Search Results (86795 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-58640 1 Microsoft 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more 2026-07-14 7.3 High
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.
CVE-2026-55133 1 Microsoft 4 365 Apps, Office 365, Office Macos 2021 and 1 more 2026-07-14 7.8 High
Heap-based buffer overflow in Microsoft Office OneNote allows an unauthorized attacker to execute code locally.
CVE-2026-56648 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 7.5 High
Time-of-check time-of-use (toctou) race condition in Windows Network File System allows an authorized attacker to elevate privileges over a network.
CVE-2026-54117 1 Microsoft 1 Sql Server 2025 2026-07-14 8.8 High
Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network.
CVE-2026-55011 1 Microsoft 1 Malware Protection Engine 2026-07-14 7.8 High
Integer underflow (wrap or wraparound) in Microsoft Defender allows an unauthorized attacker to execute code locally.
CVE-2026-57087 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-14 8.8 High
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network.
CVE-2026-57093 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 7 High
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-57108 1 Microsoft 1 .net 2026-07-14 7.5 High
Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-50520 1 Microsoft 1 Visual Studio Code 2026-07-14 8.4 High
Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code allows an unauthorized attacker to execute code locally.
CVE-2026-14415 1 Google 1 Chrome 2026-07-14 8.8 High
Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14401 1 Google 1 Chrome 2026-07-14 8.3 High
Insufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14428 1 Google 1 Chrome 2026-07-14 8.3 High
Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14389 1 Google 1 Chrome 2026-07-14 8.3 High
Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-14422 1 Google 1 Chrome 2026-07-14 8.8 High
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14395 1 Google 1 Chrome 2026-07-14 8.8 High
Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14413 1 Google 1 Chrome 2026-07-14 8.3 High
Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-54992 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 8.4 High
Heap-based buffer overflow in Windows Message Queuing Queue Manager allows an unauthorized attacker to execute code locally.
CVE-2026-54122 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 8.4 High
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code locally.
CVE-2026-49166 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-14 7.8 High
Use after free in Microsoft Printer Drivers allows an authorized attacker to elevate privileges locally.
CVE-2026-55006 1 Microsoft 3 Exchange Server 2016, Exchange Server 2019, Exchange Server Se 2026-07-14 7.8 High
Insufficient granularity of access control in Microsoft Exchange Server allows an authorized attacker to elevate privileges locally.