Export limit exceeded: 365388 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365388 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-47994 | 2026-07-14 | 8.7 High | ||
| Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field, potentially gaining elevated access or control over the victim's account or session. Scope is changed. | ||||
| CVE-2026-55121 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-07-14 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-56181 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-14 | 8.3 High |
| Origin validation error in Windows Network Address Translation (NAT) allows an unauthorized attacker to perform spoofing over an adjacent network. | ||||
| CVE-2026-57102 | 1 Microsoft | 1 Visual Studio Code | 2026-07-14 | 8.8 High |
| Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-57101 | 1 Microsoft | 1 Visual Studio Code | 2026-07-14 | 7.1 High |
| Improper neutralization of input during web page generation ('cross-site scripting') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2026-57092 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 9.9 Critical |
| Use after free in Windows VMSwitch allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-57085 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 5.5 Medium |
| Out-of-bounds read in Windows Print Spooler Components allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-57091 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-14 | 7.8 High |
| Stack-based buffer overflow in Windows File History Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-57084 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 5.5 Medium |
| Use of uninitialized resource in Windows File Explorer allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-56647 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-07-14 | 8.8 High |
| Integer overflow or wraparound in Windows Remote Access Service Infrastructure allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-56644 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-14 | 7.8 High |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-56189 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 7.8 High |
| Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-56182 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 7.8 High |
| Integer overflow or wraparound in Windows NTFS allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-56168 | 1 Microsoft | 7 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 4 more | 2026-07-14 | 6.5 Medium |
| Null pointer dereference in Windows SMB Server allows an authorized attacker to deny service over a network. | ||||
| CVE-2026-56159 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more | 2026-07-14 | 9.8 Critical |
| Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-55130 | 1 Microsoft | 8 365 Apps, Office 2019, Office 2021 and 5 more | 2026-07-14 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-55040 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-07-14 | 9.1 Critical |
| Weak authentication in Microsoft Office SharePoint allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-55053 | 1 Microsoft | 8 365 Apps, Excel 2016, Office 2019 and 5 more | 2026-07-14 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-55136 | 1 Microsoft | 8 365 Apps, Excel 2016, Office 2019 and 5 more | 2026-07-14 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-55127 | 1 Microsoft | 11 365 Apps, Office 2019, Office 2021 and 8 more | 2026-07-14 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||