Filtered by vendor Microsoft Subscriptions
Total 25556 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-58643 1 Microsoft 1 Windows Admin Center 2026-07-18 6.1 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-56171 1 Microsoft 2 Remote Desktop Web Client, Windows Admin Center 2026-07-17 7.1 High
Exposure of private personal information to an unauthorized actor in Windows RDP allows an unauthorized attacker to disclose information over a network.
CVE-2026-57108 2 Microsoft, Redhat 2 .net, Hummingbird 2026-07-17 7.5 High
Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-55027 1 Microsoft 11 365 Apps, Office 2016, Office 2019 and 8 more 2026-07-17 5.5 Medium
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-50650 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 7.8 High
Improper control of generation of code ('code injection') in .NET Framework allows an unauthorized attacker to elevate privileges locally.
CVE-2026-50649 2 Microsoft, Redhat 3 .net, Visual Studio 2026, Hummingbird 2026-07-17 7.8 High
Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally.
CVE-2026-50648 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 7.5 High
Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-50646 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 7.8 High
Protection mechanism failure in .NET Framework allows an unauthorized attacker to execute code locally.
CVE-2026-50528 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 8.2 High
Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-50527 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 7.5 High
Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-50526 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 7 High
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally.
CVE-2026-50525 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 7.5 High
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.
CVE-2026-56170 2 Microsoft, Redhat 2 .net, Hummingbird 2026-07-17 7.5 High
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-47304 1 Microsoft 3 .net, Visual Studio 2022, Visual Studio 2026 2026-07-17 8.1 High
Improper verification of cryptographic signature in .NET allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-57980 1 Microsoft 1 Edge Chromium 2026-07-17 5.4 Medium
Authentication bypass using an alternate path or channel in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform tampering over a network.
CVE-2026-50524 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 7.5 High
Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-47303 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 8.8 High
Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network.
CVE-2026-47302 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 7.5 High
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.
CVE-2026-47300 2 Microsoft, Redhat 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more 2026-07-17 8.8 High
Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network.
CVE-2026-58598 1 Microsoft 5 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 2 more 2026-07-17 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Backup Engine allows an authorized attacker to elevate privileges locally.