Total CVEs

141,537

Critical Severity

3,871

High Severity

13,923

Last 7 Days

1,592
Quick preset (or use dates below)
Clear Filters
Showing 9,821 - 9,840 of 13,923 CVEs
CVE-2026-25172 HIGH - 8.8

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_server_2012
Published: Mar 10, 2026
Source: NVD
CVE-2026-25171 HIGH - 7.0

Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-25170 HIGH - 7.0

Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_23h2
Published: Mar 10, 2026
Source: NVD
CVE-2026-25167 HIGH - 7.4

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_24h2
Published: Mar 10, 2026
Source: NVD
CVE-2026-25166 HIGH - 7.8

Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-25165 HIGH - 7.8

Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24296 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24295 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24294 HIGH - 7.8

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24293 HIGH - 7.8

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_21h2
Published: Mar 10, 2026
Source: NVD
CVE-2026-24292 HIGH - 7.8

Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Mar 10, 2026
Source: NVD
CVE-2026-24291 HIGH - 7.8

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24290 HIGH - 7.8

Improper access control in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Mar 10, 2026
Source: NVD
CVE-2026-24289 HIGH - 7.8

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD
CVE-2026-24287 HIGH - 7.8

External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Mar 10, 2026
Source: NVD
CVE-2026-24285 HIGH - 7.0

Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: office
Published: Mar 10, 2026
Source: NVD
CVE-2026-24283 HIGH - 8.8

Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_24h2
Published: Mar 10, 2026
Source: NVD
CVE-2026-24018 HIGH - 7.8

A UNIX symbolic link (Symlink) following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, FortiClientLinux 7.2.2 through 7.2.12 may allow a local and unprivileged user to escalate their privileges to root.

Vendor: Fortinet
Product: FortiClientLinux
Published: Mar 10, 2026
Source: NVD
CVE-2026-24017 HIGH - 8.1

An Improper Control of Interaction Frequency vulnerability [CWE-799] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to bypass...

Vendor: Fortinet
Product: FortiWeb
Published: Mar 10, 2026
Source: NVD
CVE-2026-23674 HIGH - 7.5

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

Vendor: microsoft
Product: windows_10_1607
Published: Mar 10, 2026
Source: NVD