Export limit exceeded: 337346 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337346 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-26148 | 1 Microsoft | 1 Azure Ad Ssh Login Extension For Linux | 2026-03-10 | 8.1 High |
| External initialization of trusted variables or data stores in Azure Entra ID allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-26122 | 1 Microsoft | 1 Microsoft Aci Confidential Containers | 2026-03-10 | 6.5 Medium |
| Initialization of a resource with an insecure default in Azure Compute Gallery allows an authorized attacker to disclose information over a network. | ||||
| CVE-2026-26125 | 1 Microsoft | 1 Payment Orchestrator Service | 2026-03-10 | 8.6 High |
| Payment Orchestrator Service Elevation of Privilege Vulnerability | ||||
| CVE-2026-26124 | 1 Microsoft | 2 Confidental Containers, Microsoft Aci Confidential Containers | 2026-03-10 | 6.7 Medium |
| '.../...//' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21536 | 1 Microsoft | 1 Devices Pricing Program | 2026-03-10 | 9.8 Critical |
| Microsoft Devices Pricing Program Remote Code Execution Vulnerability | ||||
| CVE-2026-23651 | 1 Microsoft | 1 Microsoft Aci Confidential Containers | 2026-03-10 | 6.7 Medium |
| Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-23674 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-03-10 | 7.5 High |
| Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-26127 | 1 Microsoft | 2 .net, Bcl Memory | 2026-03-10 | 7.5 High |
| Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-26121 | 1 Microsoft | 1 Azure Iot Explorer | 2026-03-10 | 7.5 High |
| Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-23656 | 1 Microsoft | 1 Windows App Client For Windows Desktop | 2026-03-10 | 5.9 Medium |
| Insufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-25186 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-03-10 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-25185 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-03-10 | 5.3 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-25180 | 1 Microsoft | 16 Office, Windows 10 1607, Windows 10 1809 and 13 more | 2026-03-10 | 5.5 Medium |
| Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-25168 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-03-10 | 6.2 Medium |
| Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally. | ||||
| CVE-2026-25166 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-03-10 | 7.8 High |
| Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally. | ||||
| CVE-2026-26416 | 1 Tcs | 2 Cognix Platform, Cognix Recon Client | 2026-03-10 | 8.8 High |
| An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests. | ||||
| CVE-2026-24297 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 5 more | 2026-03-10 | 6.5 Medium |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-24291 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-03-10 | 7.8 High |
| Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24288 | 1 Microsoft | 2 Windows 10 21h2, Windows 10 22h2 | 2026-03-10 | 6.8 Medium |
| Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack. | ||||
| CVE-2026-24283 | 1 Microsoft | 5 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 2 more | 2026-03-10 | 8.8 High |
| Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally. | ||||