Search

Search Results (363521 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-47646 1 Microsoft 1 Dynamics 365 Customer Voice 2026-07-08 9.3 Critical
Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Customer Voice allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-50656 1 Microsoft 1 Malware Protection Engine 2026-07-08 7.8 High
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ".
CVE-2026-42824 1 Microsoft 2 365 Copilot, Copilot 2026-07-08 6.5 Medium
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-42985 1 Microsoft 30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more 2026-07-08 8.8 High
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-44801 1 Microsoft 30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more 2026-07-08 7.5 High
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-44808 1 Microsoft 2 Windows 11 26h1, Windows 11 26h1 2026-07-08 7.8 High
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44811 1 Microsoft 2 Windows 11 26h1, Windows 11 26h1 2026-07-08 7.8 High
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-42974 1 Microsoft 11 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 8 more 2026-07-08 8.1 High
Integer overflow or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.
CVE-2026-42973 1 Microsoft 21 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 18 more 2026-07-08 5.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-42970 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 5.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-42971 1 Microsoft 21 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 18 more 2026-07-08 5.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-42914 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 5.3 Medium
Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network.
CVE-2026-42913 1 Microsoft 13 Remote Desktop, Windows 11 23h2, Windows 11 23h2 and 10 more 2026-07-08 7.5 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42916 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 7.8 High
Integer overflow or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-42909 1 Microsoft 30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more 2026-07-08 7.5 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42907 1 Microsoft 18 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 15 more 2026-07-08 6.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.
CVE-2026-42837 1 Microsoft 18 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 15 more 2026-07-08 7.8 High
Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-50512 1 Microsoft 1 Pc Manager 2026-07-08 7.8 High
Missing authentication for critical function in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-50507 1 Microsoft 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more 2026-07-08 6.8 Medium
Missing authentication for critical function in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2026-48560 1 Microsoft 5 Sharepoint Enterprise Server 2016, Sharepoint Server, Sharepoint Server 2016 and 2 more 2026-07-08 5.4 Medium
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.