Total
155 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-33114 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-04-29 | N/A | 8.4 HIGH |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-23670 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-04-24 | N/A | 5.7 MEDIUM |
| Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally. | |||||
| CVE-2026-26161 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more | 2026-04-24 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-27919 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-04-22 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-27920 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-04-22 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-32077 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-04-21 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-32222 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-04-17 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-33120 | 2026-04-17 | N/A | 8.8 HIGH | ||
| Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network. | |||||
| CVE-2024-34023 | 2026-04-15 | N/A | 8.4 HIGH | ||
| Untrusted pointer dereference in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-42772 | 2026-04-15 | N/A | 8.2 HIGH | ||
| Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-32277 | 2026-04-15 | N/A | 6.1 MEDIUM | ||
| Untrusted Pointer Dereference in I/O subsystem for some Intel(R) QAT software before version 2.0.5 may allow authenticated user to potentially enable information disclosure via local operating system access. | |||||
| CVE-2024-40872 | 2026-04-15 | N/A | 8.4 HIGH | ||
| There is an elevation of privilege vulnerability in server and client components of Absolute Secure Access prior to version 13.07. Attackers with local access and valid desktop user credentials can elevate their privilege to system level by passing invalid address data to the vulnerable component. This could be used to manipulate process tokens to elevate the privilege of a normal process to System. The scope is changed, the impact to system confidentiality and integrity is high, the impact to the availability of the effected component is none. | |||||
| CVE-2024-12576 | 2026-04-15 | N/A | 5.5 MEDIUM | ||
| Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output. | |||||
| CVE-2024-36352 | 2026-04-15 | N/A | 8.4 HIGH | ||
| Improper input validation in the AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary writes or denial of service. | |||||
| CVE-2025-20018 | 2026-04-15 | N/A | 8.4 HIGH | ||
| Untrusted pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-27353 | 2026-04-15 | N/A | 7.4 HIGH | ||
| A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 before 05.61.09 could lead to escalating privileges in SMM. | |||||
| CVE-2025-4993 | 1 Rti | 1 Connext Professional | 2026-04-01 | N/A | 9.1 CRITICAL |
| Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.10, from 6.1.0 before 6.1.2.27, from 6.0.0 before 6.0.1.43, from 5.3.0 before 5.3.*, from 4.4a before 5.2.*. | |||||
| CVE-2026-26113 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2026-03-13 | N/A | 8.4 HIGH |
| Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-26112 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-03-13 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-21232 | 1 Microsoft | 5 Windows 11 23h2, Windows 11 24h2, Windows 11 25h2 and 2 more | 2026-02-11 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. | |||||