193568 matches found
CVE-2026-50695
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...
CVE-2026-50311
Improper access control in Windows Server allows an authorized attacker to elevate privileges locally...
CVE-2026-50298
Integer overflow or wraparound in Windows Spaceport.sys allows an unauthorized attacker to elevate privileges with a physical attack...
CVE-2026-49799
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service LSASS allows an authorized attacker to deny service over a network...
CVE-2026-49804
Heap-based buffer overflow in Windows USB Video Driver allows an unauthorized attacker to elevate privileges with a physical attack...
CVE-2026-49787
Allocation of resources without limits or throttling in Windows HTTP.sys allows an unauthorized attacker to deny service over a network...
CVE-2026-49168
Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to elevate privileges with a physical attack...
CVE-2026-49162
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...
CVE-2026-45646
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...
CVE-2026-15702
A security vulnerability has been detected in tamagui up to 2.3.0. This affects the function updateConfig of the file code/core/web/src/config.ts. Such manipulation leads to improperly controlled modification of object prototype attributes. The attack may be performed from remote. Upgrading to...
CVE-2026-50298
CVE-2026-50298 concerns Windows Spaceport.sys: an integer overflow/wraparound vulnerability in the kernel component that could allow an unauthenticated, physical attacker to achieve privilege escalation. Affected software is Windows kernel-space Spaceport.sys; impact is elevation of privileges wi...
CVE-2026-49804
CVE-2026-49804 describes a heap-based buffer overflow in the Windows USB Video Driver that can allow an unauthorized attacker to elevate privileges via a physical attack. The vulnerability is characterized by a physical attack vector with low exploit complexity and the need for user interaction, ...
CVE-2026-49791
CVE-2026-49791 affects Windows Routing and Remote Access Service (RRAS). The issue is an improper link resolution before file access (link following) that can allow an authorized, local attacker to elevate privileges. The vulnerability is triggered locally with low attack complexity and low privi...
CVE-2026-45646
The provided records describe CVE-2026-45646 as a Denial of Service vulnerability in ASP.NET Core caused by allocation of resources without limits or throttling, enabling an unauthenticated attacker to disrupt services over the network. Concrete details in the connected documents include the affe...
CVE-2026-50653
Loop with unreachable exit condition 'infinite loop' in Azure Active Directory allows an unauthorized attacker to deny service over a network...
CVE-2026-57097
CVE-2026-57097 describes an Untrusted search path in Microsoft XML that allows a physical attacker to bypass a security feature. Affects Microsoft XML; impact is described as high for confidentiality, integrity, and availability with a physical attack requiring no user interaction. No exploit det...
CVE-2026-54108
CVE-2026-54108 affects Microsoft SharePoint Server. An authorized attacker can influence a file name or path in SharePoint, enabling network-based spoofing. CVSS v3.1: 6.5 (MEDIUM), AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. Root cause details are not provided in the supplied documents; no exploitation...
CVE-2026-50506
CVE-2026-50506 concerns a Denial of Service vulnerability in ASP.NET Core caused by allocation of resources without limits or throttling, enabling an unauthenticated attacker to exhaust resources over the network. The NVD entry and CVE records describe this as affecting ASP.NET Core (and related ...
CVE-2026-49172
The CVE-2026-49172 entry describes a heap-based buffer overflow in Windows FTP Service that allows an unauthenticated, network-based attacker to execute code remotely. Documents confirm the vulnerability exists in Windows FTP Service and enables remote code execution with network access and no re...
CVE-2026-49168
CVE-2026-49168 is an elevation-of-privilege vulnerability in Windows Storage Spaces Direct caused by an integer overflow/wraparound. The issue, exploitable with physical access, allows an unauthenticated attacker to gain high-impact effects (confidentiality, integrity, and availability). CVSSv3.1...