1359 matches found
CVE-2025-48616
In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2026-47332
CVE-2026-47332 affects Ubuntu Linux releases 6.8, 6.17 and 7.0 where AppArmor SAUCE patches incorrectly validate the size of an internal structure in notification handling. Root cause: size validation flaw leading to an out-of-bounds read in the notification path. Impact: information disclosure f...
CVE-2026-47332
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent...
Astra Linux – Vulnerability in Linux, Linux 5.10
Incomplete cleanup of microarchitectural fill buffers on some Intel processors may allow an authenticated user to potentially enable information disclosure via local access...
Astra Linux – Vulnerability in Linux, Linux 5.10
The non-transparent sharing of the branch predictor within the context of some Intel processors may allow an authorized user to potentially enable information disclosure through local access...
CVE-2026-40360
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
EUVD-2026-29595
Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose information locally...
CVE-2026-35440
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally...
CVE-2026-40360
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
Windows DWM Core Library Elevation of Privilege Vulnerability
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
Microsoft Word Information Disclosure Vulnerability
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally...
Microsoft Excel Information Disclosure Vulnerability
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
PT-2026-40180
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally...
CVE-2026-31781
A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem, specifically in the drm/ioc32 component. This vulnerability, related to speculative execution a technique used by modern processors to guess future instructions, allows a local attacker to potentially disclose sensitiv...
CVE-2026-41419
4ga Boards is a boards system for realtime project management. Prior to 3.3.5, a path traversal vulnerability allows an authenticated user with board import privileges to make the server ingest arbitrary host files as board attachments during BOARDS archive import. Once imported, the file can be...
EUVD-2026-25613
4ga Boards is a boards system for realtime project management. Prior to 3.3.5, a path traversal vulnerability allows an authenticated user with board import privileges to make the server ingest arbitrary host files as board attachments during BOARDS archive import. Once imported, the file can be...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013268)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013268 advisory. In the Android kernel in the video driver there is a kernel pointer leak due to a WARNON statement. This could lead to local information disclosure with System...
HashiCorp Vault has Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS
Vault’s PKI engine’s ACME validation did not reject local targets when issuing http-01 and tls-alpn-01 challenges. This may lead to these requests being sent to local network targets, potentially leading to information disclosure. Fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0,...
CVE-2026-32218
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally...
CVE-2026-32215
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally...