1301 matches found
MPDV Mikrolab GmbH HYDRA X, MIP 2 & FEDRA 2 - Path Traversal
MPDV Mikrolab GmbH HYDRA X, MIP 2, and FEDRA 2 = Maintenance Pack 36 with Servicepack 8 week 36/2025 contain an unauthenticated local file disclosure vulnerability caused by improper validation of the "Filename" parameter in the public $SCHEMAS$ resource, letting attackers read arbitrary Windows ...
EUVD-2026-33783
In setTo of ResourceTypes.cpp, there is a possible read out of bounds due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-33779
In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48616
In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2026-28586
In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0050
In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0016
CVE-2026-0016 affects CredentialManagerService.java (updateProvidersWhenServiceRemoved). The vulnerability arises from a permissions bypass that could allow overriding settings across users, causing local information disclosure with no extra execution privileges required. Exploitation status is n...
CVE-2026-0016
In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2025-48616
In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2025-48616
In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2026-47332
CVE-2026-47332 affects Ubuntu Linux releases 6.8, 6.17 and 7.0 where AppArmor SAUCE patches incorrectly validate the size of an internal structure in notification handling. Root cause: size validation flaw leading to an out-of-bounds read in the notification path. Impact: information disclosure f...
CVE-2026-47332
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent...
Astra Linux - уязвимость в linux, linux-5.10
Incomplete cleanup of microarchitectural fill buffers on some Intel processors may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2026-40360
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
EUVD-2026-29595
Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose information locally...
CVE-2026-35440
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally...
CVE-2026-40360
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
Windows DWM Core Library Elevation of Privilege Vulnerability
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
Microsoft Excel Information Disclosure Vulnerability
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
Microsoft Word Information Disclosure Vulnerability
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally...