Export limit exceeded: 365026 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365026 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365026 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-42975 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-14 | 8 High |
| Heap-based buffer overflow in Windows Bluetooth Port Driver allows an unauthorized attacker to execute code over an adjacent network. | ||||
| CVE-2026-34349 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-07-14 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Media allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-47296 | 1 Microsoft | 5 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 2 more | 2026-07-14 | 7.8 High |
| Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45305 | 2026-07-14 | N/A | ||
| Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser::cleanup() used regular expressions with overlapping quantifiers for YAML directive, comment, and document marker cleanup, allowing crafted input to make parsing hang for an arbitrarily long time. This issue is fixed in versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12. | ||||
| CVE-2026-45304 | 2026-07-14 | N/A | ||
| Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, Symfony\Component\Yaml\Parser resolved YAML collection aliases recursively, allowing a small untrusted YAML input to expand into a multi-gigabyte structure and exhaust memory. This issue is fixed in versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12. | ||||
| CVE-2026-45069 | 2026-07-14 | N/A | ||
| Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 6.4.40, 7.4.12, and 8.0.12, OidcTokenHandler::verifyClaims() registered audience (aud), issuer (iss), and expiry (exp) checkers but did not pass the mandatory claims list to ClaimCheckerManager::check(), so a validly signed JWT that omitted those claims could pass verification. This issue is fixed in versions 6.4.40, 7.4.12, and 8.0.12. | ||||
| CVE-2026-47304 | 1 Microsoft | 2 Visual Studio 2022, Visual Studio 2026 | 2026-07-14 | 8.1 High |
| Improper verification of cryptographic signature in .NET allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-47303 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-14 | 8.8 High |
| Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-47302 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-14 | 7.5 High |
| Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-47305 | 1 Microsoft | 2 Visual Studio 2022, Visual Studio 2026 | 2026-07-14 | 7.8 High |
| Protection mechanism failure in Visual Studio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-47301 | 1 Microsoft | 3 Configuration Manager 2503, Configuration Manager 2509, Configuration Manager 2603 | 2026-07-14 | 8.8 High |
| Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-50692 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-14 | 8.8 High |
| Heap-based buffer overflow in Desktop Window Manager allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-23350 | 2026-07-14 | 9 Critical | ||
| NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device. | ||||
| CVE-2025-23351 | 2026-07-14 | 9 Critical | ||
| NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device. | ||||
| CVE-2026-24240 | 1 Nvidia | 1 Megatron-bridge | 2026-07-14 | 7.8 High |
| NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure. | ||||
| CVE-2026-24242 | 1 Nvidia | 1 Megatron-bridge | 2026-07-14 | 7.8 High |
| NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure. | ||||
| CVE-2026-24246 | 1 Nvidia | 1 Megatron-bridge | 2026-07-14 | 7.8 High |
| NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure. | ||||
| CVE-2026-24248 | 1 Nvidia | 1 Megatron-bridge | 2026-07-14 | 7.8 High |
| NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure. | ||||
| CVE-2026-24251 | 1 Nvidia | 1 Megatron-bridge | 2026-07-14 | 7.8 High |
| NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure. | ||||
| CVE-2026-4017 | 1 Blackberry | 3 Qnx Os For Medical, Qnx Os For Safety, Qnx Software Development Platform | 2026-07-14 | 7.4 High |
| Buffer Overflow in the entry handler of the TraceEvent() system call could allow an attacker with local access to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel. | ||||