Export limit exceeded: 365573 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365573 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-50366 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 6.5 Medium |
| Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network. | ||||
| CVE-2026-50355 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more | 2026-07-14 | 7.5 High |
| Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50432 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-14 | 5.3 Medium |
| Use after free in Windows Virtual Filtering Platform (VFP) allows an authorized attacker to deny service over a network. | ||||
| CVE-2026-50411 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 7.5 High |
| Stack-based buffer overflow in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50424 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-14 | 7.5 High |
| Untrusted pointer dereference in Windows Domain Controller allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50485 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 4.5 Medium |
| Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network. | ||||
| CVE-2026-50647 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 7.5 High |
| Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-47302 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-14 | 7.5 High |
| Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50524 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-14 | 7.5 High |
| Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50525 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-14 | 7.5 High |
| Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50527 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-14 | 7.5 High |
| Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50648 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-14 | 7.5 High |
| Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50659 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-14 | 6.5 Medium |
| Improper encoding or escaping of output in .NET allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-13886 | 1 Google | 1 Chrome | 2026-07-14 | 6.5 Medium |
| Insufficient policy enforcement in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-13954 | 1 Google | 1 Chrome | 2026-07-14 | 6.5 Medium |
| Insufficient policy enforcement in XML in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-50681 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-14 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Cryptographic Services allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-15738 | 1 Amazon | 1 Aws-load-balancer-controller | 2026-07-14 | 8.5 High |
| Incorrect behavior order in the Gateway API listener-rule generation in Amazon AWS Load Balancer Controller before 3.4.2 might allow an authenticated remote user to intercept, spoof, or deny another namespace's gRPC traffic on a shared Gateway via a crafted HTTPRoute resource. To mitigate this issue, users should upgrade to version 3.4.2. | ||||
| CVE-2026-15643 | 1 Aws | 1 Awslabs.healthlake-mcp-server | 2026-07-14 | 7.3 High |
| AWS HealthLake MCP Server (awslabs.healthlake-mcp-server) is a Model Context Protocol server that enables AI assistants to interact with AWS HealthLake FHIR datastores. A server-side request forgery in the pagination handling component in AWS awslabs.healthlake-mcp-server before 0.0.14 on all platforms might allow a remote authenticated user to exfiltrate AWS temporary security credentials to an arbitrary endpoint via a crafted next_token parameter. The server does not validate that pagination URLs point back to the expected HealthLake endpoint, allowing an actor to redirect subsequent requests to an actor-controlled server. Its recommended to upgrade to version 0.0.14 or later. | ||||
| CVE-2026-56164 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-07-14 | 5.3 Medium |
| Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-56155 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more | 2026-07-14 | 7.8 High |
| Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally. | ||||