2610 matches found
CVE-2026-45593
CVE-2026-45593 is a use-after-free vulnerability in the Windows SDK that allows an authorized attacker to elevate privileges locally. The NVD/CVE entries describe that the underlying issue is a use-after-free in Windows SDK code leading to local privilege escalation with a CVSS v3.1 base score of...
EUVD-2026-35551
Use after free in Windows SDK allows an authorized attacker to elevate privileges locally...
PT-2026-47982
Use after free in Windows SDK allows an authorized attacker to elevate privileges locally...
CVE-2026-34194 GPU DDK - UAF read and/or write to arbitrary physical pages in DevmemIntChangeSparse due to incorrect calculation of the virtual index count
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled acro...
Important: Red Hat Security Advisory: .NET 9.0 security update
An update for .NET 9.0 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
GHSA-XXWJ-CPV6-F4HC vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-8-openj9, openjdk-11-openj9, openjdk-25-openj9, openjdk-21-openj9, openjdk-26-openj9...
GHSA-G75F-42VW-M3XV vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-8-openj9, openjdk-11-openj9, openjdk-25-openj9, openjdk-21-openj9, openjdk-26-openj9...
GHSA-32VR-5HXF-X93F vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-8-openj9, openjdk-11-openj9, openjdk-25-openj9, openjdk-21-openj9, openjdk-26-openj9...
CVE-2026-4810
A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...
RLSA-2026:22145 Important: .NET 10.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...
openjdk: Enhance crypto algorithm support (Oracle CPU 2026-04)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....
openjdk: Enhance key generation (Oracle CPU 2026-04)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....
openjdk: Improve Kerberos credentialing (Oracle CPU 2026-04)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...
ALSA-2026:22145 Important: .NET 10.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...
Imagination Graphics DDK security vulnerability
Imagination Graphics DDK is a GPU driver toolkit developed by the British company Imagination. There is a security vulnerability in Imagination Graphics DDK, which stems from an address translation logic error. This vulnerability may allow the compromised host kernel to perform arbitrary writes t...
Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition shipped with IBM Tivoli Monitoring.
Summary Multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268 and CVE-2026-22007 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION:...
edk2 security update
An update is available for edk2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list EDK Embedded Development Kit is a project to enable UEFI support for Virtual...
RLSA-2026:21295 Important: .NET 10.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...
RLSA-2026:21294 Important: .NET 9.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.117 and .NET Runtime...
.NET 8.0 security update
An update is available for dotnet8.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...