Export limit exceeded: 12138 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (12138 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39169 | 1 Sem-cms | 1 Semcms | 2026-06-10 | 7.5 High |
| SEMCMS 5.0 is vulnerable to unauthorized access in SEMCMS_copy.php. | ||||
| CVE-2026-45649 | 1 Microsoft | 6 Excel, Excel For Android, Powerpoint and 3 more | 2026-06-10 | 7.1 High |
| Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally. | ||||
| CVE-2026-49161 | 1 Microsoft | 1 Pc Manager | 2026-06-10 | 7.8 High |
| Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally. | ||||
| CVE-2026-40371 | 1 Microsoft | 2 Dynamics 365, Dynamics 365 Server | 2026-06-10 | 8.8 High |
| Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-46150 | 1 Linux | 1 Linux Kernel | 2026-06-09 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotify_get_mark_safe() may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the current group. | ||||
| CVE-2026-41100 | 1 Microsoft | 8 365 Copilot, 365 Copilot Android, 365 Copilot Android and 5 more | 2026-06-09 | 4.4 Medium |
| Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2026-11235 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-09 | 8.8 High |
| Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-11236 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-09 | 8.3 High |
| Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-11274 | 2 Apple, Google | 2 Iphone Os, Chrome | 2026-06-09 | 4.3 Medium |
| Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-49076 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-06-09 | 7.8 High |
| Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | ||||
| CVE-2024-43600 | 1 Microsoft | 1 Office | 2026-06-09 | 7.8 High |
| Microsoft Office Elevation of Privilege Vulnerability | ||||
| CVE-2024-49107 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2026-06-09 | 7.3 High |
| WmsRepair Service Elevation of Privilege Vulnerability | ||||
| CVE-2024-49105 | 1 Microsoft | 27 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 24 more | 2026-06-09 | 8.4 High |
| Remote Desktop Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49068 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-06-09 | 8.2 High |
| Microsoft SharePoint Elevation of Privilege Vulnerability | ||||
| CVE-2024-43594 | 1 Microsoft | 4 System Center, System Center 2019, System Center 2022 and 1 more | 2026-06-09 | 7.3 High |
| Microsoft System Center Elevation of Privilege Vulnerability | ||||
| CVE-2026-24858 | 2 Fortinet, Siemens | 8 Fortianalyzer, Fortimanager, Fortinac-f and 5 more | 2026-06-09 | 9.4 Critical |
| An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiNAC-F 7.6.3 through 7.6.5, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2.0 through 7.2.15, FortiProxy 7.0.0 through 7.0.22, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices. | ||||
| CVE-2024-38204 | 1 Microsoft | 1 Azure Functions | 2026-06-09 | 7.5 High |
| Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2024-43590 | 1 Microsoft | 5 Visual C Plus Plus Redistributable Installer, Visual Studio, Visual Studio 2017 and 2 more | 2026-06-09 | 7.8 High |
| Visual C++ Redistributable Installer Elevation of Privilege Vulnerability | ||||
| CVE-2024-43456 | 1 Microsoft | 9 Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and 6 more | 2026-06-09 | 4.8 Medium |
| Windows Remote Desktop Services Tampering Vulnerability | ||||
| CVE-2024-38124 | 1 Microsoft | 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more | 2026-06-09 | 9 Critical |
| Windows Netlogon Elevation of Privilege Vulnerability | ||||