Filtered by vendor Microsoft
Subscriptions
Total
25556 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-58643 | 1 Microsoft | 1 Windows Admin Center | 2026-07-18 | 6.1 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-56171 | 1 Microsoft | 2 Remote Desktop Web Client, Windows Admin Center | 2026-07-17 | 7.1 High |
| Exposure of private personal information to an unauthorized actor in Windows RDP allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-57108 | 2 Microsoft, Redhat | 2 .net, Hummingbird | 2026-07-17 | 7.5 High |
| Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-55027 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-07-17 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-50650 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.8 High |
| Improper control of generation of code ('code injection') in .NET Framework allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-50649 | 2 Microsoft, Redhat | 3 .net, Visual Studio 2026, Hummingbird | 2026-07-17 | 7.8 High |
| Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-50648 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.5 High |
| Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50646 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.8 High |
| Protection mechanism failure in .NET Framework allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-50528 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 8.2 High |
| Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-50527 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.5 High |
| Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50526 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7 High |
| Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally. | ||||
| CVE-2026-50525 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.5 High |
| Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-56170 | 2 Microsoft, Redhat | 2 .net, Hummingbird | 2026-07-17 | 7.5 High |
| Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-47304 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-17 | 8.1 High |
| Improper verification of cryptographic signature in .NET allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-57980 | 1 Microsoft | 1 Edge Chromium | 2026-07-17 | 5.4 Medium |
| Authentication bypass using an alternate path or channel in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform tampering over a network. | ||||
| CVE-2026-50524 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.5 High |
| Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-47303 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 8.8 High |
| Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-47302 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.5 High |
| Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-47300 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 8.8 High |
| Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-58598 | 1 Microsoft | 5 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 2 more | 2026-07-17 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Backup Engine allows an authorized attacker to elevate privileges locally. | ||||