986 matches found
CVE-2026-54424
CVE-2026-54424 affects Unity Parsec on Windows. The vulnerability is described as an Incorrect Use of Privileged APIs that can lead to Elevation of Privilege. Affected through Parsec for Windows v2026-05-04.0, with a patch in Windows version 150-104a. The issue allows an instance of parsecd.exe t...
PT-2026-53735
Name of the Vulnerable Software and Affected Versions Matrix42 Empirum versions prior to 25.5 Matrix42 Empirum versions 26.x prior to 26.2 Description The PBackupVSS.exe component creates a named pipe at '.pipePBackupVSS' with a Discretionary Access Control List DACL that grants GENERIC READ and...
CVE-2026-30040
A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 JP2 file...
CVE-2026-37452
CVE-2026-37452 affects MSI Center’s MSI NBFoundation Service (MSIAPService.exe). The issue arises from insecure permissions on the IPC named pipe . low MSI_SERVICE_2, allowing unauthenticated clients to trigger surface commands that run under SYSTEM. The connected advisories describe an arbitrary...
EUVD-2020-31253
Realtek Audio Service 1.0.0.55 contains an unquoted service path vulnerability in RtkAudioService64.exe that allows local attackers to escalate privileges by injecting malicious code. Attackers can place executable files in the unquoted service path directory to execute arbitrary code with...
CVE-2026-36213
The vulnerability CVE-2026-36213 affects Microvirt MEmu Android Emulator (Windows) up to version 9.2.7.0, in the MemuService.exe component. The issue enables local privilege escalation because the MemuSVC service runs with SYSTEM-level privileges while its binary is writable by a local user, allo...
CVE-2026-44609
Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...
CVE-2026-44609
CVE-2026-44609 affects Acronis DeviceLock DLP for Windows prior to build 9.0.15051.93227. The vulnerability is an EXE hijacking issue that enables local privilege escalation. Exploitation details are not provided in the supplied documents beyond the affected product and build, and there is no inf...
CVE-2026-44609
Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...
EUVD-2026-34171
Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...
PT-2026-46063
Name of the Vulnerable Software and Affected Versions Acronis DeviceLock DLP Windows versions prior to 9.0.15051.93227 Description Local privilege escalation is possible due to an EXE hijacking issue. This occurs when an application searches for a required executable file in an insecure order,...
CVE-2026-42251
Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...
SUSE CVE-2026-48831
Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...
MAL-2026-4350 Malicious code in clobprice.api (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Linux Distros Unpatched Vulnerability : CVE-2026-48831
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handli...
CVE-2026-48831
Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...
WineHQ Wine 安全漏洞
WineHQ Wine is an open-source compatibility layer software developed by WineHQ, capable of running Windows applications on Unix-like systems. There is a security vulnerability in WineHQ, which stems from a.desktop file registered as an EXE file MIME processor. This vulnerability may allow EXE fil...
CVE-2026-7832 IObit Advanced SystemCare Service ASC.exe symlink
A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component Service. The manipulation results in symlink following. Attacking locally is a requirement. This attack is characterized by high complexity. It is indicated that...
Constraint-Guided Multi-Agent Decompilation for Executable Binary Recovery
Decompilation -- recovering source code from compiled binaries -- is essential for security analysis, malware reverse engineering, and legacy software maintenance. However, existing decompilers produce code that often fails to compile or execute correctly, limiting their practical utility. We...
UBUNTU-CVE-2019-25695
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...