Export limit exceeded: 357031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357031 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-45490 | 1 Microsoft | 1 .net | 2026-06-09 | 7.8 High |
| Improper authorization in .NET allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45487 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 23h2 and 5 more | 2026-06-09 | 7.8 High |
| Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45466 | 1 Microsoft | 6 365 Apps, Office 2021, Office 2024 and 3 more | 2026-06-09 | 3.3 Low |
| Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-45461 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-06-09 | 8.4 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45460 | 1 Microsoft | 8 365 Apps, Office, Office 2019 and 5 more | 2026-06-09 | 4.7 Medium |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-45456 | 1 Microsoft | 11 365 Apps, Office 2019, Office 2021 and 8 more | 2026-06-09 | 8.4 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-44824 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-06-09 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-44821 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-06-09 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-44818 | 1 Microsoft | 8 365 Apps, Excel 2016, Office 2019 and 5 more | 2026-06-09 | 7 High |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-44817 | 1 Microsoft | 8 365 Apps, Excel 2016, Office 2019 and 5 more | 2026-06-09 | 7.8 High |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-42902 | 1 Microsoft | 1 Power Toys | 2026-06-09 | 7.8 High |
| Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45483 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-06-09 | 4.6 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-45486 | 1 Microsoft | 4 365 Apps, Office 365, Office Macos 2021 and 1 more | 2026-06-09 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45474 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-06-09 | 8.4 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45471 | 1 Microsoft | 11 365 Apps, Office 2019, Office 2021 and 8 more | 2026-06-09 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45472 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-06-09 | 8.4 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45475 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-06-09 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-45468 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-06-09 | 4.6 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-45467 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-06-09 | 4.6 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-25089 | 1 Fortinet | 3 Fortisandbox, Fortisandboxcloud, Fortisandboxpaas | 2026-06-09 | 9.1 Critical |
| A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests | ||||