exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 331 614

CVE-2026-20969

около 1 месяца назад

Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.

CVSS3: 5.5

EPSS: Низкий

CVE-2026-20968

около 1 месяца назад

Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code.

CVSS3: 6.7

EPSS: Низкий

CVE-2026-20965

27 дней назад

Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.

CVSS3: 7.5

EPSS: Низкий

CVE-2026-20963

27 дней назад

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS3: 8.8

EPSS: Низкий

CVE-2026-20962

27 дней назад

Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.

CVSS3: 4.4

EPSS: Низкий

CVE-2026-20960

24 дня назад

Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network.

CVSS3: 8

EPSS: Низкий

CVE-2026-20959

27 дней назад

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVSS3: 4.6

EPSS: Низкий

CVE-2026-20958

27 дней назад

Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network.

CVSS3: 5.4

EPSS: Низкий

CVE-2026-20957

27 дней назад

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20956

27 дней назад

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20955

27 дней назад

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20953

27 дней назад

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS3: 8.4

EPSS: Низкий

CVE-2026-20952

27 дней назад

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS3: 8.4

EPSS: Низкий

CVE-2026-20951

27 дней назад

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20950

27 дней назад

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20949

27 дней назад

Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20948

27 дней назад

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20947

27 дней назад

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS3: 8.8

EPSS: Низкий

CVE-2026-20946

27 дней назад

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20944

27 дней назад

Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVSS3: 8.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-20969 Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.	CVSS3: 5.5	0% Низкий	около 1 месяца назад
CVE-2026-20968 Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code.	CVSS3: 6.7	0% Низкий	около 1 месяца назад
CVE-2026-20965 Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.	CVSS3: 7.5	0% Низкий	27 дней назад
CVE-2026-20963 Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.	CVSS3: 8.8	1% Низкий	27 дней назад
CVE-2026-20962 Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.	CVSS3: 4.4	0% Низкий	27 дней назад
CVE-2026-20960 Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network.	CVSS3: 8	0% Низкий	24 дня назад
CVE-2026-20959 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.	CVSS3: 4.6	0% Низкий	27 дней назад
CVE-2026-20958 Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network.	CVSS3: 5.4	0% Низкий	27 дней назад
CVE-2026-20957 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20956 Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20955 Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20953 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.	CVSS3: 8.4	0% Низкий	27 дней назад
CVE-2026-20952 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.	CVSS3: 8.4	0% Низкий	27 дней назад
CVE-2026-20951 Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20950 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20949 Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20948 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20947 Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.	CVSS3: 8.8	0% Низкий	27 дней назад
CVE-2026-20946 Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20944 Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.	CVSS3: 8.4	0% Низкий	27 дней назад

Уязвимостей на страницу