Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Tag: windows Clear
ID Title
CVE-2026-13828 Vulnerability in c (CVE-2026-13828)
vulnerability in c (CVE-2026-13828). Confidential information can be exposed externally.
CVE-2026-13782 Use-After-Free in c (CVE-2026-13782)
vulnerability in c (CVE-2026-13782). Successful exploitation can lead to full system takeover.
CVE-2026-49402 OS Command Injection in deno (CVE-2026-49402)
OS command injection in deno (CVE-2026-49402). Successful exploitation can lead to full system takeover. Exploitable via ``spawn``. Mitigation: upgrade to `2.7.10` or later.
CVE-2026-53571 Path Traversal in vite (CVE-2026-53571)
path traversal in vite (CVE-2026-53571). Confidential information can be exposed externally. Exploitable via ``server.fs.deny``. Mitigation: upgrade to `6.4.3` or later.
CVE-2026-47906 Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
CVE-2026-45490 Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
CVE-2026-34694 Cross-Site Scripting (XSS) in adobe (CVE-2026-34694)
cross-site scripting in adobe (CVE-2026-34694). Risk of unauthorized operations or information disclosure.
CVE-2026-34691 Cross-Site Scripting (XSS) in adobe (CVE-2026-34691)
cross-site scripting in adobe (CVE-2026-34691). Confidential information can be exposed externally.
CVE-2026-45591 Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-x64 (CVE-2026-45591)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-x64 (CVE-2026-45591). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.9` or later.
CVE-2026-45491 Vulnerability in Microsoft.NETCore.App.Runtime.linux-x64 (CVE-2026-45491)
vulnerability in Microsoft.NETCore.App.Runtime.linux-x64 (CVE-2026-45491). Data can be tampered with by attackers. Exploitable via ``TarFile.ExtractToDirectory``. Mitigation: upgrade to `10.0.9` or later.
CVE-2026-11691 Vulnerability in c (CVE-2026-11691)
vulnerability in c (CVE-2026-11691). Risk of unauthorized operations or information disclosure.
CVE-2026-11693 Vulnerability in c (CVE-2026-11693)
vulnerability in c (CVE-2026-11693). Confidential information can be exposed externally.
CVE-2026-11014 Vulnerability in c (CVE-2026-11014)
vulnerability in c (CVE-2026-11014). Data can be tampered with by attackers.
CVE-2026-10940 Vulnerability in c (CVE-2026-10940)
vulnerability in c (CVE-2026-10940). Successful exploitation can lead to full system takeover.
CVE-2026-10912 Vulnerability in c (CVE-2026-10912)
vulnerability in c (CVE-2026-10912). Data can be tampered with by attackers.
CVE-2026-10905 Use-After-Free in c (CVE-2026-10905)
vulnerability in c (CVE-2026-10905). Successful exploitation can lead to full system takeover.
CVE-2026-9998 Vulnerability in c (CVE-2026-9998)
vulnerability in c (CVE-2026-9998). Successful exploitation can lead to full system takeover.
CVE-2026-8528 Vulnerability in c (CVE-2026-8528)
vulnerability in c (CVE-2026-8528). Risk of unauthorized operations or information disclosure.
CVE-2026-8519 Vulnerability in c (CVE-2026-8519)
vulnerability in c (CVE-2026-8519). Successful exploitation can lead to full system takeover.
CVE-2026-42899 Vulnerability in dotnet (CVE-2026-42899)
vulnerability in dotnet (CVE-2026-42899). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.27, 9.0.16, 10.0.8` or later.
CVE-2026-35433 Vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433)
vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433). Confidential information can be exposed externally. Mitigation: upgrade to `10.0.8` or later.
CVE-2026-32175 Vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175)
vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.8` or later.
CVE-2026-32177 Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
CVE-2026-32178 Vulnerability in dotnet (CVE-2026-32178)
vulnerability in dotnet (CVE-2026-32178). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
CVE-2026-26171 Vulnerability in dotnet (CVE-2026-26171)
vulnerability in dotnet (CVE-2026-26171). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
CVE-2026-43941 Vulnerability in electerm (CVE-2026-43941)
vulnerability in electerm (CVE-2026-43941). Successful exploitation can lead to full system takeover. Exploitable via ``shell.openExternal``.
CVE-2026-32202 KEV [KEV] Vulnerability in Microsoft windows (CVE-2026-32202)
vulnerability in Microsoft windows (CVE-2026-32202). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-3087 Path Traversal in libpython (CVE-2026-3087)
path traversal in libpython (CVE-2026-3087). Data can be tampered with by attackers. Mitigation: upgrade to `3.14.5` or later.
CVE-2026-33116 Vulnerability in csharp (CVE-2026-33116)
vulnerability in csharp (CVE-2026-33116). Risk of unauthorized operations or information disclosure.
CVE-2026-32203 Vulnerability in csharp (CVE-2026-32203)
vulnerability in csharp (CVE-2026-32203). Risk of unauthorized operations or information disclosure.
CVE-2025-69624 Vulnerability in gonitro (CVE-2025-69624)
vulnerability in gonitro (CVE-2025-69624). Risk of unauthorized operations or information disclosure.
CVE-2025-69627 Use-After-Free in gonitro (CVE-2025-69627)
vulnerability in gonitro (CVE-2025-69627). Successful exploitation can lead to full system takeover.
CVE-2025-15558 Vulnerability in c (CVE-2025-15558)
vulnerability in c (CVE-2025-15558). Successful exploitation can lead to full system takeover.
CVE-2024-3566 Command Injection in node (CVE-2024-3566)
command injection in node (CVE-2024-3566). Successful exploitation can lead to full system takeover. Exploitable via ``cmd.exe``. Mitigation: upgrade to `18.19.0` or later.
CVE-2021-28927 OS Command Injection in c (CVE-2021-28927)
OS command injection in c (CVE-2021-28927). Successful exploitation can lead to full system takeover.
CVE-2017-17671 Path Traversal in apache (CVE-2017-17671)
path traversal in apache (CVE-2017-17671). Successful exploitation can lead to full system takeover.
CVE-2014-2845 Vulnerability in c (CVE-2014-2845)
vulnerability in c (CVE-2014-2845). Confidential information can be exposed externally.
CVE-2017-5118 Vulnerability in google (CVE-2017-5118)
vulnerability in google (CVE-2017-5118). Risk of unauthorized operations or information disclosure.
CVE-2017-5078 Vulnerability in c (CVE-2017-5078)
vulnerability in c (CVE-2017-5078). Successful exploitation can lead to full system takeover.
CVE-2017-5094 Vulnerability in c (CVE-2017-5094)
vulnerability in c (CVE-2017-5094). Data can be tampered with by attackers.
CVE-2015-7359 Vulnerability in c (CVE-2015-7359)
vulnerability in c (CVE-2015-7359). Successful exploitation can lead to full system takeover.
CVE-2015-7358 Vulnerability in c (CVE-2015-7358)
vulnerability in c (CVE-2015-7358). Successful exploitation can lead to full system takeover.
CVE-2017-12814 Buffer Overflow in perl (CVE-2017-12814)
vulnerability in perl (CVE-2017-12814). Successful exploitation can lead to full system takeover.
CVE-2017-14686 Buffer Overflow in c (CVE-2017-14686)
vulnerability in c (CVE-2017-14686). Successful exploitation can lead to full system takeover.
CVE-2017-14685 Buffer Overflow in c (CVE-2017-14685)
vulnerability in c (CVE-2017-14685). Successful exploitation can lead to full system takeover.
CVE-2017-3113 Use-After-Free in adobe (CVE-2017-3113)
vulnerability in adobe (CVE-2017-3113). Successful exploitation can lead to full system takeover.
CVE-2017-11254 Use-After-Free in adobe (CVE-2017-11254)
vulnerability in adobe (CVE-2017-11254). Successful exploitation can lead to full system takeover.
CVE-2017-11742 Vulnerability in c (CVE-2017-11742)
vulnerability in c (CVE-2017-11742). Successful exploitation can lead to full system takeover.
CVE-2017-9428 Path Traversal in path-traversal (CVE-2017-9428)
path traversal in path-traversal (CVE-2017-9428). Confidential information can be exposed externally.
CVE-2017-5029 Out-of-Bounds Write in c (CVE-2017-5029)
out-of-bounds write in c (CVE-2017-5029). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →