112 matches found
EUVD-2026-22551
Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally...
CVE-2026-20806
Access of resource using incompatible type 'type confusion' in Windows COM allows an authorized attacker to disclose information locally...
CVE-2026-32162 Windows COM Elevation of Privilege Vulnerability
...
CVE-2026-32162
Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally...
CVE-2026-32162
CVE-2026-32162 is a Windows COM elevation of privilege vulnerability with local access, no user interaction, and high impact to confidentiality, integrity, and availability. The CVSS 3.1 base score is 8.4 (HIGH) with exploit code maturity labeled UNPROVEN and remediation level OFFICIAL_FIX. Affec...
CVE-2026-32162 Windows COM Elevation of Privilege Vulnerability
...
CVE-2026-20806 Windows COM Server Information Disclosure Vulnerability
...
Windows COM Elevation of Privilege Vulnerability
Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally...
Microsoft Windows COM 安全漏洞
Microsoft Windows COM is a technology developed by Microsoft Corporation in the United States, aimed at reusing software. COM is described as a platform-independent, distributed, object-oriented system used for creating interactive binary software components. There are security vulnerabilities in...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
The Russian threat actor known as APT28 aka Forest Blizzard and Pawn Storm has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented malware suite codenamed PRISMEX. "PRISMEX combines advanced steganography, component object model COM...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
OESA-2026-1708 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.CVE-2025-59375 Race...
CVE-2026-4689
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2025-13919 Component Object Model (COM) Hijacking in Symantec Endpoint Protection Windows Client
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry...
Microsoft Edge security vulnerabilities
Microsoft Edge is a web browser included with Windows 10 and later versions from Microsoft. There is a security vulnerability in Microsoft Edge, which stems from improper validation of privileged COM interfaces. This vulnerability could allow non-administrator users to execute privileged update...