206304 matches found
CVE-2026-47288
Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network...
CVE-2026-47652
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...
CVE-2026-45654
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-45658
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
CVE-2026-45656
Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally...
CVE-2026-45648
Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network...
CVE-2026-45645
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-45771
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, FreeSWITCH's bundled XML parser expands nested declarations without a depth or count boun...
CVE-2026-45657
Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network...
CVE-2026-45649
Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally...
CVE-2026-45641
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...
CVE-2026-45640
Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-47281
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-45644
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Live Share Canvas SDK allows an authorized attacker to elevate privileges over a network...
CVE-2026-45643
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2026-45653
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-45639
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network...
CVE-2026-46492
md-fileserver allows for local viewing of markdown files in a browser. Prior to version 1.10.3, a cross-site scripting XSS vulnerability exists in the application’s Markdown rendering logic. When user-supplied Markdown content is rendered, embedded raw HTML—including...
CVE-2026-45637
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
CVE-2026-45605
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally...
CVE-2026-45601
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-45603
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-45598
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-45602
No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network...
CVE-2026-45638
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-45635
Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...
CVE-2026-45588
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-45592
Integer overflow or wraparound in Windows Internet wininet.dll allows an authorized attacker to elevate privileges locally...
CVE-2026-45600
Access of resource using incompatible type 'type confusion' in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...
CVE-2026-45599
Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...
CVE-2026-45636
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally...
CVE-2026-45586
Improper link resolution before file access 'link following' in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileges locally...
CVE-2026-45593
Use after free in Windows SDK allows an authorized attacker to elevate privileges locally...
CVE-2026-45597
Concurrent execution using shared resource with improper synchronization 'race condition' in UI Automation Manager uiamanager.dll allows an authorized attacker to elevate privileges locally...
CVE-2026-45607
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally...
CVE-2026-45596
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-45487
Time-of-check time-of-use TOCTOU race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally...
CVE-2026-45503
Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...
CVE-2026-45583
Improper control of generation of code 'code injection' in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network...
CVE-2026-45484
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network...
CVE-2026-45481
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
CVE-2026-45471
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2026-45486
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2026-45474
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-45461
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-45504
Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network...
CVE-2026-45457
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2026-45463
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2026-45476
Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-45469
Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...