Export limit exceeded: 35214 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (226 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62560 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-20 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-20819 | 1 Microsoft | 6 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2026-04-18 | 5.5 Medium |
| Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-20948 | 1 Microsoft | 13 365 Apps, Office, Office 2019 and 10 more | 2026-04-18 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-5713 | 1 Python | 1 Cpython | 2026-04-17 | 6.0 Medium |
| The "profiling.sampling" module (Python 3.15+) and "asyncio introspection capabilities" (3.14+, "python -m asyncio ps" and "python -m asyncio pstree") features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via the remote debugging feature. This vulnerability requires persistently and repeatedly connecting to the process to be exploited, even after the connecting process crashes with high likelihood due to ASLR. | ||||
| CVE-2026-20857 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-04-16 | 7.8 High |
| Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20935 | 1 Microsoft | 6 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2026-04-16 | 6.2 Medium |
| Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-20811 | 1 Microsoft | 10 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 7 more | 2026-04-16 | 7.8 High |
| Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20938 | 1 Microsoft | 6 Windows 11 23h2, Windows 11 23h2, Windows 11 24h2 and 3 more | 2026-04-16 | 7.8 High |
| Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20940 | 1 Microsoft | 16 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 13 more | 2026-04-16 | 7.8 High |
| Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20955 | 1 Microsoft | 9 365 Apps, Office, Office 2019 and 6 more | 2026-04-16 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-20956 | 1 Microsoft | 6 365 Apps, Office 2021, Office 2024 and 3 more | 2026-04-16 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-21250 | 1 Microsoft | 11 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 8 more | 2026-04-15 | 7.8 High |
| Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21232 | 1 Microsoft | 14 Windows 11 22h3, Windows 11 23h2, Windows 11 23h2 and 11 more | 2026-04-15 | 7.8 High |
| Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2023-42772 | 1 Intel | 112 Core I9-10900x X-series Firmware, Core I9-10920x X-series Firmware, Core I9-10940x X-series Firmware and 109 more | 2026-04-15 | 8.2 High |
| Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-20018 | 2026-04-15 | 8.4 High | ||
| Untrusted pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-26410 | 1 Amd | 15 Radeon Pro V520, Radeon Pro V620, Radeon Pro W5000 Series and 12 more | 2026-04-15 | N/A |
| Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure. | ||||
| CVE-2024-40872 | 2026-04-15 | 8.4 High | ||
| There is an elevation of privilege vulnerability in server and client components of Absolute Secure Access prior to version 13.07. Attackers with local access and valid desktop user credentials can elevate their privilege to system level by passing invalid address data to the vulnerable component. This could be used to manipulate process tokens to elevate the privilege of a normal process to System. The scope is changed, the impact to system confidentiality and integrity is high, the impact to the availability of the effected component is none. | ||||
| CVE-2024-34023 | 2026-04-15 | 8.4 High | ||
| Untrusted pointer dereference in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-12576 | 2026-04-15 | 5.5 Medium | ||
| Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output. | ||||
| CVE-2024-36352 | 1 Amd | 11 Athlon, Athlon 3000, Radeon Instinct Mi25 and 8 more | 2026-04-15 | 8.4 High |
| Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary writes or denial of service. | ||||