Search

Search Results (364285 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-50512 1 Microsoft 1 Pc Manager 2026-07-08 7.8 High
Missing authentication for critical function in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-50507 1 Microsoft 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more 2026-07-08 6.8 Medium
Missing authentication for critical function in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2026-48560 1 Microsoft 5 Sharepoint Enterprise Server 2016, Sharepoint Server, Sharepoint Server 2016 and 2 more 2026-07-08 5.4 Medium
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-47634 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2019, Sharepoint Server Subscription Edition 2026-07-08 7.3 High
Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-47281 1 Microsoft 1 Visual Studio Code 2026-07-08 9.6 Critical
Missing authorization in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-45658 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 7.8 High
Improper access control in Windows BitLocker allows an authorized attacker to bypass a security feature locally.
CVE-2026-45654 1 Microsoft 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more 2026-07-08 7.9 High
Improper access control in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVE-2026-45653 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 7 High
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-45608 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 6.8 Medium
Out-of-bounds read in Windows DHCP Client allows an unauthorized attacker to disclose information locally.
CVE-2026-45603 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-45635 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 8.1 High
Access of resource using incompatible type ('type confusion') in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.
CVE-2026-45598 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-45601 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-45482 1 Microsoft 1 Visual Studio Code Copilot Chat Extension 2026-07-08 8.4 High
Improper limitation of a pathname to a restricted directory ('path traversal') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-45465 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-07-08 5.4 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-45464 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-07-08 5.4 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-45463 1 Microsoft 9 365 Apps, Office, Office 2016 and 6 more 2026-07-08 8.4 High
Integer underflow (wrap or wraparound) in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45457 1 Microsoft 7 365 Apps, Microsoft 365, Office 2021 and 4 more 2026-07-08 7.8 High
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-45455 1 Microsoft 10 365 Apps, Excel 2016, Microsoft 365 Apps For Enterprise and 7 more 2026-07-08 3.3 Low
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-33113 1 Microsoft 5 Sharepoint Enterprise Server 2016, Sharepoint Server, Sharepoint Server 2016 and 2 more 2026-07-08 5.4 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.