Export limit exceeded: 337687 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337687 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-24288 | 1 Microsoft | 4 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 1 more | 2026-03-12 | 6.8 Medium |
| Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack. | ||||
| CVE-2026-24287 | 1 Microsoft | 21 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 18 more | 2026-03-12 | 7.8 High |
| External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24285 | 1 Microsoft | 29 Office, Office For Android, Windows 10 1607 and 26 more | 2026-03-12 | 7 High |
| Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24283 | 1 Microsoft | 10 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 7 more | 2026-03-12 | 8.8 High |
| Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-24282 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-03-12 | 5.5 Medium |
| Out-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-23673 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-03-12 | 7.8 High |
| Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-23672 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-03-12 | 7.8 High |
| Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | ||||
| CVE-2026-23671 | 1 Microsoft | 24 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 21 more | 2026-03-12 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-23669 | 1 Microsoft | 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more | 2026-03-12 | 8.8 High |
| Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-23668 | 1 Microsoft | 21 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 18 more | 2026-03-12 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-23667 | 1 Microsoft | 14 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 11 more | 2026-03-12 | 7 High |
| Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-23664 | 1 Microsoft | 1 Azure Iot Explorer | 2026-03-12 | 7.5 High |
| Improper restriction of communication channel to intended endpoints in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-23660 | 1 Microsoft | 2 Azure Portal Windows Admin Center, Windows Admin Center In Azure Portal | 2026-03-12 | 7.8 High |
| Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21262 | 1 Microsoft | 15 Microsoft Sql Server 2016 Service Pack 3 (gdr), Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack, Microsoft Sql Server 2017 (cu 31) and 12 more | 2026-03-12 | 8.8 High |
| Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-3976 | 2026-03-12 | 8.8 High | ||
| A weakness has been identified in Tenda W3 1.0.0.3(2204). Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-3981 | 2026-03-12 | 7.3 High | ||
| A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctor_action.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used. | ||||
| CVE-2024-11089 | 1 Cayenne | 1 Anonymous Restricted Content | 2026-03-12 | 5.3 Medium |
| The Anonymous Restricted Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to logged-in users. | ||||
| CVE-2024-37800 | 1 Code-projects | 1 Restaurant Reservation System | 2026-03-12 | 6.1 Medium |
| CodeProjects Restaurant Reservation System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Date parameter at index.php. | ||||
| CVE-2023-32624 | 1 Sakura | 1 Ts Webfonts For Sakura | 2026-03-12 | 6.1 Medium |
| Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script. | ||||
| CVE-2020-36731 | 1 Wpdesk | 1 Flexible Checkout Fields | 2026-03-12 | 7.2 High |
| The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to missing authorization checks on the updateSettingsAction() function which is called via an admin_init hook, along with missing sanitization and escaping on the settings that are stored. | ||||