Search

Expected end of text, found '.' (at char 11), (line:1, col:12)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341166 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-23651 1 Microsoft 2 Aci Confidential Containers, Microsoft Aci Confidential Containers 2026-03-27 6.7 Medium
Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
CVE-2026-26127 2 Microsoft, Redhat 4 .net, Bcl Memory, Bcl Memory and 1 more 2026-03-27 7.5 High
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
CVE-2026-26134 1 Microsoft 1 Office 2026-03-27 7.8 High
Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2026-26131 1 Microsoft 1 .net 2026-03-27 7.8 High
Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.
CVE-2026-26116 1 Microsoft 5 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 2 more 2026-03-27 8.8 High
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-26115 1 Microsoft 15 Microsoft Sql Server 2016 Service Pack 3 (gdr), Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack, Microsoft Sql Server 2017 (cu 31) and 12 more 2026-03-27 8.8 High
Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-26121 1 Microsoft 1 Azure Iot Explorer 2026-03-27 7.5 High
Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-20967 1 Microsoft 4 System Center Operations Manager, System Center Operations Manager 2019, System Center Operations Manager 2022 and 1 more 2026-03-27 8.8 High
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.
CVE-2026-23656 1 Microsoft 2 Windows App, Windows App Client For Windows Desktop 2026-03-27 5.9 Medium
Insufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-26114 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-03-27 8.8 High
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-26113 1 Microsoft 14 365 Apps, Microsoft 365 Apps For Enterprise, Office and 11 more 2026-03-27 8.4 High
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-26112 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-03-27 7.8 High
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-26105 1 Microsoft 4 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 and 1 more 2026-03-27 8.1 High
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-25189 1 Microsoft 8 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 5 more 2026-03-27 7.8 High
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-25175 1 Microsoft 22 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 19 more 2026-03-27 7.8 High
Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally.
CVE-2026-25166 1 Microsoft 21 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 18 more 2026-03-27 7.8 High
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally.
CVE-2026-24297 1 Microsoft 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more 2026-03-27 6.5 Medium
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-24288 1 Microsoft 4 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 1 more 2026-03-27 6.8 Medium
Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack.
CVE-2026-24285 1 Microsoft 30 Office, Office For Android, Windows 10 1607 and 27 more 2026-03-27 7 High
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
CVE-2026-23668 1 Microsoft 22 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 19 more 2026-03-27 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.