127 matches found
CVE-2026-45655
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
EUVD-2026-35694
User interface ui misrepresentation of critical information in Microsoft Bing allows an unauthorized attacker to perform spoofing over a network...
PT-2026-48022
Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...
PT-2026-48041
Name of the Vulnerable Software and Affected Versions Remote Desktop Client affected versions not specified Description A heap-based buffer overflow in the Remote Desktop Client allows an unauthorized attacker to execute arbitrary code over a network. A heap-based buffer overflow occurs when a...
Microsoft Office 安全漏洞
Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a security vulnerability in Microsoft Office, which stems from excessive reading of...
Azure Orbital Spatio Remote Code Execution Vulnerability
Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network...
CVE-2026-45492
Improper input validation in Microsoft Edge Chromium-based allows an unauthorized attacker to bypass a security feature over a network...
PT-2026-42077
Name of the Vulnerable Software and Affected Versions Amazon Scraper versions prior to 1.2 Description The Amazon Scraper plugin for WordPress contains a Cross-Site Request Forgery CSRF flaw. This occurs because of missing or incorrect nonce validation—a security token used to ensure requests are...
CVE-2026-33833
Improper neutralization of special elements in output used by a downstream component 'injection' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...
PT-2026-40224
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network...
PT-2026-40149
Name of the Vulnerable Software and Affected Versions Windows Message Queuing affected versions not specified Description A heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker located on an adjacent network to execute arbitrary code. A heap-based buffer overflow...
OpenCart 跨站请求伪造漏洞
OpenCart is an open-source e-commerce system developed by the OpenCart team in China. This system provides modules for product reviews, product ratings, and product addition. Version 3.0.36 of OpenCart has a cross-site request forgeing vulnerability. This vulnerability stems from the /account/edi...
Microsoft Azure Cloud Shell 命令注入漏洞
Microsoft Azure Cloud Shell is a browser-based cloud command-line environment developed by Microsoft Corporation. There is a command injection vulnerability in Microsoft Azure Cloud Shell, which stems from improper neutralization of special elements in commands. This vulnerability could allow...
CVE-2026-32196
Improper neutralization of input during web page generation 'cross-site scripting' in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-22587
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-32225
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-32190
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
Remote Desktop Spoofing Vulnerability
Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network...
PT-2026-32839
Name of the Vulnerable Software and Affected Versions .NET versions 8.0.0 through 8.0.25 .NET versions 9.0.0 through 9.0.14 .NET versions 10.0.0 through 10.0.5 Description Improper neutralization of special elements in System.Net.Mail allows an unauthorized attacker to perform a spoofing attack...
EUVD-2026-22071
An issue in the Bluetooth RFCOMM service of Parani M10 Motorcycle Intercom v2.1.3 allows unauthorized attackers to cause a Denial of Service DoS via supplying crafted RFCOMM frames...