dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

CVE-2026-45485

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...

CVE-2026-47287

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...

CVE-2026-49160

Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network...

CVE-2026-48574

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally...

CVE-2026-47635

Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2026-47643

External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network...

CVE-2026-45645

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2026-45641

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...

CVE-2026-45643

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...

CVE-2026-45649

Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally...

CVE-2026-45607

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...

CVE-2026-45457

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...

CVE-2026-45458

Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2026-45475

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2026-44819

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2026-44817

Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2026-44822

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network...

CVE-2026-42981

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

EUVD-2026-35508

Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...