6680 matches found
CVE-2025-68623
In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. During installation, the installer runs with HIGH integrity and downloads executables and...
CVE-2025-68623
In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. During installation, the installer runs with HIGH integrity and downloads executables and...
EUVD-2026-10615
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...
EUVD-2026-10657
Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to disclose information locally...
CVE-2026-24291
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...
CVE-2026-24291
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...
CVE-2026-25186 Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability
...
CVE-2026-24291
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...
CVE-2026-24291 Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability
...
CVE-2026-3315
CVE-2026-3315 concerns ASSA ABLOY Visionline on Windows, where incorrect default permissions enable configuration/environment manipulation and lead to execution with unnecessary privileges and improper assignment of permissions to a critical resource. Affected versions are Visionline prior to 1.3...
CVE-2026-3315 Local Privilege Escalation Due to Writable Executable in Privileged Visionline Service Path
Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33...
PT-2026-24285
Name of the Vulnerable Software and Affected Versions Windows versions prior to March 10, 2026 Patch Tuesday Description An improper permission assignment within the Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally. The issue stems from...
New-Shellcode-Injection-Exploit
Shellcode Injection Exploit Author Created by 0x5da...
CVE-2025-69649
A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed header fields with the readelf program can trigger a NULL pointer dereference, causing a crash and resulting in a denial of service. Mitigation To mitigate this vulnerability, do not process untruste...
DEBIAN-CVE-2025-69649
GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...
UBUNTU-CVE-2025-69652
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...
AZL-79574 CVE-2025-69651 affecting package binutils 2.41-10
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...
Malicious code in flowfix (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 77c3304c8fcc8e0cdf2ac450babf481ff0ee3e93cb3c4213c6b4fa8d80cf4137 The package hides code to download and open remote content. The current code seems to be a bit broken as the final URL is not correct, but the code holds also...
MAL-2026-1276 Malicious code in flowfix (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 77c3304c8fcc8e0cdf2ac450babf481ff0ee3e93cb3c4213c6b4fa8d80cf4137 The package hides code to download and open remote content. The current code seems to be a bit broken as the final URL is not correct, but the code holds also...
CVE-2026-29041 Chamilo: Authenticated Remote Code Execution via Unrestricted File Upload
Chamilo is a learning management system. Prior to version 1.11.34, Chamilo LMS is affected by an authenticated remote code execution vulnerability caused by improper validation of uploaded files. The application relies solely on MIME-type verification when handling file uploads and does not...