Export limit exceeded: 366368 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366368 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-14116 | 1 Google | 1 Chrome | 2026-07-15 | 4.3 Medium |
| Insufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14120 | 1 Google | 1 Chrome | 2026-07-15 | 9.6 Critical |
| Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14122 | 1 Google | 1 Chrome | 2026-07-15 | 8.1 High |
| Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-55012 | 1 Microsoft | 1 Malware Protection Engine | 2026-07-15 | 7.8 High |
| Integer overflow or wraparound in Microsoft Defender allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-49170 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-07-15 | 7.8 High |
| Insufficient granularity of access control in Windows StateRepository API allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-49171 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-15 | 7.5 High |
| Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-58531 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 7.5 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-50444 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more | 2026-07-15 | 8.8 High |
| Missing authentication for critical function in Windows Server Update Service allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-50694 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 8.1 High |
| Use after free in Windows Secure Socket Tunneling Protocol (SSTP) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-50392 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-15 | 7 High |
| Use after free in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50373 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-07-15 | 7.8 High |
| Improper access control in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-54982 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 8.8 High |
| Integer underflow (wrap or wraparound) in Reliable Multicast Transport Driver (RMCAST) allows an unauthorized attacker to execute code over an adjacent network. | ||||
| CVE-2026-50372 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 7 High |
| Buffer over-read in Windows Redirected Drive Buffering allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50363 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-07-15 | 7.8 High |
| Heap-based buffer overflow in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-44800 | 1 Microsoft | 5 Windows 11 23h2, Windows 11 24h2, Windows 11 25h2 and 2 more | 2026-07-15 | 7.8 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50469 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-07-15 | 7.8 High |
| Improper link resolution before file access ('link following') in Windows Projected File System allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-55004 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 7.8 High |
| Double free in Microsoft Printer Drivers allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-48334 | 2026-07-15 | 9.3 Critical | ||
| Illustrator is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed. | ||||
| CVE-2026-48275 | 2026-07-15 | 8.6 High | ||
| Illustrator is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed. | ||||
| CVE-2026-48337 | 2026-07-15 | 7.8 High | ||
| Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||