Filtered by vendor Microsoft
Subscribe
Total
23246 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-23568 | 2 Microsoft, Teamviewer | 2 Windows, Digital Employee Experience | 2026-02-11 | N/A | 5.4 MEDIUM |
| An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. The leaked memory could be used to bypass ASLR and facilitate further exploitation. | |||||
| CVE-2026-23567 | 2 Microsoft, Teamviewer | 2 Windows, Digital Employee Experience | 2026-02-11 | N/A | 6.5 MEDIUM |
| An integer underflow in the UDP command handler of the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to trigger a heap-based buffer overflow and cause a denial-of-service (service crash) via specially crafted UDP packets. | |||||
| CVE-2026-21255 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-02-11 | N/A | 8.8 HIGH |
| Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally. | |||||
| CVE-2026-21249 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-02-11 | N/A | 3.3 LOW |
| External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally. | |||||
| CVE-2026-21250 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows Server 2022 23h2 and 1 more | 2026-02-11 | N/A | 7.8 HIGH |
| Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-21257 | 1 Microsoft | 1 Visual Studio 2022 | 2026-02-11 | N/A | 8.0 HIGH |
| Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2026-21251 | 1 Microsoft | 5 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 2 more | 2026-02-11 | N/A | 7.8 HIGH |
| Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2026-23566 | 2 Microsoft, Teamviewer | 2 Windows, Digital Employee Experience | 2026-02-11 | N/A | 6.5 MEDIUM |
| A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. This can impact log integrity and nonrepudiation. | |||||
| CVE-2025-63372 | 2 Articentgroup, Microsoft | 2 Zip Rar Extractor Tool, Windows | 2026-02-11 | N/A | 4.3 MEDIUM |
| Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifically in the functionality responsible for extracting and handling ZIP archive contents. | |||||
| CVE-2026-23565 | 2 Microsoft, Teamviewer | 2 Windows, Digital Employee Experience | 2026-02-11 | N/A | 6.5 MEDIUM |
| A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause the NomadBranch.exe process to terminate via crafted requests. This can result in a denial-of-service condition of the Content Distribution Service. | |||||
| CVE-2026-23564 | 2 Microsoft, Teamviewer | 2 Windows, Digital Employee Experience | 2026-02-11 | N/A | 6.5 MEDIUM |
| A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive information. | |||||
| CVE-2026-23563 | 2 Microsoft, Teamviewer | 2 Windows, Digital Employee Experience | 2026-02-11 | N/A | 5.7 MEDIUM |
| Improper Link Resolution Before File Access (invoked by 1E‑Explorer‑TachyonCore‑DeleteFileByPath instruction) in TeamViewer DEX - 1E Client before version 26.1 on Windows allows a low‑privileged local attacker to delete protected system files via a crafted RPC control junction or symlink that is followed when the delete instruction executes. | |||||
| CVE-2026-21258 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-02-11 | N/A | 5.5 MEDIUM |
| Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2026-21259 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-02-11 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2026-21260 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2026-02-11 | N/A | 7.5 HIGH |
| Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2026-21261 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-02-11 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2026-21511 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2026-02-11 | N/A | 7.5 HIGH |
| Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2026-21529 | 1 Microsoft | 1 Azure Hdinsight | 2026-02-11 | N/A | 5.7 MEDIUM |
| Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsights allows an authorized attacker to perform spoofing over a network. | |||||
| CVE-2023-36881 | 1 Microsoft | 1 Azure Hdinsight | 2026-02-11 | N/A | 4.5 MEDIUM |
| Azure Apache Ambari Spoofing Vulnerability | |||||
| CVE-2023-36419 | 1 Microsoft | 1 Azure Hdinsight | 2026-02-11 | N/A | 8.8 HIGH |
| Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability | |||||