Search Results (87074 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-50682 1 Microsoft 7 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 4 more 2026-07-16 7.1 High
Out-of-bounds read in Windows Active Directory allows an authorized attacker to deny service over a network.
CVE-2026-50647 1 Microsoft 14 .net, Windows 10 1607, Windows 10 1809 and 11 more 2026-07-16 7.5 High
Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.
CVE-2026-56086 1 Dell 1 Powerprotect Data Domain 2026-07-16 8.8 High
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access.
CVE-2026-50411 1 Microsoft 14 .net, Windows 10 1607, Windows 10 1809 and 11 more 2026-07-16 7.5 High
Stack-based buffer overflow in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.
CVE-2026-50355 1 Microsoft 9 .net, Windows 10 1607, Windows 10 1809 and 6 more 2026-07-16 7.5 High
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.
CVE-2026-50368 1 Microsoft 9 .net, Windows 10 1607, Windows 10 1809 and 6 more 2026-07-16 7.5 High
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.
CVE-2026-50304 1 Microsoft 9 .net, Windows 10 1607, Windows 10 1809 and 6 more 2026-07-16 7.5 High
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.
CVE-2026-50653 1 Microsoft 2 .net, Azure Active Directory 2026-07-16 7.5 High
Loop with unreachable exit condition ('infinite loop') in Azure Active Directory allows an unauthorized attacker to deny service over a network.
CVE-2026-50652 1 Microsoft 2 .net, Azure Active Directory 2026-07-16 7.5 High
Deserialization of untrusted data in Azure Active Directory allows an unauthorized attacker to deny service over a network.
CVE-2026-10706 1 Adalo No-code App Builder 1 App Builder 2026-07-16 7.5 High
In Adalo’s no-code app builder, (Versions 1 and 2) the attackers may extract full user records and correlate user behavior across multiple applications via dbId enumeration. The platform does not implement data minimization, privacy by design, or implement appropriate technical safeguards, allowing sensitive information to be exposed to unauthorized parties.
CVE-2026-15129 1 Google 1 Chrome 2026-07-16 8.8 High
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-15133 1 Google 1 Chrome 2026-07-16 8.8 High
Use after free in InterestGroups in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15111 1 Google 1 Chrome 2026-07-16 7.5 High
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15118 1 Google 1 Chrome 2026-07-16 8.8 High
Use after free in Input in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15120 1 Google 1 Chrome 2026-07-16 8.3 High
Use after free in Core in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15121 1 Google 1 Chrome 2026-07-16 8.8 High
Use after free in WebRTC in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15126 1 Google 1 Chrome 2026-07-16 8.8 High
Use after free in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15107 1 Google 1 Chrome 2026-07-16 8.8 High
Use after free in IndexedDB in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-51924 1 Docuform 1 Client 2026-07-16 8.1 High
An issue in docuForm GmbH Client v.11.11c allows a remote attacker to execute arbitrary code via the file upload and report.php component
CVE-2026-51925 1 Docuform 1 Client 2026-07-16 8.1 High
A Local File Inclusion (LFI) vulnerability exists in docuForm GmbH Client v.11.11c that allows a remote attacker to execute arbitrary code via the dfm-menu_report.php component. Attackers can exploit this flaw to read arbitrary files on the server, including sensitive configuration files, source code or system files.