50 matches found
CVE-2026-54118
Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network...
CVE-2026-48561
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to execute code over a network...
CVE-2026-58287
Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
CVE-2026-57984
Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
CVE-2026-57974
Integer overflow or wraparound in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
EUVD-2026-41571
Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
PT-2026-54783
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based versions prior to 149.0.4022.98 Description A use-after-free issue exists in Microsoft Edge Chromium-based. This flaw allows an authorized attacker to execute arbitrary code over a network. Use-after-free is a...
CVE-2026-45497
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an authorized attacker to execute code over a network...
CVE-2026-40412
Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network...
SUSE-SU-2026:21836-1 Security update for cups
This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...
SUSE-SU-2026:21871-1 Security update for cups
This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...
CVE-2026-33844
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...
CVE-2026-33120
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network...
CVE-2026-25172
Integer overflow or wraparound in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...
CVE-2026-25173
Integer overflow or wraparound in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...
CVE-2026-26111
Integer overflow or wraparound in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...
KB5078885: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (March 2026)
The remote Windows host is missing security update 5078885. It is, therefore, affected by multiple vulnerabilities - Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. CVE-2026-23667 - Use after free in Windows Print Spooler Components allows an authorize...
Azure SDK for Python Remote Code Execution Vulnerability
Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network...
CVE-2026-20854
Use after free in Windows Local Security Authority Subsystem Service LSASS allows an authorized attacker to execute code over a network...
CVE-2026-20854
CVE-2026-20854 is a Windows Local Security Authority Subsystem Service (LSASS) use-after-free vulnerability that would allow an authenticated attacker to execute code remotely over the network. The primary public details come from Microsoft update guidance and vulnerability trackers, which identi...