Export limit exceeded: 24859 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24859 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-45604 | 1 Microsoft | 10 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 7 more | 2026-06-10 | 5.5 Medium |
| Out-of-bounds read in Windows Application Identity (AppID) Subsystem allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-11195 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-10 | 6.5 Medium |
| Inappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11194 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-10 | 6.5 Medium |
| Inappropriate implementation in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-42835 | 1 Microsoft | 1 Teams | 2026-06-10 | 8.1 High |
| Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Teams for Android allows an authorized attacker to disclose information over a network. | ||||
| CVE-2026-11182 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-10 | 6.5 Medium |
| Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11005 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-06-10 | 5.3 Medium |
| Out of bounds read in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-47636 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-06-10 | 5.4 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-45491 | 1 Microsoft | 1 .net | 2026-06-10 | 6.2 Medium |
| Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally. | ||||
| CVE-2026-45643 | 1 Microsoft | 12 365 Apps, Microsoft 365 Apps For Enterprise, Microsoft Office 365 For Mac and 9 more | 2026-06-10 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-47292 | 1 Microsoft | 1 Visual Studio Code Mssql Extension | 2026-06-10 | 7.8 High |
| Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-44822 | 1 Microsoft | 10 365 Apps, Excel 2016, Microsoft Office 365 For Mac and 7 more | 2026-06-10 | 8.2 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-45476 | 1 Microsoft | 2 Linux Kernel - Microsoft Mana Network Driver, Linux Kernel Mana Network Driver | 2026-06-10 | 8.2 High |
| Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-48565 | 1 Microsoft | 1 Windows Narrator Braille | 2026-06-10 | 7.8 High |
| Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45474 | 1 Microsoft | 10 365 Apps, Office, Office 2016 and 7 more | 2026-06-10 | 8.4 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45466 | 1 Microsoft | 8 365 Apps, Microsoft 365 Apps For Enterprise, Office 2021 and 5 more | 2026-06-10 | 3.3 Low |
| Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-45487 | 1 Microsoft | 15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more | 2026-06-10 | 7.8 High |
| Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45490 | 1 Microsoft | 1 .net | 2026-06-10 | 7.8 High |
| Improper authorization in .NET allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45503 | 1 Microsoft | 7 Exchange Server 2016, Exchange Server 2019, Exchange Server Se and 4 more | 2026-06-10 | 8.1 High |
| Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network. | ||||
| CVE-2026-45605 | 1 Microsoft | 21 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 18 more | 2026-06-10 | 7.8 High |
| Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45640 | 1 Microsoft | 15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more | 2026-06-10 | 7 High |
| Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally. | ||||