Export limit exceeded: 365452 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365452 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-50333 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-14 | 7.8 High |
| Missing authentication for critical function in Windows Spaceport.sys allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50308 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 7.8 High |
| Integer underflow (wrap or wraparound) in Windows NTFS allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-49800 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-07-14 | 7.8 High |
| Integer overflow or wraparound in Windows Web Proxy Auto-Discovery Protocol (WPAD) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-49794 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 4.6 Medium |
| Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an unauthorized attacker to disclose information with a physical attack. | ||||
| CVE-2026-49788 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-14 | 7.5 High |
| Allocation of resources without limits or throttling in HTTP/2 allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-49181 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more | 2026-07-14 | 7.5 High |
| Integer underflow (wrap or wraparound) in Windows DHCP Client allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-54988 | 1 Microsoft | 8 365 Apps, Excel 2016, Office 2019 and 5 more | 2026-07-14 | 6.1 Medium |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-40378 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-07-14 | 7.5 High |
| Memory allocation with excessive size value in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-58636 | 1 Microsoft | 1 Pc Manager | 2026-07-14 | 7.8 High |
| Improper link resolution before file access ('link following') in Window PC Manager allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-58609 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 7.8 High |
| Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-58601 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-07-14 | 7.8 High |
| Heap-based buffer overflow in Virtual Hard Disk (VHD) Miniport Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-58279 | 1 Microsoft | 1 Azure Cyclecloud | 2026-07-14 | 6.5 Medium |
| Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-56193 | 1 Microsoft | 8 365 Apps, Office 2016, Office 2019 and 5 more | 2026-07-14 | 7.1 High |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-55948 | 1 Microsoft | 8 365 Apps, Excel 2016, Office 2019 and 5 more | 2026-07-14 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-62656 | 2026-07-14 | N/A | ||
| A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted requests to the router and run unauthorized commands. This could enable the user to make unauthorized changes to the router and affect its security and operation. | ||||
| CVE-2026-62657 | 2026-07-14 | N/A | ||
| A security flaw in the router's certificate validation process was discovered in the NETGEAR XR1000 Gaming Router and certain Nighthawk models that could allow an unauthorized person to remotely access and take control of the device. | ||||
| CVE-2026-62658 | 2026-07-14 | N/A | ||
| A security flaw was discovered in certain NETGEAR Nighthawk RAX series routers that could allow someone already logged in to the device to run unauthorized commands or code on the router. | ||||
| CVE-2026-14394 | 1 Google | 1 Chrome | 2026-07-14 | 8.8 High |
| Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-59199 | 1 Python-pillow | 1 Pillow | 2026-07-14 | 7.5 High |
| Pillow is a Python imaging library. Prior to 12.3.0, Pillow public image coordinate APIs can trigger a native heap out-of-bounds write when given coordinates near the signed 32-bit integer limits in Image.paste(), Image.crop(), or Image.alpha_composite(). This issue is fixed in version 12.3.0. | ||||
| CVE-2026-62641 | 1 Roundcube | 1 Webmail | 2026-07-14 | 4.3 Medium |
| In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, the TNEF decoder was subject to denial of service via a crafted compressed-RTF size. | ||||