Export limit exceeded: 25560 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25560 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-55020 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-07-16 | 4.6 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-50408 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-50666 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-07-16 | 8.8 High |
| Use after free in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-50497 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-16 | 6.5 Medium |
| Off-by-one error in Windows Remote Desktop Protocol allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-50491 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-16 | 7 High |
| Out-of-bounds read in Code Integrity DLL (ci.dll) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50420 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-16 | 6.2 Medium |
| Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-50389 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-16 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-50465 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-16 | 7.1 High |
| Improper access control in Microsoft Windows DNS allows an authorized attacker to perform tampering locally. | ||||
| CVE-2026-55053 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-55039 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 7.8 High |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-50675 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-54988 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 6.1 Medium |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-55124 | 1 Microsoft | 11 365 Apps, Office 2019, Office 2021 and 8 more | 2026-07-16 | 5.5 Medium |
| Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-55051 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-07-16 | 6.5 Medium |
| Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network. | ||||
| CVE-2026-55138 | 1 Microsoft | 10 365 Apps, Excel 2016, Microsoft Office 365 For Mac and 7 more | 2026-07-16 | 5.5 Medium |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-54124 | 1 Microsoft | 8 Terminal, Windows 10 21h2, Windows 10 22h2 and 5 more | 2026-07-16 | 7.8 High |
| Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-55899 | 1 Microsoft | 14 365 Apps, Excel 2016, Microsoft Office 365 For Mac and 11 more | 2026-07-16 | 7.8 High |
| Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-55947 | 1 Microsoft | 13 365 Apps, Excel 2016, Microsoft Office Ltsc 2021 and 10 more | 2026-07-16 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-69624 | 3 Gonitro, Microsoft, Nitro | 3 Nitro Pdf Pro, Windows, Pdf Pro | 2026-07-16 | 7.5 High |
| Nitro PDF Pro before 14.43 for Windows contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert(). When app.alert() is called with more than one argument and the first argument evaluates to null (for example, app.alert(app.activeDocs, true) when app.activeDocs is null), the engine routes the call through a fallback path intended for non-string arguments. In this path, js_ValueToString() is invoked on the null value and returns an invalid string pointer, which is then passed to JS_GetStringChars() without validation. Dereferencing this pointer leads to an access violation and application crash when opening a crafted PDF. For example, 14.41.1.4 and 14.42.0.34 have been reported as vulnerable. | ||||
| CVE-2026-55025 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 7.8 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||