Export limit exceeded: 364428 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (85946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-12167 1 Little Orbit 1 Gamefirst Anti-cheat 2026-07-09 7.8 High
The Minifilter communication port for driver `GFAC_Sys_x64.sys` in Little Orbit GFAC allows a local attacker to access privileged driver functionality via a communication interface that lacks appropriate access restrictions.
CVE-2026-54408 2026-07-09 8.6 High
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming.
CVE-2026-54404 2026-07-09 8.8 High
A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS devices or instances.
CVE-2026-56842 1 Ubiquiti 1 Unifi Network Application 2026-07-09 7.5 High
A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to persist privileges within UniFi Network Application after such access had been removed.
CVE-2026-55114 1 Ubiquiti 1 Unifi Network Application 2026-07-09 8.8 High
A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application.
CVE-2024-26566 2 Iscute, Ods-im 2 Cute Http File Server, Cutehttpfileserver 2026-07-09 8.2 High
An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component.
CVE-2024-24520 1 Lepton-cms 1 Leptoncms 2026-07-09 7.8 High
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place.
CVE-2024-23084 2 Apfloat, Mikkotommila 2 Apfloat, Apfloat 2026-07-09 7.5 High
Apfloat v1.10.1 was discovered to contain an ArrayIndexOutOfBoundsException via the component org.apfloat.internal.DoubleCRTMath::add(double[], double[]). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
CVE-2023-43336 1 Sangoma 1 Freepbx 2026-07-09 8.8 High
Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101.
CVE-2026-52719 2 Gstreamer Project, Redhat 2 Gstreamer Plugin, Enterprise Linux 2026-07-08 7.1 High
An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causing downstream parsing to read beyond the provided input buffer, leading to a crash or potential information disclosure.
CVE-2026-50656 1 Microsoft 1 Malware Protection Engine 2026-07-08 7.8 High
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ".
CVE-2026-42985 1 Microsoft 30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more 2026-07-08 8.8 High
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-44801 1 Microsoft 30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more 2026-07-08 7.5 High
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-44808 1 Microsoft 2 Windows 11 26h1, Windows 11 26h1 2026-07-08 7.8 High
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44811 1 Microsoft 2 Windows 11 26h1, Windows 11 26h1 2026-07-08 7.8 High
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-42974 1 Microsoft 11 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 8 more 2026-07-08 8.1 High
Integer overflow or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.
CVE-2026-42913 1 Microsoft 13 Remote Desktop, Windows 11 23h2, Windows 11 23h2 and 10 more 2026-07-08 7.5 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42916 1 Microsoft 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more 2026-07-08 7.8 High
Integer overflow or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-42909 1 Microsoft 30 Remote Desktop, Remote Desktop Client, Windows 10 1607 and 27 more 2026-07-08 7.5 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42837 1 Microsoft 18 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 15 more 2026-07-08 7.8 High
Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.