Lucene search
K
RedhatcveRecent

206304 matches found

RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-42829

Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally...

7.8CVSS5.4AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•8 views

CVE-2026-42837

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•10 views

CVE-2026-42828

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-41092

Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•8 views

CVE-2026-41098

Improper neutralization of input during web page generation 'cross-site scripting' in Azure Stack Edge allows an authorized attacker to perform spoofing over a network...

8.4CVSS5.4AI score0.00814EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•8 views

CVE-2026-41108

Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally...

7CVSS5.7AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•8 views

CVE-2026-42835

Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Teams for Android allows an authorized attacker to disclose information over a network...

8.1CVSS5.4AI score0.01259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•13 views

CVE-2026-34710

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.1AI score0.00144EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•13 views

CVE-2026-42908

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.4AI score0.0087EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•11 views

CVE-2026-40371

Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.4AI score0.0063EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•10 views

CVE-2026-34700

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.1AI score0.00139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•7 views

CVE-2026-40404

Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...

7.8CVSS5.4AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•10 views

CVE-2026-34709

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.1AI score0.00138EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•11 views

CVE-2026-34696

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•11 views

CVE-2026-40376

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

8.1CVSS5.5AI score0.00671EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-33828

Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.0031EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•8 views

CVE-2026-32193

Improper limitation of a pathname to a restricted directory 'path traversal' in Microsoft Azure Kubernetes Service allows an authorized attacker to execute code locally...

8.8CVSS5.7AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•11 views

CVE-2026-34707

InCopy versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00178EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•10 views

CVE-2026-34702

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-34697

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•12 views

CVE-2026-34701

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•11 views

CVE-2026-24181

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS5.5AI score0.00139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•10 views

CVE-2026-34699

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-26142

Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a network...

9.8CVSS5.7AI score0.01914EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•12 views

CVE-2026-40409

Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...

7.8CVSS5.4AI score0.00298EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-34708

InCopy versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•13 views

CVE-2026-34706

InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.1AI score0.00139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•12 views

CVE-2026-34698

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•12 views

CVE-2026-34695

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•8 views

CVE-2026-34691

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when th...

9.3CVSS5.4AI score0.00243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•8 views

CVE-2026-34693

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's...

8CVSS5.5AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•8 views

CVE-2026-34335

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7CVSS5.4AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-0412

Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...

6.8CVSS5.4AI score0.00153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-0409

A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices...

7.5CVSS5.5AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•8 views

CVE-2026-0414

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS5.4AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-22926

Omnissa Workspace ONEĀ® Assist for macOS contains a Local Privilege Escalation Vulnerability...

7.8CVSS5.4AI score0.00132EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•11 views

CVE-2026-24180

NVIDIA DALI contains a vulnerability in a component where an attacker could cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS6AI score0.00154EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•10 views

CVE-2026-0416

An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...

6.8CVSS5.4AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•6 views

CVE-2026-0415

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS5.4AI score0.00229EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•7 views

CVE-2026-0410

Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality...

5.7CVSS5.4AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•6 views

CVE-2026-0417

Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity...

6.8CVSS5.4AI score0.00229EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•10 views

CVE-2026-0411

An information disclosure vulnerability in the NETGEAR Orbi satellites RBR/RBE/RBS Series could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not...

8CVSS5.5AI score0.00278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-0413

A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS5.8AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/10 7:49 p.m.•10 views

CVE-2026-6893

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6.1AI score0.01131EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/10 6:12 p.m.•8 views

CVE-2026-11701

An insufficient validation of untrusted input flaw was found in the Guest View component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516413817...

5.4CVSS5.4AI score0.00178EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/10 6:12 p.m.•7 views

CVE-2026-11700

An use after free flaw was found in the Tracing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=511732085...

9CVSS5.4AI score0.00179EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/10 6:11 p.m.•6 views

CVE-2026-11699

An use after free flaw was found in the Bluetooth component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518237527...

8.8CVSS5.4AI score0.00203EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/10 6:11 p.m.•7 views

CVE-2026-11698

An use after free flaw was found in the Bluetooth component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518235412...

8.8CVSS5.4AI score0.00203EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/10 6:11 p.m.•7 views

CVE-2026-11697

An insufficient validation of untrusted input flaw was found in the UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518105731...

9.6CVSS5.4AI score0.00203EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/10 6:11 p.m.•7 views

CVE-2026-11696

An uninitialized use flaw was found in the Video component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517993381...

6.5CVSS5.4AI score0.00193EPSS
Exploits0References5
Total number of security vulnerabilities206304