability caused by improper validation of the "Filename" parameter in the public $SCHEMAS$ resource, letting attackers read arbitrary Windows ...

7.5CVSS7.4AI score0.03783EPSS

Exploits0References2

NVD•added 6 days ago•7 views

CVE-2026-28587

In MmsSmsProvider of MmsSmsProvider.java, there is a possible way to retrieve sensitive information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00139EPSS

Exploits0References1

Cvelist•added 6 days ago•30 views

CVE-2026-28576

In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00148EPSS

Exploits0References1

CVE•added 6 days ago•9 views

CVE-2026-0057

CVE-2026-0057 affects the Android Contacts Provider. A missing permission check can allow an attacker to read an incoming call’s phone number and related metadata, enabling local information disclosure without extra execution privileges, and exploitation does not require user interaction. The iss...

3.3CVSS5.6AI score0.0008EPSS

Exploits0References1Affected Software1

Positive Technologies•added 6 days ago•10 views

PT-2026-50240

10CVSS5.9AI score0.00148EPSS

Exploits0References3

EUVD•added last week•6 views

EUVD-2026-37217

In PostWipeData of recoveryui.cpp, there is a possible data persistence issue after a factory reset due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00072EPSS

Exploits0References2

NVD•added last week•9 views

CVE-2026-0158

In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS0.0006EPSS

Exploits0References1

Tenable Nessus•added 2026/06/12 12:0 a.m.•9 views

Security Updates for Microsoft Office Products C2R (June 2026)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-44819, CVE-2026-44824, CVE-2026-45461, CVE-2026-45463,...

8.4CVSS7.4AI score0.00366EPSS

Exploits0References14

RedhatCVE•added 2026/06/10 9:4 p.m.•7 views

CVE-2026-45466

Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally...

3.3CVSS5.7AI score0.00322EPSS

Exploits0References1

RedhatCVE•added 2026/06/10 9:4 p.m.•7 views

CVE-2026-45485

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...

3.3CVSS7AI score0.00344EPSS

Exploits0References1

RedhatCVE•added 2026/06/10 9:2 p.m.•5 views

CVE-2026-45594

Exposure of sensitive information to an unauthorized actor in Windows Application Identity AppID Subsystem allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.00325EPSS

Exploits0References1

RedhatCVE•added 2026/06/10 9:2 p.m.•7 views

CVE-2026-42907

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...

6.5CVSS5.4AI score0.00657EPSS

Exploits0References1

RedhatCVE•added 2026/06/10 9:2 p.m.•10 views

CVE-2026-42972

Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.00421EPSS

Exploits0References1

RedhatCVE•added 2026/06/10 9:2 p.m.•7 views

CVE-2026-42906

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.00325EPSS

Exploits0References1

EUVD•added 2026/06/09 6:30 p.m.•8 views

EUVD-2026-35688

Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally...

5.5CVSS5.4AI score0.00274EPSS

Exploits0References2

EUVD•added 2026/06/09 6:30 p.m.•8 views

EUVD-2026-35670

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...

4.7CVSS5.4AI score0.00327EPSS

Exploits0References2

NVD•added 2026/06/09 5:17 p.m.•5 views

CVE-2026-45634

Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally...

5.5CVSS0.00274EPSS

Exploits0References1

NVD•added 2026/06/09 5:17 p.m.•9 views

CVE-2026-45608

Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally...

6.8CVSS0.00256EPSS

Exploits0References1

NVD•added 2026/06/09 5:17 p.m.•6 views

CVE-2026-45594

Exposure of sensitive information to an unauthorized actor in Windows Application Identity AppID Subsystem allows an authorized attacker to disclose information locally...

5.5CVSS0.00325EPSS

Exploits0References1

NVD•added 2026/06/09 5:17 p.m.•18 views

CVE-2026-42972

Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally...

5.5CVSS0.00421EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by