Search

Search Results (365026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-56648 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 7.5 High
Time-of-check time-of-use (toctou) race condition in Windows Network File System allows an authorized attacker to elevate privileges over a network.
CVE-2026-56649 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 5.9 Medium
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Network File System allows an unauthorized attacker to execute code over a network.
CVE-2026-54117 1 Microsoft 1 Sql Server 2025 2026-07-14 8.8 High
Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network.
CVE-2026-55011 1 Microsoft 1 Malware Protection Engine 2026-07-14 7.8 High
Integer underflow (wrap or wraparound) in Microsoft Defender allows an unauthorized attacker to execute code locally.
CVE-2026-57087 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-14 8.8 High
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network.
CVE-2026-57093 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 7 High
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-54132 1 Microsoft 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more 2026-07-14 6.8 Medium
Heap-based buffer overflow in Windows Kernel allows an unauthorized attacker to elevate privileges with a physical attack.
CVE-2026-57108 1 Microsoft 1 .net 2026-07-14 7.5 High
Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-50520 1 Microsoft 1 Visual Studio Code 2026-07-14 8.4 High
Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code allows an unauthorized attacker to execute code locally.
CVE-2026-55944 1 Microsoft 1 Dynamics Nav 2018 2026-07-14 9.8 Critical
Deserialization of untrusted data in Microsoft Dynamics NAV allows an unauthorized attacker to execute code over a network.
CVE-2026-14404 1 Google 1 Chrome 2026-07-14 6.5 Medium
Inappropriate implementation in PDFium in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted PDF file. (Chromium security severity: Medium)
CVE-2026-14415 1 Google 1 Chrome 2026-07-14 8.8 High
Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14401 1 Google 1 Chrome 2026-07-14 8.3 High
Insufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14411 1 Google 1 Chrome 2026-07-14 9.6 Critical
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14428 1 Google 1 Chrome 2026-07-14 8.3 High
Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14389 1 Google 1 Chrome 2026-07-14 8.3 High
Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-14422 1 Google 1 Chrome 2026-07-14 8.8 High
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14395 1 Google 1 Chrome 2026-07-14 8.8 High
Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14413 1 Google 1 Chrome 2026-07-14 8.3 High
Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14421 1 Google 1 Chrome 2026-07-14 6.5 Medium
Uninitialized Use in Dawn in Google Chrome on ChromeOS prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)