VYPR

CVEs

100,472 total · page 119 of 2,010

  • CVE-2026-34627HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…

  • CVE-2026-34617HigApr 14, 2026
    risk 0.57cvss 8.7epss 0.00

    Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could result in privilege escalation. A low-privileged attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining…

  • CVE-2026-33827HigApr 14, 2026
    risk 0.53cvss 8.1epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

  • CVE-2026-33826HigApr 14, 2026
    risk 0.52cvss 8.0epss 0.01

    Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.

  • CVE-2026-33825HigKEVApr 14, 2026
    risk 0.63cvss 7.8epss 0.07

    Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33120HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.01

    Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.

  • CVE-2026-33116HigApr 14, 2026
    risk 0.42cvss 7.5epss 0.02

    Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.

  • CVE-2026-33115HigApr 14, 2026
    risk 0.55cvss 8.4epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2026-33114HigApr 14, 2026
    risk 0.55cvss 8.4epss 0.00

    Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2026-33104HigApr 14, 2026
    risk 0.46cvss 7.0epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33101HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33100HigApr 14, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33099HigApr 14, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33098HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33096HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

  • CVE-2026-33095HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2026-32225HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.01

    Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2026-32224HigApr 14, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32222HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32221HigApr 14, 2026
    risk 0.55cvss 8.4epss 0.00

    Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.

  • CVE-2026-32219HigApr 14, 2026
    risk 0.46cvss 7.0epss 0.00

    Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32203HigApr 14, 2026
    risk 0.42cvss 7.5epss 0.02

    Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.

  • CVE-2026-32200HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

  • CVE-2026-32199HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  • CVE-2026-32198HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  • CVE-2026-32197HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  • CVE-2026-32195HigApr 14, 2026
    risk 0.46cvss 7.0epss 0.00

    Stack-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32192HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.02

    Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32190HigApr 14, 2026
    risk 0.55cvss 8.4epss 0.00

    Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

  • CVE-2026-32189HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

  • CVE-2026-32188HigApr 14, 2026
    risk 0.46cvss 7.1epss 0.00

    Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

  • CVE-2026-32184HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.02

    Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32183HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.

  • CVE-2026-32178HigApr 14, 2026
    risk 0.42cvss 7.5epss 0.02

    Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-32171HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.00

    Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

  • CVE-2026-32168HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32165HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32164HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32163HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32162HigApr 14, 2026
    risk 0.55cvss 8.4epss 0.02

    Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

  • CVE-2026-32160HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32159HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32158HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32157HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.01

    Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-32156HigApr 14, 2026
    risk 0.48cvss 7.4epss 0.00

    Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.

  • CVE-2026-32155HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32154HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32153HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32152HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32150HigApr 14, 2026
    risk 0.46cvss 7.0epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.