379 matches found
CVE-2026-58534
Heap-based buffer overflow in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges locally...
CVE-2026-58534 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
...
CVE-2026-58534 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
...
CVE-2026-58534
CVE-2026-58534 is a Windows IME heap-based buffer overflow vulnerability that enables local privilege escalation for an authenticated attacker. The affected component is the Microsoft Input Method Editor (IME) in Windows. The root cause, per the available sources, is a heap-based buffer overflow ...
Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
Heap-based buffer overflow in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges locally...
Chromium: CVE-2026-13811 Use after free in IME
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-40497
Use after free in IME in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-13811
Use after free in IME in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-0072
In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0072
In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0072
In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0072
In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0072
CVE-2026-0072 affects Android’s InputMethodManagerService (com.android.server.inputmethod.InputMethodManagerService). The issue is a missing permission check in addInputMethodListener, enabling local elevation of privilege with no additional execution privileges required and no user interaction n...
PT-2026-45496
Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A missing permission check exists in the addInputMethodListener function of com.android.server.inputmethod.InputMethodManagerService. This flaw allows for local escalation of privilege withou...
Google Android 安全漏洞
Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the lack of permission checks in the addInputMethodListener function within com.android.server.inputmethod.InputMethodManagerService. Th...
JLSEC-2026-469 An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM)...
An integer overflow leading to a heap-buffer overflow was found in The X Input Method XIM client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are...
[SECURITY] Fedora 44 Update: fcitx5-qt-5.1.13-2.fc44
Qt library and IM module for fcitx5...
CVE-2017-18685
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. The InputMethod application can cause a system crash via a malformed serializable object in an Intent. The Samsung ID is SVE-2016-7123 February 2017...
October 14, 2025—KB5066782 (OS Build 20348.4294)
None None...
[SECURITY] Fedora 42 Update: fcitx5-unikey-5.1.8-1.fc42
Unikey Vietnamese Input Method engine support for Fcitx5...