23748 matches found
CVE-2026-40400
CVE-2026-40400 is a Windows PowerShell relative path traversal vulnerability that could enable an authorized attacker to execute code over a network. The CVE entry identifies a remote code execution risk with NETWORK attack vector, LOW attack complexity, and LOW privileges required, but with UI i...
CVE-2026-58608
CVE-2026-58608 affects Windows Print Spooler components, where a race condition from improper synchronization on a shared resource enables remote code execution over a network. The vulnerability allows an authenticated attacker with low privileges to execute code with high impact (C/H; I/H; A/H) ...
CVE-2026-57979
CVE-2026-57979 concerns an out-of-bounds read in Windows Remote Desktop Protocol (RDP) that enables a network-based, unauthenticated information disclosure. Public descriptions consistently state that an attacker can disclose information over the network, with a CVSS v3.1 base score of 6.5 (Mediu...
CVE-2026-56164
CVE-2026-56164 is a Microsoft SharePoint Server elevation-of-privilege vulnerability described as missing authentication for a critical function, enabling a remote attacker to elevate privileges over a network. Public advisories indicate widespread Office-related vulnerabilities, with SharePoint ...
CVE-2026-50338
Technical details are not publicly available in the provided documents. Monitor for updates from official sources.
CVE-2026-55003
CVE-2026-55003 affects Windows Remote Desktop Protocol (RDP). The vulnerability arises from a use of an uninitialized resource, enabling an unauthenticated attacker to disclose information over the network. The CVSS 3.1 Base score is 6.5 (Medium); attack vector: Network, privileges required: None...
CVE-2026-49164
CVE-2026-49164 affects Active Directory Domain Services (AD DS). The vulnerability is described as a heap-based buffer overflow in AD DS that allows an unauthenticated, network-based attacker to execute code remotely. Public sources in the provided documents consistently label this as an executio...
CVE-2026-42990
CVE-2026-42990 affects the SQL Server ODBC driver, where a heap-based buffer overflow enables code execution over the network. The vulnerability is exploitable remotely (network vector) and is rated high severity (CVSS 3.1: 9.8, CRITICAL) with no privileges required and no user interaction. The a...
Azure Spring Apps Elevation of Privilege Vulnerability
Improper authentication in Azure Spring Apps allows an authorized attacker to elevate privileges over a network...
Windows Remote Desktop Services Elevation of Privilege Vulnerability
Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges over a network...
Azure CycleCloud Elevation of Privilege Vulnerability
Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network...
Windows DNS Server Remote Code Execution Vulnerability
Use after free in DNS Server allows an authorized attacker to execute code over a network...
Windows Admin Center (WAC) Remote Code Execution Vulnerability
Relative path traversal in Windows Admin Center allows an authorized attacker to execute code over a network...
Windows SMB Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an authorized attacker to elevate privileges over a network...
Microsoft SQL Server Information Disclosure Vulnerability
Buffer over-read in SQL Server allows an authorized attacker to disclose information over a network...
Microsoft SharePoint Elevation of Privilege Vulnerability
Missing authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network...
M365 Copilot for iOS Elevation of Privilege Vulnerability
Improper access control in Microsoft 365 Copilot for iOS allows an unauthorized attacker to elevate privileges over a network...
Microsoft SharePoint Elevation of Privilege Vulnerability
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network...
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network...
Microsoft SharePoint Server Security Feature Bypass Vulnerability
Weak authentication in Microsoft Office SharePoint allows an unauthorized attacker to bypass a security feature over a network...