Export limit exceeded: 366887 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366887 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366887 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-50695 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 7.5 High
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.
CVE-2026-50696 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-14 7.5 High
Heap-based buffer overflow in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.
CVE-2026-54119 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 7.5 High
Loop with unreachable exit condition ('infinite loop') in Windows Active Directory allows an unauthorized attacker to deny service over a network.
CVE-2026-44806 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 5.3 Medium
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.
CVE-2026-50366 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 6.5 Medium
Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network.
CVE-2026-50432 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-14 5.3 Medium
Use after free in Windows Virtual Filtering Platform (VFP) allows an authorized attacker to deny service over a network.
CVE-2026-50424 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-14 7.5 High
Untrusted pointer dereference in Windows Domain Controller allows an unauthorized attacker to deny service over a network.
CVE-2026-50485 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 4.5 Medium
Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
CVE-2026-47302 1 Microsoft 3 .net, Visual Studio 2022, Visual Studio 2026 2026-07-14 7.5 High
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.
CVE-2026-50524 1 Microsoft 3 .net, Visual Studio 2022, Visual Studio 2026 2026-07-14 7.5 High
Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-50525 1 Microsoft 3 .net, Visual Studio 2022, Visual Studio 2026 2026-07-14 7.5 High
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.
CVE-2026-50527 1 Microsoft 3 .net, Visual Studio 2022, Visual Studio 2026 2026-07-14 7.5 High
Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-50648 1 Microsoft 3 .net, Visual Studio 2022, Visual Studio 2026 2026-07-14 7.5 High
Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-50659 1 Microsoft 3 .net, Visual Studio 2022, Visual Studio 2026 2026-07-14 6.5 Medium
Improper encoding or escaping of output in .NET allows an authorized attacker to perform spoofing over a network.
CVE-2026-13886 1 Google 1 Chrome 2026-07-14 6.5 Medium
Insufficient policy enforcement in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13954 1 Google 1 Chrome 2026-07-14 6.5 Medium
Insufficient policy enforcement in XML in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-50681 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-14 5.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows Cryptographic Services allows an authorized attacker to disclose information locally.
CVE-2026-34690 3 Adobe, Apple, Microsoft 3 After Effects, Macos, Windows 2026-07-14 7.8 High
After Effects is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-15643 1 Aws 1 Awslabs.healthlake-mcp-server 2026-07-14 7.3 High
AWS HealthLake MCP Server (awslabs.healthlake-mcp-server) is a Model Context Protocol server that enables AI assistants to interact with AWS HealthLake FHIR datastores. A server-side request forgery in the pagination handling component in AWS awslabs.healthlake-mcp-server before 0.0.14 on all platforms might allow a remote authenticated user to exfiltrate AWS temporary security credentials to an arbitrary endpoint via a crafted next_token parameter. The server does not validate that pagination URLs point back to the expected HealthLake endpoint, allowing an actor to redirect subsequent requests to an actor-controlled server. Its recommended to upgrade to version 0.0.14 or later.
CVE-2026-45224 1 Openclaw 1 Crabbox 2026-07-14 7.1 High
Crabbox before 0.9.0 contains a path traversal vulnerability in the Islo provider's workspace path resolution that allows attackers to supply absolute or relative paths that resolve outside the intended /workspace directory. Attackers can craft a malicious .crabbox.yaml or crabbox.yaml file with traversal sequences to cause arbitrary file deletion and overwrite when sync.delete is enabled, as the workspace preparation logic executes rm -rf and mkdir -p operations on the resolved path without proper validation.