Export limit exceeded: 25566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25566 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-58636 | 1 Microsoft | 1 Pc Manager | 2026-07-14 | 7.8 High |
| Improper link resolution before file access ('link following') in Window PC Manager allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-58609 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 7.8 High |
| Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-58601 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-07-14 | 7.8 High |
| Heap-based buffer overflow in Virtual Hard Disk (VHD) Miniport Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-58279 | 1 Microsoft | 1 Azure Cyclecloud | 2026-07-14 | 6.5 Medium |
| Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-56193 | 1 Microsoft | 8 365 Apps, Office 2016, Office 2019 and 5 more | 2026-07-14 | 7.1 High |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-55948 | 1 Microsoft | 8 365 Apps, Excel 2016, Office 2019 and 5 more | 2026-07-14 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-58629 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-07-14 | 7 High |
| Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-55057 | 1 Microsoft | 8 365 Apps, Office 2016, Office 2019 and 5 more | 2026-07-14 | 5.5 Medium |
| Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-55027 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-07-14 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-50426 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more | 2026-07-14 | 6.8 Medium |
| Relative path traversal in DNS Server allows an authorized attacker to execute code over an adjacent network. | ||||
| CVE-2026-58596 | 1 Microsoft | 1 Edge Chromium | 2026-07-13 | 8.3 High |
| Untrusted pointer dereference in Microsoft Edge (Chromium-based) allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-58281 | 1 Microsoft | 1 Edge Chromium | 2026-07-13 | 8.3 High |
| Deserialization of untrusted data in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-45489 | 1 Microsoft | 1 Edge Chromium | 2026-07-12 | 6.5 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2026-47646 | 1 Microsoft | 1 Dynamics 365 Customer Voice | 2026-07-09 | 9.3 Critical |
| Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Customer Voice allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-58525 | 1 Microsoft | 1 Edge Chromium | 2026-07-09 | 8.2 High |
| Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-50656 | 1 Microsoft | 1 Malware Protection Engine | 2026-07-08 | 7.8 High |
| Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". | ||||
| CVE-2026-42824 | 1 Microsoft | 2 365 Copilot, Copilot | 2026-07-08 | 6.5 Medium |
| Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-42985 | 1 Microsoft | 30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more | 2026-07-08 | 8.8 High |
| Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-44801 | 1 Microsoft | 30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more | 2026-07-08 | 7.5 High |
| Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-44808 | 1 Microsoft | 2 Windows 11 26h1, Windows 11 26h1 | 2026-07-08 | 7.8 High |
| Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | ||||