Export limit exceeded: 18286 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18286 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-34690 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2026-05-13 | 7.8 High |
| After Effects versions 26.0, 25.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-40406 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-05-13 | 7.5 High |
| Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-42899 | 3 Apple, Linux, Microsoft | 4 Macos, Linux Kernel, .net and 1 more | 2026-05-13 | 7.5 High |
| Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-3087 | 2 Microsoft, Python | 3 Windows, Cpython, Python | 2026-05-13 | 7.5 High |
| If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability. | ||||
| CVE-2026-34636 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2026-05-13 | 7.8 High |
| Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-34637 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2026-05-13 | 7.8 High |
| Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-34638 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2026-05-13 | 7.8 High |
| Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-40413 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-05-13 | 7.4 High |
| Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network. | ||||
| CVE-2026-40397 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-05-13 | 7.8 High |
| Integer underflow (wrap or wraparound) in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40382 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-05-13 | 7.8 High |
| Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40369 | 1 Microsoft | 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more | 2026-05-13 | 7.8 High |
| Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-42896 | 1 Microsoft | 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more | 2026-05-13 | 7.8 High |
| Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-41096 | 1 Microsoft | 14 Windows 11 22h3, Windows 11 23h2, Windows 11 23h2 and 11 more | 2026-05-13 | 9.8 Critical |
| Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-41089 | 1 Microsoft | 14 Windows Server 2012, Windows Server 2012 (server Core Installation), Windows Server 2012 R2 and 11 more | 2026-05-13 | 9.8 Critical |
| Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-40380 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-05-13 | 6.2 Medium |
| Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack. | ||||
| CVE-2026-35438 | 1 Microsoft | 1 Windows Admin Center | 2026-05-13 | 8.3 High |
| Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-35420 | 1 Microsoft | 14 Windows Server 2012, Windows Server 2012 (server Core Installation), Windows Server 2012 R2 and 11 more | 2026-05-13 | 7.8 High |
| Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-35418 | 1 Microsoft | 21 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 18 more | 2026-05-13 | 7.8 High |
| Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-35416 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-05-13 | 7 High |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-34351 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-05-13 | 7.8 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally. | ||||