Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2026-24045 Docmost is open-source collaborative wiki and documentation software. From g and before 0.25.0, the public share page functionality in Docmost does not properly HTML-escape page titles before insertin... | 7.3 | HIGH | — | 0 |
| CVE-2026-23655 Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-21537 Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network. | 8.8 | HIGH | — | 0 |
| CVE-2026-21533 Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | KEV | 0 |
| CVE-2026-21531 Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-21529 Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsights allows an authorized attacker to perform spoofing over a network. | 5.7 | MEDIUM | — | 0 |
| CVE-2026-21528 Binding to an unrestricted ip address in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-21527 User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-21525 Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally. | 6.2 | MEDIUM | KEV | 0 |
| CVE-2026-21523 Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network. | 8.0 | HIGH | — | 0 |
| CVE-2026-21522 Improper neutralization of special elements used in a command ('command injection') in Azure Compute Gallery allows an authorized attacker to elevate privileges locally. | 6.7 | MEDIUM | — | 0 |
| CVE-2026-21519 Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | KEV | 0 |
| CVE-2026-21518 Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network... | 8.8 | HIGH | — | 0 |
| CVE-2026-21517 Improper link resolution before file access ('link following') in Windows App for Mac allows an authorized attacker to elevate privileges locally. | 4.7 | MEDIUM | — | 0 |
| CVE-2026-21516 Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network. | 8.8 | HIGH | — | 0 |
| CVE-2026-21514 Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally. | 7.8 | HIGH | KEV | 0 |
| CVE-2026-21513 Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. | 8.8 | HIGH | KEV | 0 |
| CVE-2026-21512 Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-21511 Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | 7.5 | HIGH | — | 0 |
| CVE-2026-21510 Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. | 8.8 | HIGH | KEV | 0 |
| CVE-2026-21508 Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally. | 7.0 | HIGH | — | 0 |
| CVE-2026-21358 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnera... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21357 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploita... | 7.8 | HIGH | — | 0 |
| CVE-2026-21351 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21350 After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21340 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sen... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21339 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sen... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21338 Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabili... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21337 Substance3D - Designer versions 15.1.0 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensi... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21336 Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabili... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21335 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... | 7.8 | HIGH | — | 0 |
| CVE-2026-21334 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... | 7.8 | HIGH | — | 0 |
| CVE-2026-21332 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sen... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21330 After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of t... | 7.8 | HIGH | — | 0 |
| CVE-2026-21329 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21328 After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu... | 7.8 | HIGH | — | 0 |
| CVE-2026-21327 After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu... | 7.8 | HIGH | — | 0 |
| CVE-2026-21326 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21325 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21324 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21323 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21322 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21321 After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... | 7.8 | HIGH | — | 0 |
| CVE-2026-21320 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21319 After Effects versions 25.6 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive inform... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21318 After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu... | 7.8 | HIGH | — | 0 |
| CVE-2026-21317 Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive informati... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21316 Audition versions 25.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. An attacker could exploit this vulne... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21315 Audition versions 25.3 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21314 Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive informati... | 5.5 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.