CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4907 matches found

MediaTek Chipsets Security Vulnerabilities

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities. These vulnerabilities stem from insufficient boundary checking in the geniezone component, leading to out-of-bound writes. This can result in an increase in...

6.7CVSS5.8AI score0.00012EPSS

Exploits0References1

RedhatCVE•added 2026/05/26 2:12 p.m.•9 views

CVE-2026-23663

Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...

7.5CVSS5.8AI score0.00097EPSS

Exploits0References1

CNNVD•added 2026/05/25 12:0 a.m.•4 views

Admidio 跨站请求伪造漏洞

Admidio is an open source member management system from the Admidio team. The system supports member lists, event management, guestbooks, photo albums, and downloads. A cross-site request forgery vulnerability exists in Admidio version 3.3.5, which stems from cross-site request forgery and could...

6.9CVSS5.7AI score0.00017EPSS

Exploits0References4

NVD•added 2026/05/22 11:16 p.m.•28 views

CVE-2026-42901

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...

10CVSS0.00043EPSS

Exploits0References1

NVD•added 2026/05/22 11:16 p.m.•8 views

CVE-2026-35430

Authorization bypass through user-controlled key in Azure Privileged Identity Management PIM allows an authorized attacker to elevate privileges over a network...

8.8CVSS0.00071EPSS

Exploits0References1

NVD•added 2026/05/22 11:16 p.m.•8 views

CVE-2026-23663

Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...

7.5CVSS0.00097EPSS

Exploits0References1

ATTACKERKB•added 2026/05/22 10:4 p.m.•4 views

CVE-2026-23663

Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...

7.5CVSS5.8AI score0.00097EPSS

Exploits0References2

EUVD•added 2026/05/22 10:4 p.m.•5 views

EUVD-2026-31522

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.8AI score0.00043EPSS

Exploits0References1

Positive Technologies•added 2026/05/22 12:0 a.m.•12 views

PT-2026-42839

Name of the Vulnerable Software and Affected Versions Azure Entra ID affected versions not specified Description Improper privilege management allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that...

7.5CVSS5.8AI score0.00097EPSS

Exploits0References5

Positive Technologies•added 2026/05/22 12:0 a.m.•8 views

PT-2026-42849

Name of the Vulnerable Software and Affected Versions Microsoft Entra ID affected versions not specified Description An origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about ...

10CVSS5.8AI score0.00043EPSS

Exploits0References8

Microsoft CVE•added 2026/05/21 2:0 p.m.•9 views

Microsoft Entra ID Elevation of Privilege Vulnerability

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.8AI score0.00043EPSS

Exploits0

NVD•added 2026/05/18 6:17 p.m.•7 views

CVE-2026-42822

Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network...

10CVSS0.00093EPSS

Exploits0References1

EUVD•added 2026/05/18 5:3 p.m.•9 views

EUVD-2026-30787

Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.8AI score0.00093EPSS

Exploits0References1

Microsoft CVE•added 2026/05/18 2:0 p.m.•9 views

Azure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability

Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.8AI score0.00093EPSS

Exploits0

CNNVD•added 2026/05/16 12:0 a.m.•4 views

Kite 代码问题漏洞

Kite is an AI code development tool developed by the Kite company in the United States. Version Kite 4.2.0.1 U1 contains a code vulnerability. This vulnerability stems from an unresolved service path in the KiteService Windows service, which may allow local attackers to gain elevated privileges b...

8.5CVSS5.9AI score0.00013EPSS

Exploits0References1

ATTACKERKB•added 2026/05/14 4:8 p.m.•3 views

CVE-2026-20209

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive...

5.4CVSS5.8AI score0.00033EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2026/05/14 12:0 a.m.•7 views

Security Updates for Microsoft Windows Admin Center (May 2026)

The Microsoft Windows Admin Center installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network. CVE-2026-35438 - Improper access...

8.8CVSS5.8AI score0.00071EPSS

Exploits0References4

RedhatCVE•added 2026/05/13 8:22 p.m.•3 views

CVE-2026-41086

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.00071EPSS

Exploits0References1

RedhatCVE•added 2026/05/13 8:22 p.m.•4 views

CVE-2026-40407

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS6AI score0.00049EPSS

Exploits0References1