570 matches found
CVE-2026-50437
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally...
CVE-2026-58541
CVE-2026-58541 — Windows DWM Core Library Elevation of Privilege due to a type confusion in DWM. Affected component: Windows DWM Core Library/DWM (Windows OS). Description from sources: Access of resource using incompatible type ('type confusion') in Windows DWM allows an authorized attacker to e...
CVE-2026-58541 Microsoft DWM Core Library Elevation of Privilege Vulnerability
...
CVE-2026-50437 Windows DWM Core Library Information Disclosure Vulnerability
...
CVE-2026-50437
CVE-2026-50437 describes an out-of-bounds read in Windows DWM Core Library that could allow an authenticated local attacker to disclose information. Public docs identify the affected component (Windows DWM Core Library) and the impact (local information disclosure) with a CVSSv3.1 base score of 5...
CVE-2026-50437 Windows DWM Core Library Information Disclosure Vulnerability
...
CVE-2026-50329
CVE-2026-50329 is a Windows DWM Core Library elevation-of-privilege vulnerability rooted in a use-after-free in the Windows kernel. The available connected sources confirm the affected component as Windows DWM Core Library (Windows Kernel) and describe local privilege escalation possible by an au...
CVE-2026-50329 Microsoft DWM Core Library Elevation of Privilege Vulnerability
...
PT-2026-58416
Name of the Vulnerable Software and Affected Versions Windows DWM Core Library affected versions not specified Description An out-of-bounds read in the Windows DWM Core Library allows an authorized attacker to disclose information locally. This issue involves memory leaking to logged-in attackers...
Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-8530-1)
"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8530-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag....
USN-8529-1: Linux kernel vulnerabilities
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-43503 Several security issues...
EUVD-2026-42053
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
USN-8508-1 linux-nvidia-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - GP...
USN-8508-1: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - GP...
USN-8501-1 linux vulnerabilities
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-43503 Several security issues...
USN-8493-1 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-5.15, linux-azure-fde-5.15, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...
USN-8491-1 linux-oem-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; -...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, there was an integer underflow issue in the updatereadcachebitmaporder function of FreeRDP’s core library. This vulnerability has been fixed in version 3.24.0...
CVE-2026-44808
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
CVE-2026-42983
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...