Total
166 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-44805 | 1 Microsoft | 3 Windows Server 2019, Windows Server 2022, Windows Server 2025 | 2026-06-11 | N/A | 5.5 MEDIUM |
| Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally. | |||||
| CVE-2026-45643 | 1 Microsoft | 4 365 Apps, Microsoft 365, Office 2021 and 1 more | 2026-06-11 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-45471 | 2026-06-09 | N/A | 7.8 HIGH | ||
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-45645 | 2026-06-09 | N/A | 7.8 HIGH | ||
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-40369 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-06-01 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-40367 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2026-06-01 | N/A | 8.4 HIGH |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-8835 | 3 Ibm, Linux, Microsoft | 5 Aix, Http Server, Z\/os and 2 more | 2026-05-26 | N/A | 7.3 HIGH |
| IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service. | |||||
| CVE-2026-32077 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-05-26 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-20738 | 2026-05-13 | N/A | N/A | ||
| Untrusted pointer dereference for some Intel(R) QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | |||||
| CVE-2025-62627 | 2026-05-13 | N/A | N/A | ||
| An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability. | |||||
| CVE-2025-47405 | 1 Qualcomm | 32 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 29 more | 2026-05-06 | N/A | 7.8 HIGH |
| Memory corruption when processing camera sensor input/output control codes with invalid output buffers. | |||||
| CVE-2025-47408 | 1 Qualcomm | 40 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6900 and 37 more | 2026-05-06 | N/A | 7.8 HIGH |
| Memory corruption when another driver calls an IOCTL with invalid input/output buffer. | |||||
| CVE-2026-33120 | 1 Microsoft | 5 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 2 more | 2026-05-06 | N/A | 8.8 HIGH |
| Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network. | |||||
| CVE-2026-33114 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-04-29 | N/A | 8.4 HIGH |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-23670 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-04-24 | N/A | 5.7 MEDIUM |
| Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally. | |||||
| CVE-2026-26161 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more | 2026-04-24 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-27919 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-04-22 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-27920 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-04-22 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-32222 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-04-17 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2024-34023 | 2026-04-15 | N/A | 8.4 HIGH | ||
| Untrusted pointer dereference in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||