Export limit exceeded: 356981 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (356981 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-36778 | 2026-06-09 | N/A | ||
| Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the username parameter of the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36801 | 2026-06-09 | N/A | ||
| Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindRule parameter of the formIPMacBindAdd function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36796 | 2026-06-09 | N/A | ||
| Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a stack overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2020-17103 | 1 Microsoft | 9 Windows 10, Windows 10 1809, Windows 11 23h2 and 6 more | 2026-06-09 | 7 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2026-35433 | 1 Microsoft | 1 .net | 2026-06-09 | 7.3 High |
| Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-21530 | 1 Microsoft | 35 365 Apps, Office 2016, Office 2019 and 32 more | 2026-06-09 | 6.7 Medium |
| Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-47287 | 1 Microsoft | 1 Visual Studio Code | 2026-06-09 | 6.5 Medium |
| Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network. | ||||
| CVE-2026-47637 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-06-09 | 4.6 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-47648 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-06-09 | 7 High |
| Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-48576 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-06-09 | 7.9 High |
| Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | ||||
| CVE-2026-50508 | 1 Microsoft | 7 Windows 10 1607, Windows 11 22h2, Windows Server 2004 and 4 more | 2026-06-09 | 6.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-45464 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-06-09 | 5.4 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-45586 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-06-09 | 7.8 High |
| Improper link resolution before file access ('link following') in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-0419 | 1 Netgear | 1 Jr6150 | 2026-06-09 | N/A |
| Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are planned. NETGEAR strongly recommends replacing these devices with newer NETGEAR models to ensure continued security support and updates. This vulnerability has been identified through firmware emulation in a controlled research environment and has not been verified on production hardware. | ||||
| CVE-2026-47948 | 2026-06-09 | 5.4 Medium | ||
| Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed. | ||||
| CVE-2026-47970 | 2026-06-09 | 5.4 Medium | ||
| Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed. | ||||
| CVE-2026-45595 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-06-09 | 5.4 Medium |
| Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-47942 | 2026-06-09 | 5.4 Medium | ||
| Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed. | ||||
| CVE-2026-45636 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-06-09 | 7.8 High |
| Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45600 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-06-09 | 7.8 High |
| Access of resource using incompatible type ('type confusion') in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | ||||