17694 matches found
CVE-2026-34340
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally...
CVE-2026-40397 Windows Common Log File System Driver Elevation of Privilege Vulnerability
...
CVE-2026-40397
CVE-2026-40397 describes an integer underflow (wrap/wraparound) in the Windows Common Log File System Driver that enables a locally authenticated attacker to elevate privileges. The description indicates a local, privileges-required (low), no user interaction vulnerability with high impact to con...
CVE-2026-40397
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-40397 Windows Common Log File System Driver Elevation of Privilege Vulnerability
...
CVE-2026-34340 Windows Projected File System Elevation of Privilege Vulnerability
...
CVE-2026-34340
CVE-2026-34340 : Use-after-free in the Windows Projected File System can allow an authorized local attacker to elevate privileges. The provided documents identify the affected component as Windows Projected File System and state the root cause as a use-after-free, with a CVSS v3.1 base score of 7...
CVE-2026-34340 Windows Projected File System Elevation of Privilege Vulnerability
...
CVE-2026-40407
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-40407 Windows Common Log File System Driver Elevation of Privilege Vulnerability
...
CVE-2026-40407
CVE-2026-40407 describes a heap-based buffer overflow in the Windows Common Log File System (CLFS) Driver that permits an authorized, local attacker to elevate privileges. The vulnerability impact is local privilege escalation with a CVSS v3.1 base score of 7.8 (HIGH) and impact to confidentialit...
CVE-2026-44343
WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...
CVE-2026-44343 WGDashboard: Critical Vulnerability in 4.3.2
WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...
EUVD-2026-29732
WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2...
CVE-2026-44343
WGDashboard (WireGuard VPN dashboard) contains a critical vulnerability prior to version 4.3.2 that could allow unauthenticated parties to access the host filesystem. The root cause details are not provided beyond the high‑level impact in the CVE record, and exploitation details are not disclosed...
CVE-2026-31226
The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 2025-58-24 contains a critical command injection vulnerability CWE-78 in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system without proper...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
Windows Projected File System Elevation of Privilege Vulnerability
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally...
EUVD-2026-29386
A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to privilege escalation. This vulnerability can only be exploited if an attacker can log in to the Axis device using SSH...