Filtered by vendor Microsoft
Subscribe
Total
23241 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-27221 | 3 Adobe, Apple, Microsoft | 5 Acrobat, Acrobat Dc, Acrobat Reader Dc and 2 more | 2026-03-11 | N/A | 5.5 MEDIUM |
| Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by an Improper Certificate Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to spoof the identity of a signer. Exploitation of this issue requires user interaction. | |||||
| CVE-2026-27220 | 3 Adobe, Apple, Microsoft | 5 Acrobat, Acrobat Dc, Acrobat Reader Dc and 2 more | 2026-03-11 | N/A | 7.8 HIGH |
| Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-27278 | 3 Adobe, Apple, Microsoft | 5 Acrobat, Acrobat Dc, Acrobat Reader Dc and 2 more | 2026-03-11 | N/A | 7.8 HIGH |
| Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-27267 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2026-03-11 | N/A | 7.8 HIGH |
| Illustrator versions 29.8.4, 30.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-27268 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2026-03-11 | N/A | 5.5 MEDIUM |
| Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-27270 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2026-03-11 | N/A | 5.5 MEDIUM |
| Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-27271 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2026-03-11 | N/A | 7.8 HIGH |
| Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-27272 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2026-03-11 | N/A | 7.8 HIGH |
| Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-21362 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2026-03-11 | N/A | 7.8 HIGH |
| Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-21333 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2026-03-11 | N/A | 8.6 HIGH |
| Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-3538 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-03-11 | N/A | 8.8 HIGH |
| Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) | |||||
| CVE-2026-3537 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-03-11 | N/A | 8.8 HIGH |
| Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | |||||
| CVE-2026-3536 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-03-11 | N/A | 8.8 HIGH |
| Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) | |||||
| CVE-2026-28711 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2026-03-11 | N/A | 6.3 MEDIUM |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||||
| CVE-2026-28722 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2026-03-11 | N/A | 7.3 HIGH |
| Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||||
| CVE-2026-28721 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2026-03-11 | N/A | 7.3 HIGH |
| Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||||
| CVE-2026-28717 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2026-03-11 | N/A | 5.0 MEDIUM |
| Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||||
| CVE-2026-28712 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2026-03-11 | N/A | 6.3 MEDIUM |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||||
| CVE-2026-30798 | 5 Apple, Google, Linux and 2 more | 6 Iphone Os, Macos, Android and 3 more | 2026-03-10 | N/A | 7.5 HIGH |
| Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation. This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines stop-service handler in heartbeat loop. This issue affects RustDesk Client: through 1.4.5. | |||||
| CVE-2026-3787 | 2 Microsoft, Uvnc | 2 Windows, Ultravnc | 2026-03-10 | 6.0 MEDIUM | 7.0 HIGH |
| A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but did not respond in any way. | |||||