192070 matches found
EUVD-2026-22412
Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack...
EUVD-2026-22430
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally...
EUVD-2026-22352
Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack...
EUVD-2026-22303
A Broken Object-Level Authorization BOLA in the /Contact/Persons/PersonController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any contact owned by other users via supplying a crafted GET request...
EUVD-2026-22329
A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA...
CVE-2026-33824
Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network...
CVE-2026-32223
Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack...
CVE-2026-32201
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-32202
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-32203
Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network...
CVE-2026-32088
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...
CVE-2026-32070
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-26184
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally...
CVE-2026-26175
Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack...
CVE-2026-26171
Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network...
CVE-2026-26161
Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally...
CVE-2026-26153
Out-of-bounds read in Windows Encrypting File System EFS allows an authorized attacker to elevate privileges locally...
CVE-2026-20930
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
CVE-2026-34614 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...
CVE-2026-33101
Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally...