Export limit exceeded: 23237 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23237 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-44811 | 1 Microsoft | 2 Windows 11 26h1, Windows 11 26h1 | 2026-07-08 | 7.8 High |
| Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-42914 | 1 Microsoft | 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more | 2026-07-08 | 5.3 Medium |
| Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network. | ||||
| CVE-2026-42837 | 1 Microsoft | 18 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 15 more | 2026-07-08 | 7.8 High |
| Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45653 | 1 Microsoft | 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more | 2026-07-08 | 7 High |
| Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45608 | 1 Microsoft | 26 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 23 more | 2026-07-08 | 6.8 Medium |
| Out-of-bounds read in Windows DHCP Client allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-45463 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-07-08 | 8.4 High |
| Integer underflow (wrap or wraparound) in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45457 | 1 Microsoft | 7 365 Apps, Microsoft 365, Office 2021 and 4 more | 2026-07-08 | 7.8 High |
| Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45455 | 1 Microsoft | 10 365 Apps, Excel 2016, Microsoft 365 Apps For Enterprise and 7 more | 2026-07-08 | 3.3 Low |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-47652 | 1 Microsoft | 11 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 8 more | 2026-07-08 | 8.2 High |
| Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. | ||||
| CVE-2026-47635 | 1 Microsoft | 1 Office 2024 | 2026-07-08 | 8.4 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45641 | 1 Microsoft | 15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more | 2026-07-08 | 8.4 High |
| Access of resource using incompatible type ('type confusion') in Windows Hyper-V allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45460 | 1 Microsoft | 8 365 Apps, Office, Office 2019 and 5 more | 2026-07-08 | 4.7 Medium |
| Buffer over-read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-44820 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-07-08 | 7.8 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-15165 | 1 Wireshark | 1 Wireshark | 2026-07-08 | 5.5 Medium |
| TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service | ||||
| CVE-2026-15170 | 1 Wireshark | 1 Wireshark | 2026-07-08 | 5.5 Medium |
| Z39.50 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service | ||||
| CVE-2026-15167 | 1 Wireshark | 1 Wireshark | 2026-07-08 | 7.5 High |
| DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service | ||||
| CVE-2026-15169 | 1 Wireshark | 1 Wireshark | 2026-07-08 | 5.5 Medium |
| UMTS FP protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service | ||||
| CVE-2026-15174 | 1 Wireshark | 1 Wireshark | 2026-07-08 | 5.5 Medium |
| Catapult DCT2000 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service | ||||
| CVE-2026-15166 | 1 Wireshark | 1 Wireshark | 2026-07-08 | 5.5 Medium |
| IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service | ||||
| CVE-2026-11610 | 1 Redhat | 10 Directory Server, Directory Server E4s, Enterprise Linux and 7 more | 2026-07-08 | 8.8 High |
| A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). After a successful SASL bind with integrity protection (SSF > 0), an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer without a bounds check in sasl_io_recv() in sasl_io.c. This allows up to approximately 2 megabytes of attacker-controlled data to overflow the buffer, causing a denial of service (server crash). In FreeIPA and Red Hat Identity Management deployments, any domain user with a valid Kerberos ticket, any enrolled host, or any service account can trigger this vulnerability over the network after authenticating via GSSAPI. The vulnerable code path has existed since approximately 2013 (389-ds-base 1.3.2) and was not addressed by the CVE-2025-14905 fix, which patched a separate heap overflow in schema.c only. | ||||