5202 matches found
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
CVE-2026-46730
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect authorization vulnerability. A high privileged attacker with...
EUVD-2026-40781
Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2026-14094
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious...
DEBIAN-CVE-2026-14060
Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Low...
DEBIAN-CVE-2026-13827
Use after free in Updater in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: High...
kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...
CVE-2026-58302
rtapiapp in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to lo...
PT-2026-53735
Name of the Vulnerable Software and Affected Versions Matrix42 Empirum versions prior to 25.5 Matrix42 Empirum versions 26.x prior to 26.2 Description The PBackupVSS.exe component creates a named pipe at '.pipePBackupVSS' with a Discretionary Access Control List DACL that grants GENERIC READ and...
EUVD-2026-39960
The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of the allocation. An...
CVE-2026-49412
The kernel handler for IPV6MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to freed memory. An unprivileged...
BIT-DOTNET-SDK-2026-35433 .NET Elevation of Privilege Vulnerability
Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...
BIT-DOTNET-SDK-2026-32177 .NET Elevation of Privilege Vulnerability
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally...
BIT-DOTNET-SDK-2026-45490 .NET SDK Elevation of Privilege Vulnerability
Improper authorization in .NET allows an authorized attacker to elevate privileges locally...
CVE-2026-0081
In NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48643
In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0063
CVE-2026-0063 affects the Android framework component PhoneInterfaceManager.java, where a logic error in setAllowedCarriers could disable carrier restrictions, enabling local privilege escalation with no additional privileges and no user interaction required. The issue is cataloged as an Elevatio...
CVE-2026-0083
In Nfc::eventCallback of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48617
CVE-2025-48617 affects Android’s CarrierConfigLoader.java, specifically overrideConfig, enabling a permissions/UID check bypass that could cause local privilege escalation with no additional execution privileges required and no user interaction. The vulnerability is tied to a local attack vector ...
PT-2026-50234
In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...