Export limit exceeded: 341193 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341193 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25210 | 1 Web-ofisi | 2 E-ticaret, Ticaret | 2026-03-29 | 8.2 High |
| WebOfisi E-Ticaret 4.0 contains an SQL injection vulnerability in the 'urun' GET parameter of the endpoint that allows unauthenticated attackers to manipulate database queries. Attackers can inject SQL payloads through the 'urun' parameter to execute boolean-based blind, error-based, time-based blind, and stacked query attacks against the backend database. | ||||
| CVE-2026-1961 | 2 Red Hat, Redhat | 5 Red Hat Satellite 6, Satellite, Satellite Capsule and 2 more | 2026-03-29 | 8 High |
| A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure. | ||||
| CVE-2026-23667 | 1 Microsoft | 14 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 11 more | 2026-03-29 | 7 High |
| Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-23669 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-29 | 8.8 High |
| Use after free in RPC Runtime allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-23671 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-03-29 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-23672 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-29 | 7.8 High |
| Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | ||||
| CVE-2026-23673 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-29 | 7.8 High |
| Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24282 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-03-29 | 5.5 Medium |
| Out-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-24283 | 1 Microsoft | 11 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 8 more | 2026-03-29 | 8.8 High |
| Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24287 | 1 Microsoft | 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more | 2026-03-29 | 7.8 High |
| External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24289 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-29 | 7.8 High |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24290 | 1 Microsoft | 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more | 2026-03-29 | 7.8 High |
| Improper access control in Windows Projected File System allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24291 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-29 | 7.8 High |
| Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24292 | 1 Microsoft | 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more | 2026-03-29 | 7.8 High |
| Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24293 | 1 Microsoft | 19 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 16 more | 2026-03-29 | 7.8 High |
| Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24294 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-29 | 7.8 High |
| Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24295 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-03-29 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24296 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-03-29 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-25165 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-29 | 7.8 High |
| Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-25167 | 1 Microsoft | 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more | 2026-03-29 | 7.4 High |
| Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. | ||||