Search Results (7792 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0574 1 Microsoft 4 Exchange Server, Windows 2000, Windows Nt and 1 more 2026-04-16 N/A
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
CVE-2006-3074 2 Kaspersky, Microsoft 4 Kaspersky Anti-virus, Kaspersky Internet Security, Windows and 1 more 2026-04-16 N/A
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.
CVE-2006-0005 1 Microsoft 7 Windows-nt, Windows 2000, Windows 2000 Advanced Server and 4 more 2026-04-16 N/A
Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.
CVE-2006-2373 1 Microsoft 3 Windows 2000, Windows Server 2003, Windows Xp 2026-04-16 N/A
The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."
CVE-2026-21235 1 Microsoft 21 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 18 more 2026-04-15 7.3 High
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2026-21248 1 Microsoft 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more 2026-04-15 7.3 High
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
CVE-2026-21247 1 Microsoft 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more 2026-04-15 7.3 High
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.
CVE-2026-21246 1 Microsoft 28 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 25 more 2026-04-15 7.8 High
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2026-21242 1 Microsoft 19 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 16 more 2026-04-15 7 High
Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
CVE-2026-21234 1 Microsoft 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more 2026-04-15 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
CVE-2026-21236 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-04-15 7.8 High
Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-21510 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-04-15 8.8 High
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-21508 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-04-15 7 High
Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally.
CVE-2026-21255 1 Microsoft 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more 2026-04-15 8.8 High
Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally.
CVE-2026-21253 1 Microsoft 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more 2026-04-15 7 High
Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally.
CVE-2026-21251 1 Microsoft 10 Windows Server 2016, Windows Server 2016 (server Core Installation), Windows Server 2019 and 7 more 2026-04-15 7.8 High
Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.
CVE-2026-21250 1 Microsoft 11 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 8 more 2026-04-15 7.8 High
Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.
CVE-2026-21249 1 Microsoft 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more 2026-04-15 3.3 Low
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally.
CVE-2026-21245 1 Microsoft 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more 2026-04-15 7.8 High
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-21244 1 Microsoft 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more 2026-04-15 7.3 High
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.