Search Results (12618 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-46150 1 Linux 1 Linux Kernel 2026-06-09 7.1 High
In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotify_get_mark_safe() may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the current group.
CVE-2026-41100 1 Microsoft 8 365 Copilot, 365 Copilot Android, 365 Copilot Android and 5 more 2026-06-09 4.4 Medium
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally.
CVE-2026-11235 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-09 8.8 High
Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11236 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-09 8.3 High
Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11274 2 Apple, Google 2 Iphone Os, Chrome 2026-06-09 4.3 Medium
Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2024-49076 1 Microsoft 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more 2026-06-09 7.8 High
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
CVE-2024-43600 1 Microsoft 1 Office 2026-06-09 7.8 High
Microsoft Office Elevation of Privilege Vulnerability
CVE-2024-49107 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2026-06-09 7.3 High
WmsRepair Service Elevation of Privilege Vulnerability
CVE-2024-49105 1 Microsoft 27 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 24 more 2026-06-09 8.4 High
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-49068 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 8.2 High
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2024-43594 1 Microsoft 4 System Center, System Center 2019, System Center 2022 and 1 more 2026-06-09 7.3 High
Microsoft System Center Elevation of Privilege Vulnerability
CVE-2024-38204 1 Microsoft 1 Azure Functions 2026-06-09 7.5 High
Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network.
CVE-2024-43590 1 Microsoft 5 Visual C Plus Plus Redistributable Installer, Visual Studio, Visual Studio 2017 and 2 more 2026-06-09 7.8 High
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
CVE-2024-43456 1 Microsoft 9 Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and 6 more 2026-06-09 4.8 Medium
Windows Remote Desktop Services Tampering Vulnerability
CVE-2024-38124 1 Microsoft 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more 2026-06-09 9 Critical
Windows Netlogon Elevation of Privilege Vulnerability
CVE-2024-38129 1 Microsoft 2 Windows Server 2022 23h2, Windows Server 23h2 2026-06-09 7.5 High
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38139 1 Microsoft 1 Dataverse 2026-06-09 8.7 High
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
CVE-2024-43503 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-06-09 7.8 High
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2026-11277 2 Apple, Google 2 Iphone Os, Chrome 2026-06-09 4.3 Medium
Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11336 1 Tittuvarghese 1 Collegemanagementsystem 2026-06-09 6.3 Medium
A vulnerability has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected is an unknown function of the file dashboard_page/admin_page.php of the component Admin Interface. The manipulation of the argument UserAuthData leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.