Search Results (86795 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-58544 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-14 7 High
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-58532 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 7.8 High
Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-55024 1 Microsoft 8 365 Apps, Excel 2016, Office 2019 and 5 more 2026-07-14 7.8 High
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-58538 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-14 7.8 High
Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
CVE-2026-58527 1 Microsoft 5 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 2 more 2026-07-14 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally.
CVE-2026-50692 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-14 8.8 High
Heap-based buffer overflow in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-24240 1 Nvidia 1 Megatron-bridge 2026-07-14 7.8 High
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.
CVE-2026-24242 1 Nvidia 1 Megatron-bridge 2026-07-14 7.8 High
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure.
CVE-2026-24246 1 Nvidia 1 Megatron-bridge 2026-07-14 7.8 High
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.
CVE-2026-24248 1 Nvidia 1 Megatron-bridge 2026-07-14 7.8 High
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.
CVE-2026-24251 1 Nvidia 1 Megatron-bridge 2026-07-14 7.8 High
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.
CVE-2026-50685 1 Microsoft 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more 2026-07-14 7.5 High
Double free in Windows DHCP Server allows an authorized attacker to execute code over a network.
CVE-2026-50679 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-14 7.8 High
Heap-based buffer overflow in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
CVE-2026-58277 1 Microsoft 2 Sharepoint Server 2016, Sharepoint Server 2019 2026-07-14 8.8 High
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
CVE-2026-50670 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-14 8.8 High
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-57968 1 Microsoft 1 Windows Subsystem For Linux 2026-07-14 7.8 High
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
CVE-2026-56196 1 Microsoft 1 Windows Admin Center 2026-07-14 8.8 High
Relative path traversal in Windows Admin Center allows an authorized attacker to execute code over a network.
CVE-2026-50359 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 7 High
Use after free in Microsoft XML Core Services allows an authorized attacker to elevate privileges locally.
CVE-2026-55120 1 Microsoft 8 365 Apps, Office 2019, Office 2021 and 5 more 2026-07-14 7.8 High
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2026-34965 2 Agentejo, Cockpit-hq 2 Cockpit, Cockpit 2026-07-14 8.8 High
Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/save_collection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. Attackers can inject malicious PHP code through rule parameters which is written directly to server-side PHP files and executed via include() to achieve arbitrary command execution on the underlying server.