192070 matches found
CVE-2026-26171
Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network...
CVE-2026-26171
Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network...
CVE-2026-32088
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...
CVE-2026-23666
Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network...
CVE-2026-33825
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally...
CVE-2026-33116
Loop with unreachable exit condition 'infinite loop' in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network...
CVE-2026-33116
Loop with unreachable exit condition 'infinite loop' in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network...
CVE-2026-33096
Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network...
CVE-2026-32223
Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack...
CVE-2026-32202
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-32184
Deserialization of untrusted data in Microsoft High Performance Compute Pack HPC allows an authorized attacker to elevate privileges locally...
CVE-2026-2403
CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload...
CVE-2026-23708
A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA...
CVE-2026-23708
A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA...
CVE-2026-22155
A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1,...
CVE-2026-22574
CVE-2026-22574 affects Fortinet FortiSOAR PaaS (versions 7.6.0–7.6.4, 7.5.0–7.5.2, 7.4 all, 7.3 all) and FortiSOAR on‑premise (7.6.0–7.6.4, 7.5.0–7.5.2, 7.4 all, 7.3 all). The issue is a vulnerability where passwords are stored in a recoverable format, potentially allowing an authenticated remote...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Link Resolution Before File Access in filelock [CVE-2025-68146]
Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Link Resolution Before File Access in filelock, caused by a Time-of-Check-Time-of-Use TOCTOU race condition that allows local attackers to corrupt or truncate arbitrary user files through symlink attacks CVE-2025-68146...
CVE-2026-4913
Improper protection of an alternate path in Ivanti N-ITSM before version 2025.4 allows a remote authenticated attacker to retain access when their account has been disabled...
Microsoft Power Apps Desktop Client Spoofing Vulnerability
Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to perform spoofing over a network...
HTTP.sys Denial of Service Vulnerability
Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network...