Lucene search
+L

23757 matches found

Microsoft CVE
Microsoft CVE
added 4 days ago7 views

Microsoft SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS6.1AI score0.00921EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago8 views

Windows Runtime Elevation of Privilege Vulnerability

Use after free in Windows Runtime allows an authorized attacker to elevate privileges over a network...

8.5CVSS6.1AI score0.00476EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago9 views

Microsoft SharePoint Elevation of Privilege Vulnerability

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network...

8.8CVSS6.1AI score0.0074EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago11 views

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network...

9.8CVSS6.3AI score0.0083EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago12 views

M365 Copilot for iOS Elevation of Privilege Vulnerability

Improper access control in Microsoft 365 Copilot for iOS allows an unauthorized attacker to elevate privileges over a network...

9.8CVSS6.1AI score0.00721EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago7 views

Windows SMB Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an authorized attacker to elevate privileges over a network...

7.5CVSS6.2AI score0.00503EPSS
Exploits0
Nuclei
Nuclei
added 4 days ago207 views

Oracle WebLogic Server - Remote Code Execution

Oracle WebLogic Server Oracle Fusion Middleware component: WLS Core Components is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated...

9.8CVSS7.5AI score0.93168EPSS
Exploits18References5
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58804

Name of the Vulnerable Software and Affected Versions .NET affected versions not specified Description Incorrect authorization allows an unauthorized attacker to bypass a security feature over a network without requiring a login or user interaction. Recommendations At the moment, there is no...

8.2CVSS6.1AI score0.00436EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-60102

Name of the Vulnerable Software and Affected Versions Anyquery affected versions not specified Description When operating in server mode, the software does not restrict outbound HTTP requests initiated by built-in SQLite virtual table modules, such as json reader and log reader. Unauthenticated...

8.6CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58461

Name of the Vulnerable Software and Affected Versions Microsoft Windows DNS affected versions not specified Description A use after free flaw in Microsoft Windows DNS allows an unauthorized attacker to elevate privileges over a network. Use after free is a memory corruption issue that occurs when...

8.1CVSS6AI score0.00674EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58351

Name of the Vulnerable Software and Affected Versions Windows Remote Desktop Services affected versions not specified Description A use after free condition in Windows Remote Desktop Services allows an authorized attacker to elevate privileges over a network. Use after free is a memory corruption...

8.8CVSS6.3AI score0.00653EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-58609

Name of the Vulnerable Software and Affected Versions Windows Network File System affected versions not specified Description A heap-based buffer overflow occurs in the Windows Network File System. This issue allows an authorized attacker to elevate privileges over a network. A heap-based buffer...

8.8CVSS6.2AI score0.00851EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58505

Name of the Vulnerable Software and Affected Versions Windows DHCP Server affected versions not specified Description A double free issue exists in the Windows DHCP Server, which could allow an authorized attacker to execute arbitrary code over a network. A double free occurs when the program...

7.5CVSS6.3AI score0.00618EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-58197

Name of the Vulnerable Software and Affected Versions Azure Spring Apps affected versions not specified Description Improper authentication allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that contain...

8.2CVSS6.1AI score0.00472EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 4 days ago8 views

PT-2026-58408

Name of the Vulnerable Software and Affected Versions Windows Kernel affected versions not specified Description An out-of-bounds read in the Windows Kernel allows an unauthorized attacker to disclose information over a network. This issue enables remote data leaks without requiring a login...

8.2CVSS6.1AI score0.00785EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58556

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Missing authorization allows an authorized attacker to elevate privileges over a network, which enables them to affect the system. Recommendations At the moment, there is ...

8.8CVSS6.1AI score0.00526EPSS
Exploits0References4
OSV
OSV
added 4 days ago3 views

UBUNTU-CVE-2026-47300

Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network...

8.8CVSS6.1AI score0.00538EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 4 days ago23 views

PT-2026-58525

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network...

5.4CVSS6AI score0.00335EPSS
Exploits0References4
Nuclei
Nuclei
added 5 days ago164 views

Oracle WebLogic Server Administration Console - Remote Code Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services versions 0.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0 contain an easily exploitable vulnerability that allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. id:...

9.8CVSS7.1AI score0.8883EPSS
Exploits11References5
NVD
NVD
added 6 days ago16 views

CVE-2026-58596

Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

8.3CVSS0.00451EPSS
Exploits0References1
Rows per page
Query Builder