Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a logic error in the code of multiple functions in RoleService.java, which can be exploited by an attacker to gain elevated privileges on the system...

IBM Transformation Advisor 安全漏洞

IBM Transformation Advisor is an application modernization separation and migration assessment tool from International Business Machines IBM. A security vulnerability exists in IBM Transformation Advisor versions 2.0.1 through 4.3.1, which stems from an improper assignment of privileges and could...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a logic error in the code at multiple locations. The vulnerability can be exploited by an attacker to gain elevated privileges on the...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a logic error in the code at multiple locations. The vulnerability can be exploited by an attacker to gain elevated privileges on the...

CVE-2025-22409

In rfcsendbufuih of rfctsframes.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-50170

Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-53149

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally...

CVE-2025-53142

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...

CVE-2025-36612

SupportAssist for Business PCs, versions 4.5.3 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

CVE-2025-38738

SupportAssist for Home PCs Installer exe versions 4.8.2.29006 and prior, contains an Incorrect Privilege Assignment vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

CVE-2025-0309 Netskope Client Local Elevation of Privileges

An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to...

Win32k Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

Linux Distros Unpatched Vulnerability : CVE-2022-46341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked wit...

Elastic 安全漏洞

Elastic is a suite of open source distributed RESTful search engines built on Lucene by Elastic Netherlands. The product is primarily used in cloud computing and supports data indexing using JSON over HTTP. A security vulnerability exists in Elastic that stems from improper handling of directory...

CVE-2025-6241

LsiAgent.exe, a component of SysTrack from Lakeside Software, attempts to load several DLL files which are not present in the default installation. If a user-writable directory is present in the SYSTEM PATH environment variable, the user can write a malicious DLL to that directory with arbitrary...

CVE-2025-6241

Summary: CVE-2025-6241 affects Lakeside Software SysTrack’s LsiAgent.exe, which loads DLLs not present in default installations. If a user-writable directory exists in the SYSTEM PATH, a malicious DLL named wfapi.dll could be written there and executed by LsiAgent.exe at startup or service restar...

CVE-2025-37101

CVE-2025-37101 concerns HPE OneView for VMware vCenter (OV4VC). The available documents confirm a vulnerability where an attacker with read-only privileges can perform vertical privilege escalation, enabling admin actions. The CVSS 3.1 score is 8.7 (HIGH): attack vector NETWORK, attack complexity...

Trend Micro Apex One Damage Cleanup Engine 安全漏洞

Trend Micro Apex One Damage Cleanup Engine is a malware scanning engine from Trend Micro. A security vulnerability exists in Trend Micro Apex One Damage Cleanup Engine, which stems from a link following issue that could lead to local elevation of privilege...