21711 matches found
Microsoft Teams Information Disclosure Vulnerability
Improper access control in Microsoft Teams allows an unauthorized attacker to disclose information over a network...
Chromium: CVE-2026-2322 Heap buffer overflow in Codecs
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-2319 Race in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-2316 Insufficient policy enforcement in Frames
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-2314 Heap buffer overflow in Codecs
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-2441 Use after free in CSS
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2026-2441 exists in the wild...
Chromium: CVE-2026-2320 Inappropriate implementation in File input
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-2323 Inappropriate implementation in Downloads
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-2317 Inappropriate implementation in Animation
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-2318
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-2313 Use after free in CSS
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Windows Admin Center Elevation of Privilege Vulnerability
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network...
Microsoft Edge (Chromium-based) Defense in Depth Vulnerability
Under specific conditions, a malicious webpage may trigger autofill population after two consecutive taps, potentially without clear or intentional user consent. This could result in disclosure of stored autofill data such as addresses, email, or phone number metadata...
Cluster Client Failover (CCF) Elevation of Privilege Vulnerability
Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally...
Red Hat, Inc. CVE-2023-2804: Heap Based Overflow libjpeg-turbo
A heap‑based buffer overflow exists in libjpeg‑turbo’s h2v2mergedupsampleinternal function when processing 12‑bit lossless JPEG images. An attacker could craft an image containing out‑of‑range 12‑bit samples that, when decompressed with merged upsampling enabled, may trigger a segmentation fault ...
Windows HTTP.sys Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally...
Mailslot File System Elevation of Privilege Vulnerability
Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally...
Windows Storage Elevation of Privilege Vulnerability
Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally...
Microsoft Outlook Spoofing Vulnerability
Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network...
Windows Remote Access Connection Manager Denial of Service Vulnerability
Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally...
Windows Shell Security Feature Bypass Vulnerability
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...
Azure IoT Explorer Information Disclosure Vulnerability
Binding to an unrestricted ip address in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...
Azure SDK for Python Remote Code Execution Vulnerability
Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network...
Windows Remote Desktop Services Elevation of Privilege Vulnerability
Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...
Microsoft ACI Confidential Containers Information Disclosure Vulnerability
Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally...
Windows Subsystem for Linux Elevation of Privilege Vulnerability
Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
Windows Hyper-V Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally...
Microsoft Excel Elevation of Privilege Vulnerability
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally...
Windows NTLM Spoofing Vulnerability
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally...
GitHub Copilot and Visual Studio Remote Code Execution Vulnerability
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...
Windows Hyper-V Security Feature Bypass Vulnerability
Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally...
GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network...
Microsoft Excel Information Disclosure Vulnerability
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
GitHub Copilot for Jetbrains Remote Code Execution Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...
Azure HDInsight Spoofing Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Azure HDInsights allows an authorized attacker to perform spoofing over a network...
Microsoft Word Security Feature Bypass Vulnerability
Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally...
Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability
Improper control of generation of code 'code injection' in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network...
Microsoft Exchange Server Spoofing Vulnerability
User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...
MSHTML Framework Security Feature Bypass Vulnerability
Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network...
Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...
Power BI Remote Code Execution Vulnerability
Improper input validation in Power BI allows an authorized attacker to execute code over a network...
GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability
Time-of-check time-of-use toctou race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network...
.NET Spoofing Vulnerability
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network...
Windows Graphics Component Elevation of Privilege Vulnerability
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...
Windows Graphics Component Elevation of Privilege Vulnerability
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...
Windows Hyper-V Remote Code Execution Vulnerability
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally...
Microsoft Outlook Spoofing Vulnerability
Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network...
Microsoft Excel Information Disclosure Vulnerability
Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...