CVE Daily
← All tags

Tag: Microsoft Windows

All CVEs associated with "Microsoft Windows". Page 6/121 • 14514 CVEs.

Subscribe CVEs: RSS for “Microsoft Windows”  ·  RSS (High+Critical only)

About “Microsoft Windows”

A curated feed of “Microsoft Windows”-related CVEs appears below. We currently track 14514 CVEs for this tag (all time). In the last 365 days, 1680 were published. Average CVSS is 7.3 (all time; 7.2 over 365d), and 66% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-416 - Use After Free, CWE-122 - Heap-based Buffer Overflow, CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition').

In our taxonomy this topic maps to a MODERATE impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2026-02-11
High

CVE-2019-25307

WorkgroupMail 7.5.1 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the u…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
2026-02-10
Medium

CVE-2026-1763

Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions.

CVSS: 4.6 CWE: CWE-35 - Path Traversal: '.../...//' View on NVD
Low

CVE-2026-1762

A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions.

CVSS: 2.9 CWE: CWE-23 - Relative Path Traversal View on NVD
High

CVE-2026-25992

SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive fil…

CVSS: 7.5 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
High

CVE-2026-21533

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-269 - Improper Privilege Management View on NVD
Medium

CVE-2026-21525

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

CVSS: 6.2 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2026-21517

Improper link resolution before file access ('link following') in Windows App for Mac allows an authorized attacker to elevate privileges locally.

CVSS: 4.7 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
High

CVE-2026-21510

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

CVSS: 8.8 CWE: CWE-693 - Protection Mechanism Failure View on NVD
High

CVE-2026-21508

Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally.

CVSS: 7.0 CWE: CWE-287 - Improper Authentication View on NVD
High

CVE-2026-21255

Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally.

CVSS: 8.8 CWE: CWE-284 - Improper Access Control View on NVD
High

CVE-2026-21251

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2026-21250

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-822 - Untrusted Pointer Dereference View on NVD
Low

CVE-2026-21249

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally.

CVSS: 3.3 CWE: CWE-73 - External Control of File Name or Path View on NVD
High

CVE-2026-21248

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

CVSS: 7.3 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2026-21247

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

CVSS: 7.3 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2026-21245

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2026-21244

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

CVSS: 7.3 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2026-21243

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2026-21242

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

CVSS: 7.0 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2026-21241

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVSS: 7.0 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2026-21240

Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition View on NVD
High

CVE-2026-21239

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2026-21238

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-284 - Improper Access Control View on NVD
High

CVE-2026-21237

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

CVSS: 7.0 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
High

CVE-2026-21236

Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2026-21234

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

CVSS: 7.0 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
High

CVE-2026-21232

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-822 - Untrusted Pointer Dereference View on NVD
High

CVE-2026-21231

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVSS: 7.8 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
Medium

CVE-2026-21222

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.

CVSS: 5.5 CWE: CWE-532 - Insertion of Sensitive Information into Log File View on NVD
High

CVE-2026-20846

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network.

CVSS: 7.5 CWE: CWE-126 - Buffer Over-read View on NVD
High

CVE-2026-20841

Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code locally.

CVSS: 7.8 CWE: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection') View on NVD
High

CVE-2025-15569

A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function get_system_dpi of the file platform/x11/win_main.c. This manipulation causes uncontrolled search p…

CVSS: 7.0 CWE: CWE-426 - Untrusted Search Path View on NVD
2026-02-09
High

CVE-2026-25961

SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification (INTERNET_FLAG_IGNORE_CERT_CN_INVALID) and executes installer…

CVSS: 7.5 CWE: CWE-295 - Improper Certificate Validation View on NVD
High

CVE-2026-25925

PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App pa…

CVSS: 7.8 CWE: CWE-502 - Deserialization of Untrusted Data View on NVD
Medium

CVE-2026-25920

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, a heap out-of-bounds read vulnerability exists in SumatraPDF's MOBI HuffDic decompressor. The bounds check in AddCdicData() only…

CVSS: 5.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2026-25880

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary (explorer.exe) located in the same directory as the opened PDF when the us…

CVSS: 7.8 CWE: CWE-426 - Untrusted Search Path View on NVD
Medium

CVE-2026-21419

Dell Display and Peripheral Manager (Windows) versions prior to 2.2 contain an Improper Link Resolution Before File Access ('Link Following') vulnerability in the Installer and Service. A low privile…

CVSS: 6.6 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
Medium

CVE-2026-24466

Products provided by Oki Electric Industry Co., Ltd. and its OEM products (Ricoh Co., Ltd., Murata Machinery, Ltd.) register Windows services with unquoted file paths. A user with the write permissio…

CVSS: 6.7 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
2026-02-07
Medium

CVE-2020-37160

SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing e…

CVSS: 6.2 CWE: CWE-276 - Incorrect Default Permissions View on NVD
2026-02-06
High

CVE-2026-25635

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows (haven…

CVSS: 8.6 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
Medium

CVE-2026-1769

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xerox CentreWare on Windows allows Stored XSS.This issue affects CentreWare: through 7.0.6…

CVSS: 5.3 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
2026-02-05
High

CVE-2026-23572

Improper access control in the TeamViewer Full and Host clients (Windows, macOS, Linux) prior version 15.74.5 allows an authenticated user to bypass additional access controls with “Allow after confi…

CVSS: 7.2 CWE: CWE-863 - Incorrect Authorization View on NVD
High

CVE-2025-10314

Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileg…

CVSS: 8.8 CWE: CWE-276 - Incorrect Default Permissions View on NVD
High

CVE-2019-25281

NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquo…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
High

CVE-2019-25271

NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
High

CVE-2019-25269

Amiti Antivirus 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. Attackers can exploit the unquoted path to inject and execute malicious code with eleva…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
2026-02-04
Low

CVE-2026-20730

A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows that may allow attackers to gain access to sensitive information.  Note: Software versions which have reached End of Te…

CVSS: 3.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2025-14740

Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this dire…

CVSS: 6.7 CWE: CWE-732 - Incorrect Permission Assignment for Critical Resource View on NVD
2026-02-03
High

CVE-2025-60865

Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 allows a local attacker to escalate privileges via the Driver Updater Service windows component.

CVSS: 7.8 CWE: CWE-284 - Improper Access Control View on NVD
High

CVE-2019-25261

AnyDesk 5.4.0 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially inject malicious executables. Attackers can exploit the u…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
2026-02-02
Medium

CVE-2026-25228

Signal K Server is a server application that runs on a central hub in a boat. Prior to 2.20.3, a path traversal vulnerability in SignalK Server's applicationData API allows authenticated users on Win…

CVSS: 5.0 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
Medium

CVE-2026-1232

A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions <=25.7. Under certain conditions, a local authenticated user with elevated privileges may…

CVSS: 6.8 CWE: CWE-693 - Protection Mechanism Failure View on NVD
2026-02-01
High

CVE-2020-37047

Deep Instinct Windows Agent 1.2.29.0 contains an unquoted service path vulnerability in the DeepMgmtService that allows local users to potentially execute code with elevated privileges. Attackers can…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
2026-01-30
Medium

CVE-2020-37044

OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting (XSS) attack via the /graphql endpoint. An attacker can inject arbitrary JavaScript code by sending a crafted GET request with a malici…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
High

CVE-2020-37041

OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with…

CVSS: 7.5 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
High

CVE-2020-37025

Port Forwarding Wizard 4.8.0 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code through a long request in the Register feature. Attackers can craft a malic…

CVSS: 8.4 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2025-36442

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a spec…

CVSS: 6.5 CWE: CWE-943 - Improper Neutralization of Special Elements in Data Query Logic View on NVD
Medium

CVE-2025-36428

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of…

CVSS: 5.3 CWE: CWE-1284 - Improper Validation of Specified Quantity in Input View on NVD
Medium

CVE-2025-36427

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user to cause a denial of service due to insufficient validation of special elements in data query logic.

CVSS: 6.5 CWE: CWE-1284 - Improper Validation of Specified Quantity in Input View on NVD
Medium

CVE-2025-36424

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user to cause a denial of service due to improper neutralization of special elements in data query logic.

CVSS: 6.5 CWE: CWE-1284 - Improper Validation of Specified Quantity in Input View on NVD
Medium

CVE-2025-36423

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data quer…

CVSS: 6.5 CWE: CWE-1284 - Improper Validation of Specified Quantity in Input View on NVD
Medium

CVE-2025-36387

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 could allow an authenticated user to cause a denial of service when given specially crafted query.

CVSS: 6.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
High

CVE-2025-36384

IBM Db2 for Windows 12.1.0 - 12.1.3 could allow a local user with filesystem access to escalate their privileges due to the use of an unquoted search path element.

CVSS: 8.4 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
Medium

CVE-2025-36366

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user to cause a denial of service by executing a query that invokes the JSON_Object scalar function, which may trigger…

CVSS: 6.5 CWE: CWE-943 - Improper Neutralization of Special Elements in Data Query Logic View on NVD
Medium

CVE-2025-36365

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated use…

CVSS: 6.8 CWE: CWE-639 - Authorization Bypass Through User-Controlled Key View on NVD
Medium

CVE-2025-36353

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special e…

CVSS: 6.2 CWE: CWE-943 - Improper Neutralization of Special Elements in Data Query Logic View on NVD
High

CVE-2025-36184

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of un…

CVSS: 7.2 CWE: CWE-250 - Execution with Unnecessary Privileges View on NVD
Medium

CVE-2025-36123

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service when copying large table containing XML dat…

CVSS: 6.2 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
Medium

CVE-2025-36098

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of reso…

CVSS: 6.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
Medium

CVE-2025-36070

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of ta…

CVSS: 6.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
Medium

CVE-2025-36009

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service due to excessive use of a global variable.

CVSS: 6.5 CWE: CWE-1284 - Improper Validation of Specified Quantity in Input View on NVD
Medium

CVE-2025-36001

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL stat…

CVSS: 6.5 CWE: CWE-674 - Uncontrolled Recursion View on NVD
Medium

CVE-2025-2668

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 is vulnerable to a denial of service as the server may crash when an authenticated user creates a specially crafted q…

CVSS: 6.5 CWE: CWE-789 - Memory Allocation with Excessive Size Value View on NVD
High

CVE-2020-37058

Andrea ST Filters Service 1.0.64.7 contains an unquoted service path vulnerability in its Windows service configuration. Local attackers can exploit the unquoted path to inject malicious code that wi…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
Medium

CVE-2025-6723

Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and expl…

CVSS: 5.8 CWE: CWE-269 - Improper Privilege Management View on NVD
High

CVE-2026-1680

Improper access control in the WCF endpoint in Edgemo (now owned by Danoffice IT) Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator vi…

CVSS: 7.8 CWE: CWE-250 - Execution with Unnecessary Privileges View on NVD
2026-01-29
Medium

CVE-2026-24687

Umbraco Forms is a form builder that integrates with the Umbraco content management system. It's possible for an authenticated backoffice-user to enumerate and traverse paths/files on the systems fil…

CVSS: 6.5 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
Medium

CVE-2026-24414

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissio…

CVSS: 5.5 CWE: CWE-276 - Incorrect Default Permissions View on NVD
Medium

CVE-2026-24413

Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the `%ProgramData%\…

CVSS: 5.5 CWE: CWE-276 - Incorrect Default Permissions View on NVD
Critical

CVE-2020-37000

Free MP3 CD Ripper 2.8 contains a stack buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting a malicious WAV file with oversized payload. Attackers can lev…

CVSS: 9.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Medium

CVE-2026-23570

A missing validation of a user-controlled value in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent netw…

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2026-23569

An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows a remote attacker to leak st…

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2026-23568

An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent…

CVSS: 5.4 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2026-23567

An integer underflow in the UDP command handler of the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent netw…

CVSS: 6.5 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2026-23566

A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tampe…

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2026-23565

A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause the Nom…

CVSS: 6.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2026-23564

A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause normall…

CVSS: 6.5 CWE: CWE-319 - Cleartext Transmission of Sensitive Information View on NVD
Medium

CVE-2026-23563

Improper Link Resolution Before File Access (invoked by 1E‑Explorer‑TachyonCore‑DeleteFileByPath instruction) in TeamViewer DEX - 1E Client before version 26.1 on Windows allows a low‑privileged loca…

CVSS: 5.7 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
Medium

CVE-2026-25067

SmarterTools SmarterMail versions prior to build 9518 contain an unauthenticated path coercion vulnerability in the background-of-the-day preview endpoint. The application base64-decodes attacker-su…

CVSS: 5.3 CWE: CWE-706 - Use of Incorrectly-Resolved Name or Reference View on NVD
2026-01-28
Medium

CVE-2026-24739

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not cor…

CVSS: 6.3 CWE: CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') View on NVD
Medium

CVE-2025-33237

NVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful exploit of this vulnerability might lead to a denial of serv…

CVSS: 5.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2025-33218

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where an attacker could cause an integer overflow. A successful exploit of this vulnerability m…

CVSS: 7.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2025-33217

NVIDIA Display Driver for Windows contains a vulnerability where an attacker could trigger a use after free. A successful exploit of this vulnerability might lead to code execution, escalation of pri…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
Medium

CVE-2025-13919

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to e…

CVSS: 4.4 CWE: CWE-427 - Uncontrolled Search Path Element View on NVD
High

CVE-2020-36990

Input Director 1.4.3 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit t…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
High

CVE-2020-36985

IP Watcher 3.0.0.30 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted bina…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
2026-01-27
High

CVE-2020-36980

SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
High

CVE-2020-36979

Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executabl…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
Medium

CVE-2026-0705

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager (Windows) before build 6.4.25342.354.

CVSS: 6.7 CWE: CWE-276 - Incorrect Default Permissions View on NVD
High

CVE-2026-21408

beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed wi…

CVSS: 7.3 CWE: CWE-427 - Uncontrolled Search Path Element View on NVD
2026-01-26
High

CVE-2025-30248

DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer's sear…

CVSS: 8.9 CWE: CWE-427 - Uncontrolled Search Path Element View on NVD
Medium

CVE-2026-24131

pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's `directories.bin` field, it uses `path.join()` without validating the result stays within the package root. A mali…

CVSS: 5.5 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
Medium

CVE-2026-23889

pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's tarball extraction allows malicious packages to write files outside the package directory on Windows. The…

CVSS: 6.5 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
High

CVE-2025-71178

Crucial Storage Executive installer versions prior to 11.08.082025.00 contain a DLL preloading vulnerability. During installation, the installer runs with elevated privileges and loads Windows DLLs u…

CVSS: 7.1 CWE: CWE-427 - Uncontrolled Search Path Element View on NVD
High

CVE-2020-36958

Kite 1.2020.1119.0 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unqu…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
High

CVE-2025-59105

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passw…

CVSS: 7.0 CWE: CWE-312 - Cleartext Storage of Sensitive Information View on NVD
Critical

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is expos…

CVSS: 9.2 CWE: CWE-1391 - Use of Weak Credentials View on NVD
2026-01-25
High

CVE-2020-36937

Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the u…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
High

CVE-2020-36936

Magic Mouse 2 Utilities 2.20 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to inject malicious executables and gain ele…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
High

CVE-2020-36934

Deep Instinct Windows Agent 1.2.24.0 contains an unquoted service path vulnerability in the DeepNetworkService that allows local users to potentially execute code with elevated privileges. Attackers…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
2026-01-23
High

CVE-2021-47881

dataSIMS Avionics ARINC 664-1 version 4.5.3 contains a local buffer overflow vulnerability that allows attackers to overwrite memory by manipulating the milstd1553result.txt file. Attackers can craft…

CVSS: 8.4 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
2026-01-22
Medium

CVE-2026-23764

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions…

CVSS: 6.8 CWE: CWE-823 - Use of Out-of-range Pointer Offset View on NVD
Medium

CVE-2026-23762

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions…

CVSS: 6.9 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
Medium

CVE-2026-23761

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions…

CVSS: 6.9 CWE: CWE-824 - Access of Uninitialized Pointer View on NVD
High

CVE-2025-14295

Storing Passwords in a Recoverable Format vulnerability in Automated Logic WebCTRL on Windows, Carrier i-Vu on Windows. Storing Passwords in a Recoverable Format vulnerability (CWE-257) in the Web se…

CVSS: 7.0 CWE: CWE-257 - Storing Passwords in a Recoverable Format View on NVD
Medium

CVE-2026-23951

SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size ca…

CVSS: 5.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
2026-01-21
Critical

CVE-2026-23518

Fleet is open source device management software. In versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, a vulnerability in Fleet's Windows MDM enrollment flow could allow an attacker to sub…

CVSS: 9.8 CWE: CWE-347 - Improper Verification of Cryptographic Signature View on NVD
Medium

CVE-2026-22808

fleetdm/fleet is open source device management software. Prior to versions 4.78.2, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, if Windows MDM is enabled, an unauthenticated attacker can exploit this XSS vuln…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
High

CVE-2021-47882

FreeLAN 2.2 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted binary path…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD
High

CVE-2021-47874

VFS for Git 1.0.21014.1 contains an unquoted service path vulnerability in the GVFS.Service Windows service that allows local attackers to execute code with elevated privileges. Attackers can exploit…

CVSS: 7.8 CWE: CWE-428 - Unquoted Search Path or Element View on NVD