412099 matches found
EUVD-2026-35697
Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network...
EUVD-2026-35698
Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...
EUVD-2026-35696
Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally...
EUVD-2026-35694
User interface ui misrepresentation of critical information in Microsoft Bing allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-35695
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
EUVD-2026-35692
Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network...
EUVD-2026-35693
Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally...
EUVD-2026-35691
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2026-35689
Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack...
EUVD-2026-35690
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
EUVD-2026-35684
Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally...
EUVD-2026-35687
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...
EUVD-2026-35688
Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally...
EUVD-2026-35685
Out-of-bounds read in Microsoft UxTheme Library uxtheme.dll allows an authorized attacker to deny service locally...
EUVD-2026-35686
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...
EUVD-2026-35682
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally...
EUVD-2026-35683
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network...
EUVD-2026-35681
Improper control of generation of code 'code injection' in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network...
EUVD-2026-35680
Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network...
EUVD-2026-35514
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
EUVD-2026-35677
Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to perform spoofing over a network...
EUVD-2026-35676
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-35678
Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...
EUVD-2026-35674
Improper authorization in .NET allows an authorized attacker to elevate privileges locally...
EUVD-2026-35673
Time-of-check time-of-use TOCTOU race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally...
EUVD-2026-35654
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network...
EUVD-2026-35653
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...
EUVD-2026-35652
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
EUVD-2026-35679
Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...
EUVD-2026-35672
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally...
EUVD-2026-35671
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2026-35651
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
EUVD-2026-35650
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2026-35649
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
EUVD-2026-35645
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
EUVD-2026-35647
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2026-35648
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2026-35644
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
EUVD-2026-35646
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-35490
Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's...
EUVD-2026-35491
Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS7 or S/MIME signed...
EUVD-2026-35489
Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV...
EUVD-2026-35540
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
EUVD-2026-35539
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network...
EUVD-2026-35538
Improper limitation of a pathname to a restricted directory 'path traversal' in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
EUVD-2026-35537
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network...
EUVD-2026-35669
Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2026-35667
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
EUVD-2026-35670
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...
EUVD-2026-35668
Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...