Export limit exceeded: 23464 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23464 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-26131 | 2 Linux, Microsoft | 2 Linux Kernel, .net | 2026-04-01 | 7.8 High |
| Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-26127 | 4 Apple, Linux, Microsoft and 1 more | 8 Macos, Linux Kernel, .net and 5 more | 2026-04-01 | 7.5 High |
| Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-0385 | 1 Microsoft | 3 Edge, Edge Chromium, Edge For Android | 2026-04-01 | 5 Medium |
| Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability | ||||
| CVE-2026-5291 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-01 | 4.3 Medium |
| Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-5276 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-01 | 6.5 Medium |
| Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-5282 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-01 | 8.1 High |
| Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-5283 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-01 | 7.4 High |
| Inappropriate implementation in ANGLE in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-23658 | 1 Microsoft | 2 Azure Devops, Azure Devops Msazure | 2026-04-01 | 8.6 High |
| Insufficiently protected credentials in Azure DevOps allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-23659 | 1 Microsoft | 1 Azure Data Factory | 2026-04-01 | 8.6 High |
| Exposure of sensitive information to an unauthorized actor in Azure Data Factory allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-26120 | 1 Microsoft | 1 Bing | 2026-04-01 | 6.5 Medium |
| Server-side request forgery (ssrf) in Microsoft Bing allows an unauthorized attacker to perform tampering over a network. | ||||
| CVE-2026-21509 | 1 Microsoft | 7 365 Apps, Office, Office 2016 and 4 more | 2026-04-01 | 7.8 High |
| Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2026-21264 | 1 Microsoft | 2 Account, Micrososft Account | 2026-04-01 | 9.3 Critical |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Account allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-21521 | 1 Microsoft | 1 365 Word Copilot | 2026-04-01 | 7.4 High |
| Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-21227 | 1 Microsoft | 1 Azure Logic Apps | 2026-04-01 | 8.2 High |
| Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-24307 | 1 Microsoft | 1 365 Copilot | 2026-04-01 | 9.3 Critical |
| Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-24305 | 1 Microsoft | 2 Entra Id, Microsoft Entra Id | 2026-04-01 | 9.3 Critical |
| Azure Entra ID Elevation of Privilege Vulnerability | ||||
| CVE-2026-21524 | 1 Microsoft | 1 Azure Data Explorer | 2026-04-01 | 7.4 High |
| Exposure of sensitive information to an unauthorized actor in Azure Data Explorer allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-24306 | 1 Microsoft | 1 Azure Front Door | 2026-04-01 | 9.8 Critical |
| Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-24304 | 1 Microsoft | 1 Azure Resource Manager | 2026-04-01 | 9.9 Critical |
| Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-21520 | 1 Microsoft | 1 Copilot Studio | 2026-04-01 | 7.5 High |
| Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector | ||||