23752 matches found
Oracle E-Business Suite Improper Privilege Management Vulnerability
Oracle E-Business Suite contains an improper privilege management vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful attacks of this vulnerability can result in takeover of Oracle Payments...
CVE-2026-47301
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over a network...
CVE-2026-47300
Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network...
CVE-2026-47303
Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network...
CVE-2026-57982
Use of uninitialized resource in Windows RDP allows an authorized attacker to disclose information over a network...
CVE-2026-57092
Use after free in Windows VMSwitch allows an authorized attacker to elevate privileges over a network...
CVE-2026-56647
Integer overflow or wraparound in Windows Remote Access Service Infrastructure allows an authorized attacker to elevate privileges over a network...
CVE-2026-54116
Access of resource using incompatible type 'type confusion' in SQL Server allows an authorized attacker to disclose information over a network...
CVE-2026-50686
Access of resource using incompatible type 'type confusion' in Windows OLE allows an unauthorized attacker to execute code over a network...
CVE-2026-57108
Access of resource using incompatible type 'type confusion' in .NET Core allows an unauthorized attacker to deny service over a network...
CVE-2026-50502
Insufficient granularity of access control in Windows Event Logging Service allows an authorized attacker to execute code over a network...
CVE-2026-50444
Missing authentication for critical function in Windows Server Update Service allows an authorized attacker to elevate privileges over a network...
CVE-2026-50398
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Media allows an authorized attacker to elevate privileges over a network...
CVE-2026-50379
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Media allows an authorized attacker to elevate privileges over a network...
CVE-2026-50366
Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network...
CVE-2026-50340
Use after free in Windows Runtime allows an authorized attacker to elevate privileges over a network...
CVE-2026-47295
Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...
CVE-2026-58279
Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network...
CVE-2026-57979
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network...
CVE-2026-49169
Use after free in DNS Server allows an authorized attacker to execute code over a network...