60782 matches found
CVE-2026-40402
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally...
CVE-2026-40401
Windows TCP/IP Denial of Service Vulnerability...
CVE-2026-40398
Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...
CVE-2026-40397
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-40382
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally...
CVE-2026-40370
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network...
CVE-2026-40369
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-40367
Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2026-40365
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
CVE-2026-40362
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-40361
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-40358
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-40359
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-40357
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
CVE-2026-34336
Buffer over-read in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
CVE-2026-42899
Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network...
CVE-2026-42898
Improper control of generation of code 'code injection' in Microsoft Dynamics 365 on-premises allows an authorized attacker to execute code over a network...
CVE-2026-42896
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
CVE-2026-42891
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-42825
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally...
CVE-2026-41107
External control of file name or path in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...
CVE-2026-42831
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-32175
A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the...
CVE-2026-32185
Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally...
CVE-2026-41612
Relative path traversal in Visual Studio Code allows an unauthorized attacker to disclose information locally...
CVE-2026-41614
Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally...
CVE-2026-41611
Improper neutralization of script-related html tags in a web page basic xss in Visual Studio Code allows an unauthorized attacker to execute code locally...
CVE-2026-41109
Improper neutralization of special elements in output used by a downstream component 'injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-41610
Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-41102
Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally...
CVE-2026-41101
Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally...
CVE-2026-41100
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally...
CVE-2026-41096
Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network...
CVE-2026-41095
Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally...
CVE-2026-41089
Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...
CVE-2026-41094
Improper control of generation of code 'code injection' in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network...
CVE-2026-41088
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-40421
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally...
CVE-2026-40419
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally...
CVE-2026-40417
Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally...
CVE-2026-40415
Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network...
CVE-2026-40414
Windows TCP/IP Denial of Service Vulnerability...
CVE-2026-40410
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...
CVE-2026-40408
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...
CVE-2026-40406
Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network...
CVE-2026-40407
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-40405
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network...
CVE-2026-40399
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...
CVE-2026-40380
Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack...
CVE-2026-40374
Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network...