4835 matches found
Microsoft Brokering File System Elevation of Privilege Vulnerability
Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...
Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
Out-of-bounds read in Microsoft Input Method Editor IME allows an authorized attacker to elevate privileges locally...
CVE-2025-21004
Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device...
CVE-2025-21006
Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory...
CVE-2025-24006
A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root...
CVE-2025-24005
CVE-2025-24005 is a local privilege escalation affecting the PHOENIX CONTACT CHARX SEC series, caused by an input validation error in a vulnerable script accessible via SSH. An attacker with a local account can escalate to root. The public documents describe the vulnerability and impact but do no...
Microsoft Windows win32kfull Out-Of-Bounds Write Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...
PT-2025-28565
Name of the Vulnerable Software and Affected Versions: Windows Win32K affected versions not specified Description: The issue is related to a double free in Windows Win32K - ICOMP, which allows an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no...
Azure Service Fabric Explorer Information Disclosure (July 2025)
The Azure Service Fabric installed on the remote host is affected by an runtime elevation of privilege vulnerability. A local, authenticated attacker can exploit this to elevate privileges. Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...
KB5062618: Windows Server 2008 Security Update (July 2025)
The remote Windows host is missing security update 5062618. It is, therefore, affected by multiple vulnerabilities - Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. CVE-2025-49659 - Untrusted pointer dereference in Windows Event Tracing allows an...
Microsoft Windows win32kfull Integer Overflow Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...
PT-2025-28517 · Microsoft · Windows Storage Vsp Driver +1
Name of the Vulnerable Software and Affected Versions: Windows Storage VSP Driver affected versions not specified Description: The issue is related to improper input validation in the Windows Storage VSP Driver, which allows an authorized attacker to elevate privileges locally. This means an...
PT-2025-28343 · Phoenix Contact · Charx Sec-3000 +7
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation. Recommendations: At the moment, there is ...
CVE-2025-7068
A flaw was found in HDF5. The H5FLmalloc function in src/H5FL.c exhibits a memory leak due to improper memory management, requiring local attacker access. This manipulation results in a resource exhaustion condition. Consequently, an application-level denial of service may occur. Mitigation...
DEBIAN-CVE-2025-7068
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...
CVE-2025-7068
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...
CVE-2025-7068
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...
AZL-65205 CVE-2025-7068 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...
AZL-65160 CVE-2025-7068 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...
CVE-2025-7069
A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FSsectlinksize of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to t...