1604 matches found
Apache Tomcat Tribes EncryptInterceptor Bypass - Remote Code Execution
Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. id: CVE-2026-34486 info: name: Apache Tomcat Tribes EncryptInterceptor Bypass - Remote...
CVE-2026-55019
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
CVE-2026-50497
Off-by-one error in Windows Remote Desktop Protocol allows an unauthorized attacker to disclose information over a network...
CVE-2026-50370
CVE-2026-50370 is a heap-based buffer overflow in the Windows DHCP Server service that could allow an unauthenticated attacker on an adjacent network to execute code. The vulnerability is listed among the July 2026 Patch Tuesday disclosures and is included in Microsoft’s security updates (KB50995...
CVE-2026-50306
CVE-2026-50306 is a Windows TCP/IP use-after-free vulnerability that allows an authorized, local attacker to elevate privileges. Affected component is the Windows TCP/IP stack; impact is local privilege escalation with high severity (CVSS 3.1: 7.8). Microsoft has released updates (KB5095051, KB50...
CVE-2026-49181
The CVE-2026-49181 entry describes an Integer underflow in the Windows DHCP Client that can allow an unauthorized attacker to elevate privileges over a network. Affected component: Windows DHCP Client (network stack on Windows). Root cause: wrap/underflow in the DHCP client handling. Impact: priv...
CVE-2026-50663
CVE-2026-50663 affects Age of Empires II: Definitive Edition. The vulnerability is a relative path traversal in the game that could allow an unauthorized attacker to execute code over the network. The current documents specify the impact as remote code execution with high severity (CVSS 3.1: AV:N...
Windows Event Logging Service Remote Code Execution Vulnerability
Insufficient granularity of access control in Windows Event Logging Service allows an authorized attacker to execute code over a network...
Windows Network Policy Server SNMP Information Disclosure Vulnerability
Out-of-bounds read in Windows Network Policy Server SNMP allows an unauthorized attacker to disclose information over a network...
PT-2026-58698
Name of the Vulnerable Software and Affected Versions .NET versions prior to 8.0.29 .NET versions prior to 9.0.18 .NET versions prior to 10.0.10 Description Improper verification of cryptographic signatures allows an unauthenticated attacker to remotely bypass security protections over a network...
PT-2026-60293
Name of the Vulnerable Software and Affected Versions Zoom Workplace for Windows versions prior to 7.0.0 Description An issue allows unauthenticated account takeover over the network. Recommendations Update Zoom Workplace for Windows to version 7.0.0...
CVE-2026-58525
Improper access control in Microsoft Edge Chromium-based allows an unauthorized attacker to bypass a security feature over a network...
Juniper Junos OS Vulnerability (JSA110082)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA110082 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX with SPC3 and SRX Series allo...
389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow
An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...
CVE-2026-25268
The CVE-2026-25268 issue is a stack-based buffer overflow in WLAN Host caused by memory corruption when processing invalid HT40 channel layouts during dynamic channel switching. Affects WLAN Host with a Local attack vector, requiring Low privileges and no user interaction, and with a changed scop...
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Improper authorization in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
Security Updates for Windows App Client for Windows Desktop (June 2026)
The Windows app installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. CVE-2026-42908 - Heap-based buffer overflow in Remote Deskt...
EUVD-2026-41395
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device...