28513 matches found
CVE-2026-61520
The CVE-2026-61520 entry documents a server-side request forgery in Simple Machines Forum (SMF) image proxy. Affected versions are SMF 2.1 prior to commit 4bf35cf and SMF 3.0 prior to commit b4d23df. The vulnerability allows authenticated attackers to trigger internal HTTP requests by embedding a...
CVE-2026-58529
Out-of-bounds read in Active Directory Federation Services AD FS allows an authorized attacker to disclose information over a network...
CVE-2026-58626
Use after free in Windows Remote Desktop Services allows an authorized attacker to execute code over a network...
CVE-2026-58544
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally...
CVE-2026-50359
Use after free in Microsoft XML Core Services allows an authorized attacker to elevate privileges locally...
CVE-2026-54121
Improper authorization in Active Directory Certificate Services AD CS allows an authorized attacker to elevate privileges over a network...
CVE-2026-50684
Improper neutralization of input during web page generation 'cross-site scripting' in Active Directory Federation Services AD FS allows an authorized attacker to perform spoofing over a network...
CVE-2026-50444
Missing authentication for critical function in Windows Server Update Service allows an authorized attacker to elevate privileges over a network...
CVE-2026-50411
Stack-based buffer overflow in Active Directory Federation Services AD FS allows an unauthorized attacker to deny service over a network...
CVE-2026-50369
Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges over a network...
CVE-2026-50352
Exposure of sensitive information to an unauthorized actor in Windows Cryptographic Services allows an authorized attacker to disclose information locally...
CVE-2026-50355
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...
CVE-2026-50366
Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network...
CVE-2026-50324
Loop with unreachable exit condition 'infinite loop' in Active Directory Federation Services AD FS allows an unauthorized attacker to deny service over a network...
CVE-2026-50368
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...
CVE-2026-50328
Uncaught exception in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network...
CVE-2026-50304
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...
CVE-2026-50302
Improper certificate validation in Windows Cryptographic Services allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-49178 Windows Active Directory Domain Services Remote Code Execution Vulnerability
...
CVE-2026-56155 Active Directory Federation Services Elevation of Privilege Vulnerability
...