Export limit exceeded: 367102 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (367102 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56437 | 1 Fujielectric | 1 Pupsman | 2026-07-16 | N/A |
| Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege. | ||||
| CVE-2026-57895 | 1 Fujielectric | 1 Pupsman | 2026-07-16 | N/A |
| Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege | ||||
| CVE-2026-57239 | 1 Foxitsoftware | 2 Foxit Pdf Editor, Foxit Reader | 2026-07-16 | 8.2 High |
| The user-controllable executable files will be directly executed by high-privilege processes, allowing low-privilege users to have the opportunity to elevate their privileges to NT AUTHORITY\SYSTEM. | ||||
| CVE-2026-62826 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-07-16 | 4.6 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-55137 | 1 Microsoft | 14 365 Apps, Excel 2016, Microsoft Office 365 For Mac and 11 more | 2026-07-16 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-50682 | 1 Microsoft | 7 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 4 more | 2026-07-16 | 7.1 High |
| Out-of-bounds read in Windows Active Directory allows an authorized attacker to deny service over a network. | ||||
| CVE-2026-50647 | 1 Microsoft | 14 .net, Windows 10 1607, Windows 10 1809 and 11 more | 2026-07-16 | 7.5 High |
| Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50528 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-16 | 8.2 High |
| Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-56086 | 1 Dell | 1 Powerprotect Data Domain | 2026-07-16 | 8.8 High |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. | ||||
| CVE-2026-53480 | 1 Dell | 1 Powerprotect Data Domain | 2026-07-16 | 2.7 Low |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory ('path traversal') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized file modification. | ||||
| CVE-2026-50411 | 1 Microsoft | 14 .net, Windows 10 1607, Windows 10 1809 and 11 more | 2026-07-16 | 7.5 High |
| Stack-based buffer overflow in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50355 | 1 Microsoft | 9 .net, Windows 10 1607, Windows 10 1809 and 6 more | 2026-07-16 | 7.5 High |
| Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50324 | 1 Microsoft | 8 .net, Windows 10 1607, Windows 10 1809 and 5 more | 2026-07-16 | 5.9 Medium |
| Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50368 | 1 Microsoft | 9 .net, Windows 10 1607, Windows 10 1809 and 6 more | 2026-07-16 | 7.5 High |
| Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50304 | 1 Microsoft | 9 .net, Windows 10 1607, Windows 10 1809 and 6 more | 2026-07-16 | 7.5 High |
| Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-58643 | 1 Microsoft | 1 Windows Admin Center | 2026-07-16 | 6.1 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-50653 | 1 Microsoft | 2 .net, Azure Active Directory | 2026-07-16 | 7.5 High |
| Loop with unreachable exit condition ('infinite loop') in Azure Active Directory allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50652 | 1 Microsoft | 2 .net, Azure Active Directory | 2026-07-16 | 7.5 High |
| Deserialization of untrusted data in Azure Active Directory allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-10706 | 1 Adalo No-code App Builder | 1 App Builder | 2026-07-16 | 7.5 High |
| In Adalo’s no-code app builder, (Versions 1 and 2) the attackers may extract full user records and correlate user behavior across multiple applications via dbId enumeration. The platform does not implement data minimization, privacy by design, or implement appropriate technical safeguards, allowing sensitive information to be exposed to unauthorized parties. | ||||
| CVE-2026-15044 | 1 Redhat | 1 Openshift Ai | 2026-07-16 | 6.3 Medium |
| A flaw was found in the TrustyAI Service Operator. When deploying services like gorch or NemoGuardrails, if a specific security setting is not enabled, these services can expose their communication channels without requiring users to prove their identity. This allows any other program within the cluster to access the AI guardrails and orchestrator without proper authorization. An attacker could exploit this to gain unauthorized access to sensitive information and potentially make limited changes to the AI models. | ||||