Lucene search
+L

275 matches found

cvelist
cvelist
added 2 days ago34 views

CVE-2026-57090 Microsoft Windows Media Foundation Remote Code Execution Vulnerability

...

8.8CVSS0.0083EPSS
Exploits0References1
cve
cve
added 2 days ago5 views

CVE-2026-50458

CVE-2026-50458 is a use-after-free vulnerability in Microsoft Brokering File System that allows an authorized local attacker to elevate privileges. Exploitation details are not provided in the public text, but the NVD/CIRCL/ENISA references confirm local privilege escalation with a CVSS v3.1 base...

7.8CVSS6AI score0.00188EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago22 views

CVE-2026-50458 Microsoft Brokering File System Elevation of Privilege Vulnerability

...

7.8CVSS0.00188EPSS
Exploits0References1
cve
cve
added 2 days ago7 views

CVE-2026-50466

CVE-2026-50466 is a local privilege escalation in the Windows Brokering File System caused by a use-after-free in the Windows Brokering File System component. Public documentation confirms that an authorized attacker could elevate privileges locally (CVSSv3.1 base score 7.8, LOCAL attack vector, ...

7.8CVSS6AI score0.00245EPSS
Exploits0References1
cvelist
cvelist
added 2 days ago25 views

CVE-2026-49162 Microsoft Brokering File System Elevation of Privilege Vulnerability

...

7CVSS0.00204EPSS
Exploits0References1
nuclei
nuclei
added 2026/06/25 1:31 a.m.34 views

Microsoft SharePoint Server - Authentication Bypass

Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. id: CVE-2025-49706 info: name: Microsoft SharePoint Server - Authentication Bypass author: daffainfo severity: medium description: | Improper authentication in Microsoft Offi...

9.8CVSS7AI score0.99979EPSS
Exploits41References5
mscve
mscve
added 2026/06/13 8:4 a.m.10 views

Out-of-Bounds Read in CMS Password-Based Decryption

...

7.5CVSS5.8AI score0.00297EPSS
Exploits0
githubexploit
githubexploit
added 2026/06/11 9:48 a.m.85 views

Exploit for Untrusted Pointer Dereference in Microsoft

CVE...

7.8CVSS5.4AI score0.65417EPSS
Exploits13
vulnrichment
vulnrichment
added 2026/06/09 5:5 p.m.9 views

CVE-2026-47638 Microsoft SharePoint Server Spoofing Vulnerability

...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References1
githubexploit
githubexploit
added 2026/06/05 5:53 a.m.99 views

Exploit for Double Free in Microsoft

CVE-2026-26179 PoC for CVE-2026-26179 / ZDI-26-276, my very ow...

7.8CVSS5.8AI score0.0044EPSS
Exploits1
githubexploit
githubexploit
added 2026/05/12 11:0 p.m.104 views

Exploit for Improper Input Validation in Microsoft

monikerlinktest cve-2024-21413 1. set up tun0 on router via o...

9.8CVSS6AI score0.9466EPSS
Exploits23
cve
cve
added 2026/05/12 4:58 p.m.70 views

CVE-2026-35439

CVE-2026-35439 is a remote code execution vulnerability in Microsoft SharePoint Server caused by deserialization of untrusted data. An authorized attacker can exploit this over a network to execute code on affected systems. The CVE is associated with SharePoint Server (on‑premises) and the approv...

8.8CVSS6AI score0.02032EPSS
Exploits0References1Affected Software1
mscve
mscve
added 2026/05/12 2:0 p.m.9 views

Data Deduplication Elevation of Privilege Vulnerability

Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00332EPSS
Exploits0
githubexploit
githubexploit
added 2026/05/02 6:52 a.m.96 views

Exploit for Insufficient Granularity of Access Control in Microsoft

CVE-20...

7.8CVSS5.8AI score0.06749EPSS
Exploits3
mscve
mscve
added 2026/04/23 8:3 a.m.8 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7.2AI score0.00242EPSS
Exploits0
mscve
mscve
added 2026/04/23 8:2 a.m.7 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7.2AI score0.00242EPSS
Exploits0
cve
cve
added 2026/04/14 4:58 p.m.51 views

CVE-2026-32091

CVE-2026-32091 is a Microsoft elevation of privilege vulnerability in the Brokering File System with a CVSS 3.1 base score of 8.4 (HIGH). It is a local, no-user-interaction attack requiring no privileges, with high impact on confidentiality, integrity, and availability. The exploitation status is...

8.4CVSS5.9AI score0.00157EPSS
Exploits0References1Affected Software13
vulnrichment
vulnrichment
added 2026/04/14 4:56 p.m.3 views

CVE-2026-20945 Microsoft SharePoint Server Spoofing Vulnerability

...

4.6CVSS5.8AI score0.25082EPSS
Exploits0References1
vulncheck_kev
vulncheck_kev
added 2026/04/06 12:0 a.m.4 views

VulnCheck KEV: CVE-2023-21529

Microsoft Exchange Server Remote Code Execution Vulnerability...

8.8CVSS5.9AI score0.62104EPSS
In wildExploits0References3
mscve
mscve
added 2026/04/01 8:19 a.m.11 views

An incomplete fix for CVE-2024-36137 leaves `FileHandle.chmod()` and `FileHandle.chown()` in the promises API without the required permission checks, while their callback-based equivalents (`fs.fchmod()`, `fs.fchown()`) were correctly patched. As a result, code running under `--permission` with restricted `--allow-fs-write` can still use promise-based `FileHandle` methods to modify file permissions and ownership on already-open file descriptors, bypassing the intended write restrictions. This vulnerability affects **20.x, 22.x, 24.x, and 25.x** processes using the Permission Model where `--allow-fs-write` is intentionally restricted.

...

3.3CVSS6.6AI score0.00395EPSS
Exploits0
Rows per page
Query Builder