Search

Search Results (366361 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-50488 1 Microsoft 3 Windows 11 24h2, Windows 11 25h2, Windows Server 2025 2026-07-15 7.8 High
Improper neutralization of special elements used in a command ('command injection') in Windows Clipboard User Service allows an authorized attacker to elevate privileges locally.
CVE-2026-50380 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 9.6 Critical
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
CVE-2026-50510 1 Microsoft 1 Gihub Copilot Plugin For Jetbrains Ides 2026-07-15 7.8 High
Improper restriction of names for files and other resources in Github Copilot allows an unauthorized attacker to execute code locally.
CVE-2026-49790 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 7.3 High
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2026-54999 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 8.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over an adjacent network.
CVE-2026-48561 1 Microsoft 4 365 Copilot Android, 365 Copilot Android, 365 Copilot Ios and 1 more 2026-07-15 9.6 Critical
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to execute code over a network.
CVE-2026-50307 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-15 7 High
Use after free in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
CVE-2026-57973 1 Microsoft 1 Windows Subsystem For Linux 2026-07-15 6.3 Medium
Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally.
CVE-2026-50336 1 Microsoft 3 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 2026-07-15 7.8 High
Heap-based buffer overflow in Windows Media allows an authorized attacker to elevate privileges locally.
CVE-2026-50379 1 Microsoft 3 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 2026-07-15 7.5 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Media allows an authorized attacker to elevate privileges over a network.
CVE-2026-50414 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-15 7.5 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Media allows an authorized attacker to elevate privileges over a network.
CVE-2026-50433 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 7.8 High
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.
CVE-2026-50676 1 Microsoft 3 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 2026-07-15 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Media allows an authorized attacker to elevate privileges locally.
CVE-2026-50327 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-15 7.8 High
Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.
CVE-2026-58542 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-15 7.8 High
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.
CVE-2026-14039 1 Google 1 Chrome 2026-07-15 4.3 Medium
Insufficient policy enforcement in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14054 1 Google 1 Chrome 2026-07-15 4.3 Medium
Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14058 1 Google 1 Chrome 2026-07-15 4.3 Medium
Insufficient policy enforcement in Parser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14059 1 Google 1 Chrome 2026-07-15 6.5 Medium
Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14066 1 Google 1 Chrome 2026-07-15 4.3 Medium
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)