Export limit exceeded: 75757 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75757 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-40899 | 1 Nozomi Networks | 2 Cmc, Guardian | 2026-04-15 | 8.9 High |
| A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter. An authenticated user with custom fields privileges can define a malicious custom field containing a JavaScript payload. When the victim views the Assets or Nodes pages, the XSS executes in their browser context, allowing the attacker to perform unauthorized actions as the victim, such as modify application data, disrupt application availability, and access limited sensitive information. | ||||
| CVE-2024-33618 | 2026-04-15 | 7.5 High | ||
| Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface. | ||||
| CVE-2026-0827 | 1 Lenovo | 2 Diagnostics, Vantage | 2026-04-15 | 7.1 High |
| During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantage that, during installation or when using hardware scan, could allow a local authenticated user to perform an arbitrary file write with elevated privileges. | ||||
| CVE-2026-23666 | 1 Microsoft | 1 .net | 2026-04-15 | 7.5 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-4145 | 1 Lenovo | 1 Software Fix | 2026-04-15 | 7.8 High |
| During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges. | ||||
| CVE-2026-32178 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2026-04-15 | 7.5 High |
| Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-33096 | 1 Microsoft | 7 Windows 11 23h2, Windows 11 24h2, Windows 11 25h2 and 4 more | 2026-04-15 | 7.5 High |
| Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-26180 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-04-15 | 7.8 High |
| Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-32157 | 1 Microsoft | 17 Remote Desktop, Windows 10 1607, Windows 10 1809 and 14 more | 2026-04-15 | 8.8 High |
| Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-32073 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-04-15 | 7 High |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-27921 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-04-15 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-5121 | 2 Libarchive, Redhat | 6 Libarchive, Enterprise Linux, Hardened Images and 3 more | 2026-04-15 | 7.5 High |
| A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system. | ||||
| CVE-2026-27917 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-04-15 | 7 High |
| Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-27929 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-04-15 | 7 High |
| Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-32089 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-04-15 | 7.8 High |
| Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-32195 | 1 Microsoft | 1 Windows 11 26h1 | 2026-04-15 | 7 High |
| Stack-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-32221 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-04-15 | 8.4 High |
| Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-32224 | 1 Microsoft | 1 Windows 11 26h1 | 2026-04-15 | 7 High |
| Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-33098 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-04-15 | 7.8 High |
| Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-33825 | 1 Microsoft | 1 Microsoft Defender | 2026-04-15 | 7.8 High |
| Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally. | ||||