Export limit exceeded: 366888 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366888 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-50688 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 7.8 High |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50674 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-15 | 7 High |
| Use after free in Windows USB Print Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50340 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-15 | 8.5 High |
| Use after free in Windows Runtime allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-50385 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-15 | 8.8 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-54125 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-07-15 | 7.8 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50501 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-15 | 7.8 High |
| Stack-based buffer overflow in Windows Resilient File System (ReFS) allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-55021 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-07-15 | 7.3 High |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-54121 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more | 2026-07-15 | 8.8 High |
| Improper authorization in Active Directory Certificate Services (AD CS) allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-55033 | 1 Microsoft | 11 365 Apps, Office 2019, Office 2021 and 8 more | 2026-07-15 | 7.8 High |
| Integer overflow or wraparound in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-50354 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-15 | 7.1 High |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50669 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-55045 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-07-15 | 8.4 High |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-50678 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-15 | 6.6 Medium |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-21051 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-07-15 | N/A |
| Incorrect default permissions in WLAN security prior to SMR Jul-2026 Release 1 allows local attackers to configure TencentWifiSecurity settings. | ||||
| CVE-2026-15028 | 1 Redhat | 3 Enterprise Linux, Hummingbird, Openshift | 2026-07-15 | 3.9 Low |
| A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation could lead to a denial of service, making the system unavailable, or potentially allow for arbitrary code execution, giving the attacker control over the affected system. | ||||
| CVE-2026-50468 | 1 Microsoft | 3 Microsoft Sql Server 2025 (cu 2), Microsoft Sql Server 2025 For X64-based Systems (gdr), Sql Server 2025 | 2026-07-15 | 6.5 Medium |
| Buffer over-read in SQL Server allows an authorized attacker to disclose information over a network. | ||||
| CVE-2026-59793 | 1 Jetbrains | 1 Teamcity | 2026-07-15 | 8.8 High |
| In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration | ||||
| CVE-2019-25695 | 1 R-project | 1 R | 2026-07-15 | 8.4 High |
| R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the payload is pasted into the Language for menus and messages field. | ||||
| CVE-2023-7345 | 1 Ledger | 2 Hw-app-eth, Ledger Live | 2026-07-15 | 6.5 Medium |
| Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data messages by exploiting incorrect hexadecimal field parsing when values contain an odd number of characters. Attackers can obtain signatures on truncated or misinterpreted message values to authorize unintended blockchain transactions, such as asset transfers at incorrect amounts. | ||||
| CVE-2023-7338 | 2 Commscope, Ruckusnetworks | 58 Ruckus C110, Ruckus E510, Ruckus H320 and 55 more | 2026-07-15 | 7.5 High |
| Ruckus Unleashed contains a remote code execution vulnerability in the web-based management interface that allows authenticated remote attackers to execute arbitrary code on the system when gateway mode is enabled. Attackers can exploit this vulnerability by sending specially crafted requests through the management interface to achieve arbitrary code execution on affected systems. | ||||