3652 matches found
EUVD-2026-35673
Time-of-check time-of-use TOCTOU race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally...
CVE-2026-45487
Time-of-check time-of-use TOCTOU race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally...
CVE-2026-45487 Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability
...
CVE-2026-45487
CVE-2026-45487 is a Windows vulnerability in the Program Compatibility Assistant Service where a TOCTOU race condition enables a local, authorized user to elevate privileges. Affected component: Program Compatibility Assistant Service on Windows. Root cause: TOCTOU race condition allowing privile...
CVE-2026-45487 Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability
...
Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability
Time-of-check time-of-use TOCTOU race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally...
[SECURITY] Fedora 43 Update: objfw-1.5.5-1.fc43
ObjFW is a portable, lightweight framework for the Objective-C language. It enables you to write an application in Objective-C that will run on any platform supported by ObjFW without having to worry about differences between operating systems or various frameworks you would otherwise need if you...
[SECURITY] Fedora 43 Update: mingw-objfw-1.5.5-1.fc43
ObjFW is a portable, lightweight framework for the Objective-C language. It enables you to write an application in Objective-C that will run on any platform supported by ObjFW without having to worry about differences between operating systems or various frameworks you would otherwise need if you...
[SECURITY] Fedora 44 Update: objfw-1.5.5-1.fc44
ObjFW is a portable, lightweight framework for the Objective-C language. It enables you to write an application in Objective-C that will run on any platform supported by ObjFW without having to worry about differences between operating systems or various frameworks you would otherwise need if you...
[SECURITY] Fedora 44 Update: mingw-objfw-1.5.5-1.fc44
ObjFW is a portable, lightweight framework for the Objective-C language. It enables you to write an application in Objective-C that will run on any platform supported by ObjFW without having to worry about differences between operating systems or various frameworks you would otherwise need if you...
PT-2026-48336
BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention resolver that, when username compatibility mode is enabled, allows attackers to manipulate a REGEXP database clause by crafting mention names containing regex metacharacters. Attackers can submit...
Microsoft Windows Push Notifications 竞争条件问题漏洞
Microsoft Windows Push Notifications is a push notification service provided by the American company Microsoft. It provides a reliable way to deliver new updates. There are compatibility issues with Microsoft Windows Push Notifications. The following products and versions are affected: Windows...
Microsoft Windows Program Compatibility Assistant Service 竞争条件问题漏洞
Microsoft Windows is an operating system used on personal devices by the American company Microsoft. The Microsoft Windows Program Compatibility Assistant Service has a security vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions...
PT-2026-47969
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A Time-of-check time-of-use TOCTOU race condition exists in the Program Compatibility Assistant Service. This flaw allows an authorized attacker to elevate privileges locally, enabling them t...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
CVE-2025-32433 Exploit Windows Compatible Erlang/OTP SSH Un...
xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling
A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...
TencentOS Server 4: xorg-x11-server (TSSA-2026:0294)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0294 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
AlmaLinux 9 : kernel (ALSA-2026:21556)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21556 advisory. kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when settin...
RHEL 8 : compat-openssl10 (RHSA-2026:22315)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:22315 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is...
CVE-2026-5448
X.509 date buffer overflow in wolfSSLX509notAfter / wolfSSLX509notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS...