Export limit exceeded: 357011 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 357011 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5286 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-45649 | 1 Microsoft | 6 Excel, Excel For Android, Powerpoint and 3 more | 2026-06-09 | 7.1 High |
| Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally. | ||||
| CVE-2026-39169 | 2026-06-09 | 7.5 High | ||
| SEMCMS 5.0 is vulnerable to unauthorized access in SEMCMS_copy.php. | ||||
| CVE-2026-8863 | 2026-06-09 | 7.8 High | ||
| Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders. | ||||
| CVE-2026-36720 | 2026-06-09 | 8.1 High | ||
| Insecure permissions in bookcars v8.3 allows authenticated attackers to escalate privileges from user to admin via modifying their user type. | ||||
| CVE-2026-41092 | 1 Microsoft | 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more | 2026-06-09 | 7.8 High |
| Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-42829 | 1 Microsoft | 6 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 3 more | 2026-06-09 | 7.8 High |
| Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally. | ||||
| CVE-2026-47907 | 2026-06-09 | 8.2 High | ||
| Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed. | ||||
| CVE-2026-41100 | 1 Microsoft | 8 365 Copilot, 365 Copilot Android, 365 Copilot Android and 5 more | 2026-06-09 | 4.4 Medium |
| Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2026-11274 | 2 Apple, Google | 2 Iphone Os, Chrome | 2026-06-09 | 4.3 Medium |
| Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-43600 | 1 Microsoft | 1 Office | 2026-06-09 | 7.8 High |
| Microsoft Office Elevation of Privilege Vulnerability | ||||
| CVE-2024-49107 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2026-06-09 | 7.3 High |
| WmsRepair Service Elevation of Privilege Vulnerability | ||||
| CVE-2024-49105 | 1 Microsoft | 27 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 24 more | 2026-06-09 | 8.4 High |
| Remote Desktop Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49068 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-06-09 | 8.2 High |
| Microsoft SharePoint Elevation of Privilege Vulnerability | ||||
| CVE-2024-43594 | 1 Microsoft | 4 System Center, System Center 2019, System Center 2022 and 1 more | 2026-06-09 | 7.3 High |
| Microsoft System Center Elevation of Privilege Vulnerability | ||||
| CVE-2024-38204 | 1 Microsoft | 1 Azure Functions | 2026-06-09 | 7.5 High |
| Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2024-43590 | 1 Microsoft | 5 Visual C Plus Plus Redistributable Installer, Visual Studio, Visual Studio 2017 and 2 more | 2026-06-09 | 7.8 High |
| Visual C++ Redistributable Installer Elevation of Privilege Vulnerability | ||||
| CVE-2024-43456 | 1 Microsoft | 9 Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and 6 more | 2026-06-09 | 4.8 Medium |
| Windows Remote Desktop Services Tampering Vulnerability | ||||
| CVE-2024-43503 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-06-09 | 7.8 High |
| Microsoft SharePoint Elevation of Privilege Vulnerability | ||||
| CVE-2026-11277 | 2 Apple, Google | 2 Iphone Os, Chrome | 2026-06-09 | 4.3 Medium |
| Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-45658 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-06-09 | 7.8 High |
| Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | ||||