Search Results (25564 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-50339 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-15 5.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-50350 1 Microsoft 6 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 3 more 2026-07-15 5.5 Medium
Exposure of sensitive information to an unauthorized actor in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.
CVE-2026-50293 1 Microsoft 6 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 3 more 2026-07-15 7.8 High
Use after free in Windows Internal Task Bar allows an authorized attacker to elevate privileges locally.
CVE-2026-49803 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.
CVE-2026-55028 1 Microsoft 11 365 Apps, Office 2016, Office 2019 and 8 more 2026-07-15 5.5 Medium
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-50657 1 Microsoft 1 Defender For Endpoint 2026-07-15 4.7 Medium
Exposure of private personal information to an unauthorized actor in Microsoft Defender allows an authorized attacker to disclose information locally.
CVE-2026-50668 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-15 6.8 Medium
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to elevate privileges with a physical attack.
CVE-2026-48580 1 Microsoft 9 365 Apps, Excel 2016, Office 2019 and 6 more 2026-07-15 5.5 Medium
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-55016 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-07-15 4.6 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-50299 1 Microsoft 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more 2026-07-15 6.8 Medium
Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to execute code with a physical attack.
CVE-2026-55046 1 Microsoft 9 365 Apps, Excel 2016, Office 2019 and 6 more 2026-07-15 5.5 Medium
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-49783 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-15 7.8 High
Improperly implemented security check for standard in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVE-2026-42982 1 Microsoft 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more 2026-07-15 7.8 High
Improper validation of consistency within input in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
CVE-2026-48572 1 Microsoft 5 Windows 11 23h2, Windows 11 24h2, Windows 11 25h2 and 2 more 2026-07-15 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows App Installer allows an authorized attacker to elevate privileges locally.
CVE-2026-55058 1 Microsoft 9 365 Apps, Excel 2016, Office 2019 and 6 more 2026-07-15 7.8 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-47282 1 Microsoft 1 Visual Studio Code 2026-07-15 6.5 Medium
Insufficiently protected credentials in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network.
CVE-2026-55014 1 Microsoft 1 Windows-remote-help 2026-07-15 7.8 High
Improper access control in Windows Remote Help Defense allows an authorized attacker to elevate privileges locally.
CVE-2026-58647 1 Microsoft 1 Power Bi Report Server 2026-07-15 8 High
Improper neutralization of input during web page generation ('cross-site scripting') in Power BI allows an authorized attacker to perform spoofing over a network.
CVE-2026-50328 1 Microsoft 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more 2026-07-15 7.5 High
Uncaught exception in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.
CVE-2026-50360 1 Microsoft 7 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 4 more 2026-07-15 8.8 High
Incorrect implementation of authentication algorithm in Windows SMB Server allows an authorized attacker to elevate privileges over a network.