CVE Security

The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary...

Linux Windows


                                    CVE-2022-26522

Lire l'article

high 8.1

14/05/2026

Vulnérabilité high détectée - CVE-2026-41105

Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.

Windows


                                    CVE-2026-41105

Lire l'article

critical 10

14/05/2026

Vulnérabilité critical détectée - CVE-2026-42826

Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.

Windows


                                    CVE-2026-42826

Lire l'article

high 8.6

14/05/2026

Vulnérabilité high détectée - CVE-2026-35435

Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.

Windows


                                    CVE-2026-35435

Lire l'article

high 8.2

14/05/2026

Vulnérabilité high détectée - CVE-2026-34327

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a...

Windows


                                    CVE-2026-34327

Lire l'article

critical 9.6

14/05/2026

Vulnérabilité critical détectée - CVE-2026-35428

Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform sp...

Windows


                                    CVE-2026-35428

Lire l'article

critical 9.6

14/05/2026

Vulnérabilité critical détectée - CVE-2026-33823

Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.

Windows


                                    CVE-2026-33823

Lire l'article

critical 9

14/05/2026

Vulnérabilité critical détectée - CVE-2026-33844

Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.

Windows


                                    CVE-2026-33844

Lire l'article

high 7.5

14/05/2026

Vulnérabilité high détectée - CVE-2026-33111

Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker t...

Applications Windows


                                    CVE-2026-33111

Lire l'article

high 7.5

14/05/2026

Vulnérabilité high détectée - CVE-2026-26129

Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Windows


                                    CVE-2026-26129

Lire l'article

high 7.5

14/05/2026

Vulnérabilité high détectée - CVE-2026-26164

Improper neutralization of special elements in output used by a downstream component ('injection') in M365 Copilot allows an unauthorized attacker to ...

Windows


                                    CVE-2026-26164

Lire l'article

high 8.8

14/05/2026

Vulnérabilité high détectée - CVE-2026-32207

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perf...

Windows


                                    CVE-2026-32207

Lire l'article

12 13 14 15 16